System error, attention, user

GueffHELL · 10.07.2008, 21:01

Von Process2CPU:

Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.7.10.0 2008.07.10 -
AntiVir 7.8.0.64 2008.07.10 -
Authentium 5.1.0.4 2008.07.10 -
Avast 4.8.1195.0 2008.07.09 -
AVG 7.5.0.516 2008.07.10 -
BitDefender 7.2 2008.07.10 -
CAT-QuickHeal 9.50 2008.07.10 -
ClamAV 0.93.1 2008.07.10 -
DrWeb 4.44.0.09170 2008.07.10 -
eSafe 7.0.17.0 2008.07.09 -
eTrust-Vet 31.6.5943 2008.07.10 -
Ewido 4.0 2008.07.10 -
F-Prot 4.4.4.56 2008.07.10 -
F-Secure 7.60.13501.0 2008.07.10 -
Fortinet 3.14.0.0 2008.07.10 -
GData 2.0.7306.1023 2008.07.10 -
Ikarus T3.1.1.26.0 2008.07.10 -
Kaspersky 7.0.0.125 2008.07.10 -
McAfee 5335 2008.07.09 -
Microsoft 1.3704 2008.07.10 -
NOD32v2 3258 2008.07.10 -
Norman 5.80.02 2008.07.10 -
Panda 9.0.0.4 2008.07.10 Suspicious file
Prevx1 V2 2008.07.10 -
Rising 20.52.32.00 2008.07.10 -
Sophos 4.31.0 2008.07.10 -
Sunbelt 3.1.1509.1 2008.07.04 -
Symantec 10 2008.07.10 -
TheHacker 6.2.96.374 2008.07.07 -
TrendMicro 8.700.0.1004 2008.07.10 -
VBA32 3.12.6.9 2008.07.10 suspected of Backdoor.XiaoBird.28 (paranoid heuristics)
VirusBuster 4.5.11.0 2008.07.10 -
Webwasher-Gateway 6.6.2 2008.07.10 Virus.Win32.FileInfector.gen!90 (suspicious)
weitere Informationen
File size: 772096 bytes
MD5...: a6c78df3f30fe1187e01ac9120d1281c
SHA1..: 0be5271bb1c5b4c02565bba84252ca1afdacd73f
SHA256: 08f5960fe486e09f5a08acf1bfce3bf2f9e63d9d51e8049ae298782040da2188
SHA512: 36efe113d0a598f55ba39503513d7fb6e82f93b453ddc8a766c9e059eb88de99
2d9d8bcbbd3d0c88c604bc9584de23fc511d69ca0b10ed24ce6fae13cb60c3b9
PEiD..: -
PEInfo: PE Structure information

Von AswBHO.dll:

Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.7.10.0 2008.07.10 -
AntiVir 7.8.0.64 2008.07.10 -
Authentium 5.1.0.4 2008.07.10 -
Avast 4.8.1195.0 2008.07.09 -
AVG 7.5.0.516 2008.07.10 -
BitDefender 7.2 2008.07.10 -
CAT-QuickHeal 9.50 2008.07.09 -
ClamAV 0.93.1 2008.07.10 -
DrWeb 4.44.0.09170 2008.07.10 -
eSafe 7.0.17.0 2008.07.09 -
eTrust-Vet 31.6.5943 2008.07.10 -
Ewido 4.0 2008.07.10 -
F-Prot 4.4.4.56 2008.07.10 -
F-Secure 7.60.13501.0 2008.07.10 -
Fortinet 3.14.0.0 2008.07.10 -
GData 2.0.7306.1023 2008.07.10 -
Ikarus T3.1.1.26.0 2008.07.10 -
Kaspersky 7.0.0.125 2008.07.10 -
McAfee 5335 2008.07.09 -
Microsoft 1.3704 2008.07.10 Trojan:Win32/Zlob.AQ.dll
NOD32v2 3258 2008.07.10 -
Norman 5.80.02 2008.07.10 -
Panda 9.0.0.4 2008.07.09 -
Prevx1 V2 2008.07.10 -
Rising 20.52.32.00 2008.07.10 -
Sophos 4.31.0 2008.07.10 -
Sunbelt 3.1.1509.1 2008.07.04 -
Symantec 10 2008.07.10 -
TheHacker 6.2.96.374 2008.07.07 -
TrendMicro 8.700.0.1004 2008.07.10 -
VBA32 3.12.6.9 2008.07.10 -
VirusBuster 4.5.11.0 2008.07.10 -
Webwasher-Gateway 6.6.2 2008.07.10 -
weitere Informationen
File size: 180224 bytes
MD5...: 9329aea7203e4698729c5c27acbe8009
SHA1..: 576b0c8eab465b2c843acc681affba93b457f9e4
SHA256: 86af163ed0823bb150e565d643765ba502a0635a00332e6370b63bda5d90e2e0
SHA512: 41ac104489876179db4b9d9204b9d7eddb6779ec0d3f10633bd43cfe6955c260
5a83aefd20b05e223f4b2bd79b64bb06c8f270f3b468272d4992e536ac2a4755
PEiD..: -
PEInfo: PE Structure information

Von RichVideo:

Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.7.10.0 2008.07.10 -
AntiVir 7.8.0.64 2008.07.10 -
Authentium 5.1.0.4 2008.07.10 -
Avast 4.8.1195.0 2008.07.09 -
AVG 7.5.0.516 2008.07.10 -
BitDefender 7.2 2008.07.10 -
CAT-QuickHeal 9.50 2008.07.10 -
ClamAV 0.93.1 2008.07.10 -
DrWeb 4.44.0.09170 2008.07.10 -
eSafe 7.0.17.0 2008.07.09 -
eTrust-Vet 31.6.5943 2008.07.10 -
Ewido 4.0 2008.07.10 -
F-Prot 4.4.4.56 2008.07.10 -
F-Secure 7.60.13501.0 2008.07.10 -
Fortinet 3.14.0.0 2008.07.10 -
GData 2.0.7306.1023 2008.07.10 -
Ikarus T3.1.1.26.0 2008.07.10 -
Kaspersky 7.0.0.125 2008.07.10 -
McAfee 5335 2008.07.09 -
Microsoft 1.3704 2008.07.10 -
NOD32v2 3258 2008.07.10 -
Norman 5.80.02 2008.07.10 -
Panda 9.0.0.4 2008.07.10 -
Prevx1 V2 2008.07.10 -
Rising 20.52.32.00 2008.07.10 -
Sophos 4.31.0 2008.07.10 -
Sunbelt 3.1.1509.1 2008.07.04 -
Symantec 10 2008.07.10 -
TheHacker 6.2.96.374 2008.07.07 -
TrendMicro 8.700.0.1004 2008.07.10 -
VBA32 3.12.6.9 2008.07.10 -
VirusBuster 4.5.11.0 2008.07.10 -
Webwasher-Gateway 6.6.2 2008.07.10 -
weitere Informationen
Tamano archivo: 229376 bytes
MD5...: 9fbc8bab5c0c9962399c6e06943fe8e5
SHA1..: 7cb3201b61513f254c96f2d02eb78583475b4c82
SHA256: e87aeb18981b0e7c66acd30e03f416a21b3f80a5930f4affe80234764731a3fe
SHA512: 337080a5b0c10eb8ca3c2156b0a9121015a1a8bfed0121dbbea705d26b2bad43
ec6cb1cce79dfdaccf2a4c6b4d1e23343d499d29deb77b397a214ee7c537a02b
PEiD..: -
PEInfo: PE Structure information

Hier von Malwarebytes:

Malwarebytes' Anti-Malware 1.20
Datenbank Version: 937
Windows 5.1.2600 Service Pack 2

22:00:27 10.07.2008
mbam-log-7-10-2008 (22-00-27).txt

Scan Art: Komplett Scan (C:\|D:\|)
Objekte gescannt: 108377
Scan Dauer: 18 minute(s), 32 second(s)

Infizierte Speicher Prozesse: 0
Infizierte Speicher Module: 1
Infizierte Registrierungsschlüssel: 13
Infizierte Registrierungswerte: 1
Infizierte Datei Objekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3

Infizierte Speicher Prozesse:
(Keine Malware Objekte gefunden)

Infizierte Speicher Module:
C:\WINDOWS\system32\AswBHO.dll (Trojan.BHO) -> Unloaded module successfully.

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\aswbho.aswplugin (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{f8ade252-1bba-4fc0-8a0c-3e6e164e13c8} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{284aaad9-fdf9-49a3-93ed-9cae4aa26805} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{284aaad9-fdf9-49a3-93ed-9cae4aa26805} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bb3b8af6-8886-4525-aae9-339da17e23c7} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\aswbho.aswplugin.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\richvideocodec.videocodec (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0ef350a6-8af0-40b5-ade7-cb82fd02c3ae} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35da02a8-1d27-43eb-8088-3210521aa154} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4b2dbc9d-7d49-48f4-8ddc-1b15415ff253} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{926a61c9-5c20-4583-aca7-ace21088816e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{926a61c9-5c20-4583-aca7-ace21088816e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\richvideocodec.videocodec.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\TWUNK_16.EXE (Trojan.Agent) -> Quarantined and deleted successfully.

Infizierte Datei Objekte der Registrierung:
(Keine Malware Objekte gefunden)

Infizierte Verzeichnisse:
(Keine Malware Objekte gefunden)

Infizierte Dateien:
C:\WINDOWS\system32\AswBHO.dll (Trojan.BHO) -> Delete on reboot.
C:\WINDOWS\system32\RichVideoCodec.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TWUNK_16.EXE (Trojan.Agent) -> Quarantined and deleted successfully.

System error, attention, user

Plagegeister aller Art und deren Bekämpfung: System error, attention, user

System error, attention, user

Ähnliche Themen: System error, attention, user