Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Hilfe Verdacht auf BehavesLike

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 13.12.2006, 19:10   #1
Sil-555
 
Hilfe Verdacht auf BehavesLike - Standard

Hilfe Verdacht auf BehavesLike



Hallo Leute
Brauche ein rat und Ihre Hilfe
Mein Bitdefender hat folgendes ausgespukt:

Zusammenfassung:

<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DIRECTPUPH\ImagePath=>C:\WINDOWS\SYSTEM32\DIRECTX.EXE Verdächtig BehavesLike:Win32.AV-Killer
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DIRECTPUPH\DisplayName=>C:\WINDOWS\SYSTEM32\DIRECTX.EXE Verdächtig BehavesLike:Win32.AV-Killer
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\DIRECTPUPH\ImagePath=>C:\WINDOWS\SYSTEM32\DIRECTX.EXE Verdächtig BehavesLike:Win32.AV-Killer
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\DIRECTPUPH\DisplayName=>C:\WINDOWS\SYSTEM32\DIRECTX.EXE Verdächtig BehavesLike:Win32.AV-Killer
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET002\SERVICES\DIRECTPUPH\ImagePath=>C:\WINDOWS\SYSTEM32\DIRECTX.EXE Verdächtig BehavesLike:Win32.AV-Killer
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET002\SERVICES\DIRECTPUPH\DisplayName=>C:\WINDOWS\SYSTEM32\DIRECTX.EXE Verdächtig BehavesLike:Win32.AV-Killer
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MAGNET Entdeckt: magne3t
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MAGNET Gelöscht
<System> Update
C:\Programme\DAEMON Tools\SetupDTSB.exe Entdeckt: Application.Adware.Savenow.G
C:\Programme\DAEMON Tools\SetupDTSB.exe Desinfizieren fehlgeschlagen
C:\Programme\DAEMON Tools\SetupDTSB.exe Verschoben
C:\WINDOWS\Debug\explorer.exe Verdächtig BehavesLike:Win32.AV-Killer
C:\WINDOWS\system32\directx.exe Verdächtig BehavesLike:Win32.AV-Killer
--------------------------------------------------------------------------------
Ist das schlimm oder kann man da mit leben?
und wie bekomme ich es weg?
----------------------------------
habe mein logfile beigefügt:

Logfile of HijackThis v1.99.1
Scan saved at 19:57:51, on 13.12.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\htpatch.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Programme\DAEMON Tools\daemon.exe
C:\Programme\Softwin\BitDefender10\bdmcon.exe
C:\Programme\Softwin\BitDefender10\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\divx.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Programme\FinePixViewer\QuickDCF2.exe
C:\Dokumente und Einstellungen\Sil-555\Startmenü\Programme\Autostart\ppbe.exe
C:\Programme\CyberLink\Shared Files\RichVideo.exe
C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\System32\svchost.exe
F:\Kozöl\eMule-v0.47a\emule.exe
C:\WINDOWS\explorer.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Update Service\livesrv.exe
C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe
C:\Programme\Softwin\BitDefender10\vsserv.exe
C:\Programme\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://w*w.google.de/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {6747781e-d68c-420e-a8ce-590484cd5d9d} - C:\WINDOWS\system32\yiyg.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Übersetzer - {FF284F5C-7CF9-4682-8701-D467C1DBB99F} - C:\Programme\PRMT6\PRMTIE\prmtie.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\Dbox2\LogoViewer\LogoViewer_V040_Setup\TuxBox LogoViewer\MSDXM.OCX
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~2\bdswitch.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programme\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Exif Initializer Ver.1.0] C:\Programme\FUJIFILM\Exif Initializer Ver.1.0\EXIFINIT.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DivX Professional Update] divx.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Programme\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Programme\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\RunServices: [DivX Professional Update] divx.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [DivX Professional Update] divx.exe
O4 - Startup: ppbe.exe
O4 - Global Startup: Adobe Acrobat - Schnellstart.lnk = ?
O4 - Global Startup: Exif Launcher 2.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Programme\PRMT6\PRMTIE\prmtie5.htm
O9 - Extra 'Tools' menuitem: Übersetzen - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Programme\PRMT6\PRMTIE\prmtie5.htm
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Programme\PRMT6\PRMTIE\options.htm
O9 - Extra 'Tools' menuitem: Übersetzungsoptionen anpassen - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Programme\PRMT6\PRMTIE\options.htm
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://w*w.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{148C22FB-064F-49D8-8BB7-C67DCCA2A8B8}: NameServer = 85.255.115.43,85.255.112.185
O17 - HKLM\System\CCS\Services\Tcpip\..\{36F539B1-8CB4-47AD-92CC-493F02CE4566}: NameServer = 85.255.115.43,85.255.112.185
O17 - HKLM\System\CCS\Services\Tcpip\..\{8D1F0864-4C4F-4D7B-979A-127E4ED357E2}: NameServer = 85.255.115.43,85.255.112.185
O17 - HKLM\System\CCS\Services\Tcpip\..\{EEAB8D30-F139-40BE-83E6-8E6FC04D14D0}: NameServer = 85.255.115.43,85.255.112.185
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFD9E18D-4149-4A9E-94E2-A4F4C02A63F7}: NameServer = 85.255.115.43,85.255.112.185
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.43 85.255.112.185
O17 - HKLM\System\CS1\Services\Tcpip\..\{148C22FB-064F-49D8-8BB7-C67DCCA2A8B8}: NameServer = 85.255.115.43,85.255.112.185
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.43 85.255.112.185
O17 - HKLM\System\CS2\Services\Tcpip\..\{148C22FB-064F-49D8-8BB7-C67DCCA2A8B8}: NameServer = 85.255.115.43,85.255.112.185
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.43 85.255.112.185
O20 - Winlogon Notify: ldr64 - ldr64.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe (file missing)
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSched.exe (file missing)
O23 - Service: CyberLink Media Library Service - Unknown owner - C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe (file missing)
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - Unknown owner - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe (file missing)
O23 - Service: DirectX Service (DirectPuph) - Unknown owner - C:\WINDOWS\system32\directx.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Programme\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)


----------------------------------
danke
wenn jemand da rüber was sagen kann....

Geändert von Sil-555 (13.12.2006 um 20:08 Uhr)

Alt 13.12.2006, 19:19   #2
Sunny
Administrator
> Competence Manager
 

Hilfe Verdacht auf BehavesLike - Standard

Hilfe Verdacht auf BehavesLike



Hallo.

Zitat:
Ist das schlimm oder kann man da mit leben?
und wie bekomme ich es weg?
Das kommt ganz draud an, lass folgende Dateien mal bei Virustotal überprüfen. Poste dann das Ergebnis, alles markieren, kopieren und hier in einen Beitrag einfügen:

Zitat:
C:\WINDOWS\system32\divx.exe
C:\WINDOWS\system32\yiyg.dll
C:\Dokumente und Einstellungen\Sil-555\Startmenü\Programme\Autostart\ppbe.exe (<-es sein denn du kennst das Programm/Software)
C:\WINDOWS\SYST EM32\DIRECTX.EXE
Außerdem ist dein Hijacklog nicht vollständig, es fehlt der untere Teil! Bitte erstell ein neues und editiere deinen Beitrag..

Gruß
Sunny
__________________

__________________

Alt 13.12.2006, 21:08   #3
Sil-555
 
Hilfe Verdacht auf BehavesLike - Standard

Hilfe Verdacht auf BehavesLike



STATUS: FINISHED
Complete scanning result of "DivX.dll", received in VirusTotal at 12.13.2006, 20:29:32 (CET).
Antivirus Version Update Result
AntiVir 7.3.0.15 12.13.2006 no virus found
Authentium 4.93.8 12.12.2006 no virus found
Avast 4.7.892.0 12.13.2006 no virus found
AVG 386 12.13.2006 no virus found
BitDefender 7.2 12.13.2006 no virus found
CAT-QuickHeal 8.00 12.13.2006 no virus found
ClamAV devel-20060426 12.13.2006 no virus found
DrWeb 4.33 12.13.2006 no virus found
eSafe 7.0.14.0 12.13.2006 no virus found
eTrust-InoculateIT 23.73.84 12.13.2006 no virus found
eTrust-Ve 30.3.3248 12.13.2006 no virus found
Ewido 4.0 12.13.2006 no virus found
Fortinet2.82.0.0 12.13.2006 no virus found
F-Prot 3.16f 12.12.2006 no virus found
F-Prot4 4.2.1.29 12.13.2006 no virus found
Ikarus T3.1.0.26 12.13.2006 no virus found
Kaspersky 4.0.2.24 12.13.2006 no virus found
McAfee 4918 12.13.2006 no virus found
Microsoft 1.1804 12.13.2006 no virus found
NOD32v2 1919 12.13.2006 no virus found
Norman 5.80.02 12.13.2006 no virus found
Panda 9.0.0.4 12.13.2006 Suspicious file
Prevx1 V2 12.13.2006 no virus found
Sophos 4.12.0 12.13.2006 no virus found
Sunbelt 2.2.907.0 11.30.2006 VIPRE.Suspicious
TheHacker 6.0.3.131 12.10.2006 no virus found
UNA 1.83 12.13.2006 no virus found
VBA32 3.11.1 12.12.2006 no virus found
VirusBuster 4.3.15:9 12.13.2006 no virus found
-----------------------------------------------------------------------

STATUS: FINISHED
Complete scanning result of "yiyg.dll", received in VirusTotal at 12.13.2006, 20:37:52 (CET).
Antivirus Version Update Result
AntiVir 7.3.0.15 12.13.2006 TR/Spy.Agen.10717.A
Authentium 4.93.8 12.12.2006 no virus found
Avast 4.7.892.0 12.13.2006 no virus found
AVG 386 12.13.2006 no virus found
BitDefender 7.2 12.13.2006 no virus found
CAT-QuickHeal 8.00 12.13.2006 no virus found
ClamAV devel-20060426 12.13.2006 no virus found
DrWeb 4.33 12.13.2006 no virus found
eSafe 7.0.14.0 12.13.2006 no virus found
eTrust-InoculateIT 23.73.84 12.13.2006 no virus found
eTrust-Vet 30.3.3248 12.13.2006 no virus found
Ewido 4.0 12.13.2006 no virus found
Fortinet 2.82.0.0 12.13.2006 no virus found
F-Prot 3.16f 12.12.2006 no virus found
F-Prot4 4.2.1.29 12.13.2006 no virus found
Ikarus T3.1.0.26 12.13.2006 no virus found
Kaspersky 4.0.2.24 12.13.2006 no virus found
McAfee 4918 12.13.2006 no virus found
Microsoft 1.1804 12.13.2006 no virus found
NOD32v2 1919 12.13.2006 no virus found
Norman 5.80.02 12.13.2006 no virus found
Panda 9.0.0.4 12.13.2006 no virus found
Prevx1 V2 12.13.2006 no virus found
Sophos 4.12.0 12.13.2006 no virus found
Sunbelt 2.2.907.0 11.30.2006 no virus found
TheHacker 6.0.3.131 12.10.2006 no virus found
UNA 1.83 12.13.2006 no virus found
VBA32 3.11.1 12.12.2006 no virus found
VirusBuster 4.3.15:9 12.13.2006 no virus found
----------------------------------------------------------------

STATUS: FINISHED
Complete scanning result of "divx.exe", received in VirusTotal at 12.13.2006, 20:43:25 (CET).
Antivirus Version Update Result
AntiVir 7.3.0.15 12.13.2006 no virus found
Authentium 4.93.8 12.12.2006 no virus found
Avast 4.7.892.0 12.13.2006 no virus found
AVG 386 12.13.2006 no virus found
BitDefender 7.2 12.13.2006 no virus found
CAT-QuickHeal 8.00 12.13.2006 no virus found
ClamAV devel-20060426 12.13.2006 no virus found
DrWeb 4.33 12.13.2006 no virus found
eSafe 7.0.14.0 12.13.2006 no virus found
eTrust-InoculateIT 23.73.84 12.13.2006 no virus found
eTrust-Vet 30.3.3248 12.13.2006 no virus found
Ewido 4.0 12.13.2006 no virus found
Fortinet 2.82.0.0 12.13.2006 suspicious
F-Prot 3.16f 12.13.2006 no virus found
F-Prot4 4.2.1.29 12.13.2006 no virus found
Ikarus T3.1.0.26 12.13.2006 no virus found
Kaspersky 4.0.2.24 12.13.2006 no virus found
McAfee 4918 12.13.2006 no virus found
Microsoft 1.1804 12.13.2006 no virus found
NOD32v2 1919 12.13.2006 no virus found
Norman 5.80.02 12.13.2006 no virus found
Panda 9.0.0.4 12.13.2006 W32/Gaobot.JAR.worm
Prevx1 V2 12.13.2006 no virus found
Sophos 4.12.0 12.13.2006 no virus found
Sunbelt 2.2.907.0 11.30.2006 VIPRE.Suspicious
TheHacker 6.0.3.131 12.10.2006 no virus found
UNA 1.83 12.13.2006 no virus found
VBA32 3.11.1 12.12.2006 suspected of Trojan-PSW.LdPinch.36 (paranoid heuristics)
VirusBuster 4.3.15:9 12.13.2006 no virus found
-----------------------------------------------------------------

STATUS: FINISHED
Complete scanning result of "ppbe.exe", received in VirusTotal at 12.13.2006, 20:46:50 (CET).
Antivirus Version Update Result
AntiVir 7.3.0.15 12.13.2006 TR/Spy.Agen.10717.B
Authentium 4.93.8 12.12.2006 no virus found
Avast 4.7.892.0 12.13.2006 no virus found
AVG 386 12.13.2006 no virus found
BitDefender 7.2 12.13.2006 no virus found
CAT-QuickHeal 8.00 12.13.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 12.13.2006 no virus found
DrWeb 4.33 12.13.2006 no virus found
eSafe 7.0.14.0 12.13.2006 Suspicious Trojan/Worm
eTrust-InoculateIT 23.73.84 12.13.2006 no virus found
eTrust-Vet 30.3.3248 12.13.2006 no virus found
Ewido 4.0 12.13.2006 no virus found
Fortinet 2.82.0.0 12.13.2006 suspicious
F-Prot 3.16f 12.13.2006 no virus found
F-Prot4 4.2.1.29 12.13.2006 no virus found
Ikarus T3.1.0.26 12.13.2006 no virus found
Kaspersky 4.0.2.24 12.13.2006 no virus found
McAfee 4918 12.13.2006 no virus found
Microsoft 1.1804 12.13.2006 no virus found
NOD32v2 1919 12.13.2006 no virus found
Norman 5.80.02 12.13.2006 no virus found
Panda 9.0.0.4 12.13.2006 no virus found
Prevx1 V2 12.13.2006 no virus found
Sophos 4.12.0 12.13.2006 Mal/Packer
Sunbelt 2.2.907.0 11.30.2006 VIPRE.Suspicious
TheHacker 6.0.3.131 12.10.2006 no virus found
UNA 1.83 12.13.2006 no virus found
VBA32 3.11.1 12.12.2006 no virus found
VirusBuster 4.3.15:9 12.13.2006 no virus found
-------------------------------------------------------------

STATUS: FINISHED
Complete scanning result of "DIRECTX.EXE", received in VirusTotal at 12.13.2006, 20:49:58 (CET).
Antivirus Version Update Result
AntiVir 7.3.0.15 12.13.2006 no virus found
Authentium 4.93.8 12.12.2006 no virus found
Avast 4.7.892.0 12.13.2006 no virus found
AVG 386 12.13.2006 no virus found
BitDefender 7.2 12.13.2006 no virus found
CAT-QuickHeal 8.00 12.13.2006 no virus found
ClamAV devel-20060426 12.13.2006 no virus found
DrWeb 4.33 12.13.2006 no virus found
eSafe 7.0.14.0 12.13.2006 no virus found
eTrust-InoculateIT 23.73.84 12.13.2006 no virus found
eTrust-Vet 30.3.3248 12.13.2006 no virus found
Ewido 4.0 12.13.2006 no virus found
Fortinet 2.82.0.0 12.13.2006 no virus found
F-Prot 3.16f 12.13.2006 no virus found
F-Prot4 4.2.1.29 12.13.2006 no virus found
Ikarus T3.1.0.26 12.13.2006 no virus found
Kaspersky 4.0.2.24 12.13.2006 no virus found
McAfee 4918 12.13.2006 no virus found
Microsoft 1.1804 12.13.20 06 no virus found
NOD32v2 1919 12.13.2006 no virus found
Norman 5.80.02 12.13.2006 no virus found
Panda 9.0.0.4 12.13.2006 no virus found
Prevx1 V2 12.13.2006 no virus found
Sophos 4.12.0 12.13.2006 no virus found
Sunbelt 2.2.907.0 11.30.2006 no virus found
TheHacker 6.0.3.131 12.10.2006 no virus found
UNA 1.83 12.13.2006 no virus found
VBA32 3.11.1 12.12.2006 no virus found
VirusBuster 4.3.15:9 12.13.2006 no virus found
----------------------------------

Ich kenne das progi nicht ppbe.exe
__________________

Alt 14.12.2006, 17:48   #4
Sil-555
 
Hilfe Verdacht auf BehavesLike - Standard

Hilfe Verdacht auf BehavesLike



To [Gc]Sunny
Entschuldige das ich mich nicht für die antwort bedankt hatte
Das ging so schnell. Ich war geschockt. Habe es nicht erwartet .
Danke.

Alt 14.12.2006, 18:16   #5
myrtille
/// TB-Ausbilder
 
Hilfe Verdacht auf BehavesLike - Standard

Hilfe Verdacht auf BehavesLike



Hi,
ich fürchte du wirst die ganzen Dateien nochmal scannen müssen, zumindest die, bei denen kein Virus gefunden wurde.
Es ist wichtig zu wissen wie groß die gescannten Dateien sind. Wenn du das also bitte nochmal machen könntest.

lg myrtille


Alt 14.12.2006, 19:34   #6
Sil-555
 
Hilfe Verdacht auf BehavesLike - Standard

Hilfe Verdacht auf BehavesLike



Bitte hier noch einmal


STATUS: FINISHED
Complete scanning result of "divx.exe", received in VirusTotal at 12.14.2006, 18:46:08 (CET).
Antivirus Version Update Result
AntiVir -no virus found
Authentium -no virus found
Avast -no virus found
AVG -no virus found
BitDefender -no virus found
CAT-QuickHeal -no virus found
ClamAV devel -no virus found
DrWeb -no virus found
eSafe -no virus found
eTrust-InoculateIT -no virus found
eTrust-Vet -no virus found
Ewido -no virus found
Fortinet -suspicious
F-Prot -no virus found
F-Prot4 -no virus found
Ikarus -no virus found
Kaspersky -no virus found
McAfee 4919 -no virus found
Microsoft -no virus found
NOD32v2 -no virus found
Norman -no virus found
Panda -W32/Gaobot.JAR.worm
Prevx1 -no virus found
Sophos -no virus found
Sunbelt -VIPRE.Suspicious
TheHacker -no virus found
UNA -no virus found
VBA32 -suspected of Trojan-PSW.LdPinch.36 (paranoid heuristics)
VirusBuster -no virus found
Aditional Information
File size: 1571328 bytes
MD5: 3055bfc3a414e5ad0c2aa54aeb9cfc8e
SHA1: 69ef0496e6845c4252edbfb0159e3b509b9547c8
packers: Themida
------------------------------------------------
STATUS: FINISHED
Complete scanning result of "yiyg.dll", received in VirusTotal at 12.14.2006, 18:53:13 (CET).
Antivirus -Version Update Result
AntiVir -TR/Spy.Agen.10717.A
Authentium - no virus found
Avast -no virus found
AVG -no virus found
BitDefender -no virus found
CAT-QuickHeal - no virus found
ClamAV devel- no virus found
DrWeb -no virus found
eSafe -no virus found
eTrust-InoculateIT - no virus found
eTrust-Vet -no virus found
Ewido 4.0 -no virus found
Fortinet -no virus found
F-Prot 3.16f -no virus found
F-Prot4 - no virus found
Ikarus - no virus found
Kaspersky -no virus found
McAfee 4919 -no virus found
Microsoft -no virus found
NOD32v2 1921 -no virus found
Norman -no virus found
Panda -no virus found
Prevx1 V2 -no virus found
Sophos -no virus found
Sunbelt -no virus found
TheHacker -no virus found
UNA - no virus found
VBA32 - no virus found
VirusBuster - no virus found
Aditional Information
File size: 12288 bytes
MD5: 0ebbb41ca4ab30c79ce4d894fe302419
SHA1: e0fc4c2cedcef6d4ef6258214a745273f4cc693d
---------------------------------------------------
STATUS: FINISHED
Complete scanning result of "ppbe.exe", received in VirusTotal at 12.14.2006, 19:01:50 (CET).
Antivirus Version Update Result
AntiVir - TR/Spy.Agen.10717.B
Authentium - no virus found
Avast - no virus found
AVG - no virus found
BitDefender - no virus found
CAT-QuickHeal -(Suspicious) - DNAScan
ClamAV devel-- no virus found
DrWeb - no virus found
eSafe - Suspicious TrojAn/Worm
eTrust-InoculateIT -no virus found
eTrust-Vet - no virus found
Ewido - no virus found
Fortinet -suspicious
F-Prot - no virus found
F-Prot4 - no virus found
Ikarus - no virus found
Kaspersky - no virus found
McAfee - no virus found
Microsoft - no virus found
NOD32v2 - no virus found
Norman - no virus found
Panda - no virus found
Prevx1 - no virus found
Sophos - Mal/Packer
Sunbelt - VIPRE.Suspicious
TheHacker - no virus found
UNA -no virus found
VBA32 -no virus found
VirusBuster -no virus found
Aditional Information
File size: 10717 bytes
MD5: 73c3f06d6724d237d8892c053b45a75f
SHA1: 159e504b2b656fb1c3158ce9e9db485a2219c930
packers: FSG
packers: FSG
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.
------------------------------------------

STATUS: FINISHED
Complete scanning result of "DIRECTX.EXE", received in VirusTotal at 12.14.2006, 19:06:40 (CET).
Antivirus Version Update Result
AntiVir - no virus found
Authentium - no virus found
Avast - no virus found
AVG - no virus found
BitDefender - no virus found
CAT-QuickHeal - no virus found
ClamAV devel-- no virus found
DrWeb - no virus found
eSafe - no virus found
eTrust-InoculateIT - no virus found
eTrust-Vet - no virus found
Ewido - no virus found
Fortinet - no virus found
F-Prot - no virus found
F-Prot4 - no virus found
Ikarus - no virus found
Kaspersky - no virus found
McAfee - no virus found
Microsoft - no virus found
NOD32v2 - no virus found
Norman - no virus found
Panda - no virus found
Prevx1 - no virus found
Sophos - no virus found
Sunbelt - no virus found
TheHacker - no virus found
UNA - no virus found
VBA32 - no virus found
VirusBuster - no virus found
Aditional Information
File size: 0 bytes
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709

komisch die DIRECTX.EXE hat hier 0 bytes
aber auf dem daten träger 60,0 kb
und läst sich nicht kopieren
die quelldatei kann nicht gelesen werden

Antwort

Themen zu Hilfe Verdacht auf BehavesLike
adobe, askbar, bho, bitdefender, controlset002, cyberlink, dateien, defender, desktop, drivers, einstellungen, excel, hijack, hijackthis, hotkey, internet, internet explorer, konvertieren, logfile, microsoft, pdf, pdf-datei, programme, server, software, system, tuneup utilities, virus, windows, windows xp



Ähnliche Themen: Hilfe Verdacht auf BehavesLike


  1. BehavesLike:BAT.Delete (B)
    Plagegeister aller Art und deren Bekämpfung - 18.12.2013 (5)
  2. Heuristic.BehavesLike.Win32.Trojan.H auf Win2003 Server
    Plagegeister aller Art und deren Bekämpfung - 23.06.2010 (21)
  3. Heuristic.BehavesLike.Win32.Suspicious.H in Datei
    Plagegeister aller Art und deren Bekämpfung - 28.02.2010 (3)
  4. hilfe virus verdacht und spiele acc gehackt
    Log-Analyse und Auswertung - 04.10.2009 (1)
  5. Virus Verdacht, bitte um Hilfe!!!
    Log-Analyse und Auswertung - 06.08.2009 (0)
  6. brauche hilfe..verdacht auf zwei trojaner
    Mülltonne - 06.01.2009 (0)
  7. Hilfe!!!! Verdacht auf Hacker, Trojaner, Viren
    Log-Analyse und Auswertung - 28.09.2008 (4)
  8. Trojaner Verdacht - Bitte um Hilfe bei Logauswertung
    Log-Analyse und Auswertung - 22.11.2007 (5)
  9. brauche hilfe bei viren-verdacht
    Plagegeister aller Art und deren Bekämpfung - 20.10.2007 (3)
  10. Win32.Malware.BehavesLike
    Plagegeister aller Art und deren Bekämpfung - 12.07.2007 (5)
  11. HILFE!!!Computer ist langsam Verdacht auf Trojaner
    Log-Analyse und Auswertung - 13.06.2007 (3)
  12. Anfänger hat Verdacht auf Trojaner! Bitte um Hilfe
    Log-Analyse und Auswertung - 21.04.2007 (8)
  13. Behaveslike
    Plagegeister aller Art und deren Bekämpfung - 05.11.2006 (3)
  14. Verdacht auf Trojaner bitte um Hilfe
    Log-Analyse und Auswertung - 10.10.2006 (3)
  15. Ich brauche Hilfe (Verdacht auf Virenparty auf meinem PC)
    Plagegeister aller Art und deren Bekämpfung - 15.06.2005 (4)
  16. Verdacht auf unbekannten Backdoor-Trojaner: Bitte um Hilfe !
    Plagegeister aller Art und deren Bekämpfung - 15.05.2005 (1)
  17. Hilfe, trojaner Win32.realtens.e und behaveslike.Trojaner
    Plagegeister aller Art und deren Bekämpfung - 18.11.2004 (1)

Zum Thema Hilfe Verdacht auf BehavesLike - Hallo Leute Brauche ein rat und Ihre Hilfe Mein Bitdefender hat folgendes ausgespukt: Zusammenfassung: <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DIRECTPUPH\ImagePath=>C:\WINDOWS\SYSTEM32\DIRECTX.EXE Verdächtig BehavesLike:Win32.AV-Killer <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DIRECTPUPH\DisplayName=>C:\WINDOWS\SYSTEM32\DIRECTX.EXE Verdächtig BehavesLike:Win32.AV-Killer <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\DIRECTPUPH\ImagePath=>C:\WINDOWS\SYSTEM32\DIRECTX.EXE Verdächtig BehavesLike:Win32.AV-Killer <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\DIRECTPUPH\DisplayName=>C:\WINDOWS\SYSTEM32\DIRECTX.EXE Verdächtig BehavesLike:Win32.AV-Killer <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET002\SERVICES\DIRECTPUPH\ImagePath=>C:\WINDOWS\SYSTEM32\DIRECTX.EXE Verdächtig BehavesLike:Win32.AV-Killer <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET002\SERVICES\DIRECTPUPH\DisplayName=>C:\WINDOWS\SYSTEM32\DIRECTX.EXE - Hilfe Verdacht auf BehavesLike...
Archiv
Du betrachtest: Hilfe Verdacht auf BehavesLike auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.