| |
| |||||||
Log-Analyse und Auswertung: TR/Spy.Lurk.21 und JAVA/Jogek.auk.1 mehrfach gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
08.05.2013, 14:22
| #1 | ||
| /// Helfer-Team  |  TR/Spy.Lurk.21 und JAVA/Jogek.auk.1 mehrfach gefundenZitat:
Nebenbei empfehlen wir Malwarebytes Anti-Malware. Zitat:
...wegen der Langsamkeit des Rechners, schauen wir noch mal nach:
Code:
ATTFilter reg query "HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0" /c
reg query "HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}" /s /c
|
|
08.05.2013, 15:06
| #2 |
 | TR/Spy.Lurk.21 und JAVA/Jogek.auk.1 mehrfach gefunden Tja, jetzt habe ich beim ersten Scan übersehen, dass da Extra Registrierung auf Benutze Safe-List hätte stehen sollen. War Aus auch OK? Sonst den Ablauf halt nochmal.
__________________OTL Logfile: OTL Logfile: Code:
ATTFilter OTL logfile created on: 08.05.2013 16:01:09 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\DVB.VIKTOR-3\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1023,23 Mb Total Physical Memory | 636,88 Mb Available Physical Memory | 62,24% Memory free
4,90 Gb Paging File | 4,54 Gb Available in Paging File | 92,62% Paging File free
Paging file location(s): D:\pagefile.sys 4096 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 40,00 Gb Total Space | 9,32 Gb Free Space | 23,29% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 2,94 Gb Free Space | 29,39% Space Free | Partition Type: NTFS
Drive E: | 415,75 Gb Total Space | 1,64 Gb Free Space | 0,39% Space Free | Partition Type: NTFS
Computer Name: VIKTOR-3 | User Name: DVB | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
========== Custom Scans ==========
< reg query "HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\HARDWARE\DEVICEMAP\SCSI\SCSI PORT 0
DMAEnabled REG_DWORD 0x0
Driver REG_SZ atapi
< reg query "HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}" /s /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}
Class REG_SZ hdc
<NO NAME> REG_SZ IDE ATA/ATAPI-Controller
Icon REG_SZ -9
Installer32 REG_SZ SysSetup.Dll,HdcClassInstaller
TroubleShooter-0 REG_SZ hcp://help/tshoot/tsdrive.htm
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0000
InfPath REG_SZ ich5ide.inf
InfSection REG_SZ intelide
ProviderName REG_SZ Intel
DriverDateData REG_BINARY 00C0F30B29BCC201
DriverDate REG_SZ 1-15-2003
DriverVersion REG_SZ 5.0.1007.0
MatchingDeviceId REG_SZ pci\ven_8086&dev_24d1
DriverDesc REG_SZ Intel(R) 82801EB Ultra ATA Storage Controllers
MasterOnMask REG_DWORD 0x80
MasterOnConfigOffset REG_DWORD 0x41
SlaveOnMask REG_DWORD 0x80
SlaveOnConfigOffset REG_DWORD 0x43
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0001
InfPath REG_SZ ich5ide.inf
InfSection REG_SZ intelide
ProviderName REG_SZ Intel
DriverDateData REG_BINARY 00C0F30B29BCC201
DriverDate REG_SZ 1-15-2003
DriverVersion REG_SZ 5.0.1007.0
MatchingDeviceId REG_SZ pci\ven_8086&dev_24db
DriverDesc REG_SZ Intel(R) 82801EB Ultra ATA Storage Controllers
MasterOnMask REG_DWORD 0x80
MasterOnConfigOffset REG_DWORD 0x41
SlaveOnMask REG_DWORD 0x80
SlaveOnConfigOffset REG_DWORD 0x43
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0002
EnumPropPages32 REG_SZ storprop.dll,IdePropPageProvider
InfPath REG_SZ mshdc.inf
InfSection REG_SZ atapi_Inst_primary
ProviderName REG_SZ Microsoft
DriverDateData REG_BINARY 008062C5C001C101
DriverDate REG_SZ 7-1-2001
DriverVersion REG_SZ 5.1.2600.1106
MatchingDeviceId REG_SZ primary_ide_channel
DriverDesc REG_SZ Primärer IDE-Kanal
MasterDeviceType REG_DWORD 0x0
SlaveDeviceType REG_DWORD 0x0
MasterDeviceTimingMode REG_DWORD 0x0
SlaveDeviceTimingMode REG_DWORD 0x0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0003
EnumPropPages32 REG_SZ storprop.dll,IdePropPageProvider
InfPath REG_SZ mshdc.inf
InfSection REG_SZ atapi_Inst_secondary
ProviderName REG_SZ Microsoft
DriverDateData REG_BINARY 008062C5C001C101
DriverDate REG_SZ 7-1-2001
DriverVersion REG_SZ 5.1.2600.1106
MatchingDeviceId REG_SZ secondary_ide_channel
DriverDesc REG_SZ Sekundärer IDE-Kanal
MasterDeviceType REG_DWORD 0x2
SlaveDeviceType REG_DWORD 0x0
MasterDeviceTimingMode REG_DWORD 0x10
SlaveDeviceTimingMode REG_DWORD 0x0
SlaveDeviceTimingModeAllowed REG_DWORD 0xffffffff
SlaveIdDataCheckSum REG_DWORD 0x879b
SlaveDeviceDetectionTimeout REG_DWORD 0x1
MasterDeviceTimingModeAllowed REG_DWORD 0xffffffff
MasterIdDataCheckSum REG_DWORD 0xc397
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0004
EnumPropPages32 REG_SZ storprop.dll,IdePropPageProvider
InfPath REG_SZ mshdc.inf
InfSection REG_SZ atapi_Inst_primary
ProviderName REG_SZ Microsoft
DriverDateData REG_BINARY 008062C5C001C101
DriverDate REG_SZ 7-1-2001
DriverVersion REG_SZ 5.1.2600.1106
MatchingDeviceId REG_SZ primary_ide_channel
DriverDesc REG_SZ Primärer IDE-Kanal
MasterDeviceType REG_DWORD 0x1
SlaveDeviceType REG_DWORD 0x0
SlaveDeviceDetectionTimeout REG_DWORD 0x1
MasterDeviceTimingMode REG_DWORD 0x10
MasterDeviceTimingModeAllowed REG_DWORD 0x1f
MasterIdDataCheckSum REG_DWORD 0x5c55
SlaveDeviceTimingMode REG_DWORD 0x0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0005
EnumPropPages32 REG_SZ storprop.dll,IdePropPageProvider
InfPath REG_SZ mshdc.inf
InfSection REG_SZ atapi_Inst_secondary
ProviderName REG_SZ Microsoft
DriverDateData REG_BINARY 008062C5C001C101
DriverDate REG_SZ 7-1-2001
DriverVersion REG_SZ 5.1.2600.1106
MatchingDeviceId REG_SZ secondary_ide_channel
DriverDesc REG_SZ Sekundärer IDE-Kanal
MasterDeviceType REG_DWORD 0x0
SlaveDeviceType REG_DWORD 0x0
MasterDeviceTimingMode REG_DWORD 0x0
SlaveDeviceTimingMode REG_DWORD 0x0
SlaveDeviceDetectionTimeout REG_DWORD 0x1
MasterDeviceTimingModeAllowed REG_DWORD 0xffffffff
MasterIdDataCheckSum REG_DWORD 0x17145
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties
< >
< End of report >
--- --- --- Schon mal DANKE |
|
| Themen zu TR/Spy.Lurk.21 und JAVA/Jogek.auk.1 mehrfach gefunden |
| avira, dateien, e-banking, einstellungen, eudora, exp/cve-2012-0507.a.1051, fehler, fehlermeldung, firefox, geliefert, infiziert, infizierte, internetseite, java/jogek.auk.1, logfile, modul, neustart, online banking, programm, programme, prozess, seiten, tr/spy.lurk.21, tr/spy.lurk.21 in starmoney, trojaner, warnung |
Textbox.
Hybrid-Darstellung
