| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Aus sicherheitsgründen ist ihr Windowssystem blockiert.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
22.11.2011, 21:03
| #10 |
| |  Aus sicherheitsgründen ist ihr Windowssystem blockiert. Also hier ist schon mal dieser shell (: WIN_7 X86 Running from F:\ HKLM\..\Winlogon; Shell = explorer.exe [ Microsoft Corporation ] . . . HKCU\..\Winlogon; Shell not found . [System Process] System smss.exe csrss.exe wininit.exe csrss.exe services.exe winlogon.exe lsass.exe lsm.exe svchost.exe svchost.exe svchost.exe svchost.exe svchost.exe svchost.exe cmd.exe conhost.exe ctfmon.exe srep.exe cmd.exe conhost.exe srep.exe HKLM\..\Run [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s HKLM\..\Run [QuickTime Task] = "C:\Program Files\QuickTime\QTTask.exe" -atboottime HKLM\..\Run [IMBooster] = C:\Program Files\Iminent\IMBooster\imbooster.exe /warmup HKLM\..\Run [] = HKLM\..\Run [ApnUpdater] = "C:\Program Files\Ask.com\Updater\Updater.exe" HKLM\..\Run [SunJavaUpdateSched] = "C:\Program Files\Common Files\Java\Java Update\jusched.exe" HKLM\..\Run [avgnt] = "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min HKCU\..\Run [msnmsgr] = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKCU\..\Run [Google Update] = "C:\Users\Edvinas\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKCU\..\Run [Sidebar] = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKCU\..\Run [{EADF27DE-EEB6-11DF-9731-806E6F6E6963}] = C:\Users\Edvinas\AppData\Roaming\Microsoft\svhcost.exe HKU\.DEFAULT\..\Winlogon; Shell = HKU\S-1-5-19\..\Winlogon; Shell = HKU\S-1-5-20\..\Winlogon; Shell = HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Winlogon; Shell = HKU\S-1-5-21-3101594506-4248310904-250478768-1000_Classes\..\Winlogon; Shell = HKU\S-1-5-18\..\Winlogon; Shell = HKU\S-1-5-19\..\Run [Sidebar] = %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\..\Run [Sidebar] = %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [msnmsgr] = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [Google Update] = "C:\Users\Edvinas\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [Sidebar] = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [{EADF27DE-EEB6-11DF-9731-806E6F6E6963}] = C:\Users\Edvinas\AppData\Roaming\Microsoft\svhcost.exe ==== FINISH 19.11-12.21 ==== WIN_7 X86 Running from F:\ HKLM\..\Winlogon; Shell = explorer.exe [ Microsoft Corporation ] . . . HKCU\..\Winlogon; Shell not found . [System Process] System smss.exe csrss.exe wininit.exe csrss.exe winlogon.exe services.exe lsass.exe lsm.exe svchost.exe svchost.exe svchost.exe svchost.exe svchost.exe svchost.exe cmd.exe conhost.exe ctfmon.exe srep.exe cmd.exe conhost.exe srep.exe HKLM\..\Run [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s HKLM\..\Run [QuickTime Task] = "C:\Program Files\QuickTime\QTTask.exe" -atboottime HKLM\..\Run [IMBooster] = C:\Program Files\Iminent\IMBooster\imbooster.exe /warmup HKLM\..\Run [] = HKLM\..\Run [ApnUpdater] = "C:\Program Files\Ask.com\Updater\Updater.exe" HKLM\..\Run [SunJavaUpdateSched] = "C:\Program Files\Common Files\Java\Java Update\jusched.exe" HKLM\..\Run [avgnt] = "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min HKCU\..\Run [msnmsgr] = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKCU\..\Run [Google Update] = "C:\Users\Edvinas\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKCU\..\Run [Sidebar] = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKCU\..\Run [{EADF27DE-EEB6-11DF-9731-806E6F6E6963}] = C:\Users\Edvinas\AppData\Roaming\Microsoft\svhcost.exe HKU\.DEFAULT\..\Winlogon; Shell = HKU\S-1-5-19\..\Winlogon; Shell = HKU\S-1-5-20\..\Winlogon; Shell = HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Winlogon; Shell = HKU\S-1-5-21-3101594506-4248310904-250478768-1000_Classes\..\Winlogon; Shell = HKU\S-1-5-18\..\Winlogon; Shell = HKU\S-1-5-19\..\Run [Sidebar] = %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\..\Run [Sidebar] = %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [msnmsgr] = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [Google Update] = "C:\Users\Edvinas\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [Sidebar] = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [{EADF27DE-EEB6-11DF-9731-806E6F6E6963}] = C:\Users\Edvinas\AppData\Roaming\Microsoft\svhcost.exe ==== FINISH 21.11-19.25 ==== WIN_7 X86 Running from F:\ HKLM\..\Winlogon; Shell = explorer.exe [ Microsoft Corporation ] . . . HKCU\..\Winlogon; Shell not found . [System Process] System smss.exe csrss.exe wininit.exe csrss.exe winlogon.exe services.exe lsass.exe lsm.exe svchost.exe svchost.exe svchost.exe svchost.exe svchost.exe svchost.exe cmd.exe conhost.exe ctfmon.exe srep.exe cmd.exe conhost.exe srep.exe HKLM\..\Run [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s HKLM\..\Run [QuickTime Task] = "C:\Program Files\QuickTime\QTTask.exe" -atboottime HKLM\..\Run [IMBooster] = C:\Program Files\Iminent\IMBooster\imbooster.exe /warmup HKLM\..\Run [] = HKLM\..\Run [ApnUpdater] = "C:\Program Files\Ask.com\Updater\Updater.exe" HKLM\..\Run [SunJavaUpdateSched] = "C:\Program Files\Common Files\Java\Java Update\jusched.exe" HKLM\..\Run [avgnt] = "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min HKCU\..\Run [msnmsgr] = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKCU\..\Run [Google Update] = "C:\Users\Edvinas\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKCU\..\Run [Sidebar] = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKCU\..\Run [{EADF27DE-EEB6-11DF-9731-806E6F6E6963}] = C:\Users\Edvinas\AppData\Roaming\Microsoft\svhcost.exe HKU\.DEFAULT\..\Winlogon; Shell = HKU\S-1-5-19\..\Winlogon; Shell = HKU\S-1-5-20\..\Winlogon; Shell = HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Winlogon; Shell = HKU\S-1-5-21-3101594506-4248310904-250478768-1000_Classes\..\Winlogon; Shell = HKU\S-1-5-18\..\Winlogon; Shell = HKU\S-1-5-19\..\Run [Sidebar] = %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\..\Run [Sidebar] = %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [msnmsgr] = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [Google Update] = "C:\Users\Edvinas\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [Sidebar] = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [{EADF27DE-EEB6-11DF-9731-806E6F6E6963}] = C:\Users\Edvinas\AppData\Roaming\Microsoft\svhcost.exe ==== FINISH 21.11-19.32 ==== WIN_7 X86 Running from F:\ HKLM\..\Winlogon; Shell = explorer.exe [ Microsoft Corporation ] . . . HKCU\..\Winlogon; Shell not found . [System Process] System smss.exe csrss.exe wininit.exe csrss.exe winlogon.exe services.exe lsass.exe lsm.exe svchost.exe svchost.exe svchost.exe svchost.exe svchost.exe svchost.exe svchost.exe cmd.exe conhost.exe ctfmon.exe srep.exe cmd.exe conhost.exe srep.exe HKLM\..\Run [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s HKLM\..\Run [QuickTime Task] = "C:\Program Files\QuickTime\QTTask.exe" -atboottime HKLM\..\Run [IMBooster] = C:\Program Files\Iminent\IMBooster\imbooster.exe /warmup HKLM\..\Run [] = HKLM\..\Run [ApnUpdater] = "C:\Program Files\Ask.com\Updater\Updater.exe" HKLM\..\Run [SunJavaUpdateSched] = "C:\Program Files\Common Files\Java\Java Update\jusched.exe" HKLM\..\Run [avgnt] = "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min HKCU\..\Run [msnmsgr] = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKCU\..\Run [Google Update] = "C:\Users\Edvinas\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKCU\..\Run [Sidebar] = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKCU\..\Run [{EADF27DE-EEB6-11DF-9731-806E6F6E6963}] = C:\Users\Edvinas\AppData\Roaming\Microsoft\svhcost.exe HKU\.DEFAULT\..\Winlogon; Shell = HKU\S-1-5-19\..\Winlogon; Shell = HKU\S-1-5-20\..\Winlogon; Shell = HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Winlogon; Shell = HKU\S-1-5-21-3101594506-4248310904-250478768-1000_Classes\..\Winlogon; Shell = HKU\S-1-5-18\..\Winlogon; Shell = HKU\S-1-5-19\..\Run [Sidebar] = %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\..\Run [Sidebar] = %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [msnmsgr] = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [Google Update] = "C:\Users\Edvinas\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [Sidebar] = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [{EADF27DE-EEB6-11DF-9731-806E6F6E6963}] = C:\Users\Edvinas\AppData\Roaming\Microsoft\svhcost.exe ==== FINISH 21.11-20.11 ==== WIN_7 X86 Running from F:\ HKLM\..\Winlogon; Shell = explorer.exe [ Microsoft Corporation ] . . . HKCU\..\Winlogon; Shell not found . [System Process] System smss.exe csrss.exe csrss.exe wininit.exe winlogon.exe services.exe lsass.exe lsm.exe svchost.exe svchost.exe svchost.exe svchost.exe svchost.exe svchost.exe cmd.exe conhost.exe ctfmon.exe srep.exe cmd.exe conhost.exe srep.exe HKLM\..\Run [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s HKLM\..\Run [QuickTime Task] = "C:\Program Files\QuickTime\QTTask.exe" -atboottime HKLM\..\Run [IMBooster] = C:\Program Files\Iminent\IMBooster\imbooster.exe /warmup HKLM\..\Run [] = HKLM\..\Run [ApnUpdater] = "C:\Program Files\Ask.com\Updater\Updater.exe" HKLM\..\Run [SunJavaUpdateSched] = "C:\Program Files\Common Files\Java\Java Update\jusched.exe" HKLM\..\Run [avgnt] = "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min HKCU\..\Run [msnmsgr] = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKCU\..\Run [Google Update] = "C:\Users\Edvinas\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKCU\..\Run [Sidebar] = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKCU\..\Run [{EADF27DE-EEB6-11DF-9731-806E6F6E6963}] = C:\Users\Edvinas\AppData\Roaming\Microsoft\svhcost.exe HKU\.DEFAULT\..\Winlogon; Shell = HKU\S-1-5-19\..\Winlogon; Shell = HKU\S-1-5-20\..\Winlogon; Shell = HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Winlogon; Shell = HKU\S-1-5-21-3101594506-4248310904-250478768-1000_Classes\..\Winlogon; Shell = HKU\S-1-5-18\..\Winlogon; Shell = HKU\S-1-5-19\..\Run [Sidebar] = %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\..\Run [Sidebar] = %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [msnmsgr] = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [Google Update] = "C:\Users\Edvinas\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [Sidebar] = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [{EADF27DE-EEB6-11DF-9731-806E6F6E6963}] = C:\Users\Edvinas\AppData\Roaming\Microsoft\svhcost.exe ==== FINISH 21.11-20.19 ==== WIN_7 X86 Running from F:\ HKLM\..\Winlogon; Shell = explorer.exe [ Microsoft Corporation ] . . . HKCU\..\Winlogon; Shell not found . [System Process] System smss.exe csrss.exe wininit.exe csrss.exe winlogon.exe services.exe lsass.exe lsm.exe svchost.exe svchost.exe svchost.exe svchost.exe svchost.exe svchost.exe cmd.exe conhost.exe ctfmon.exe srep.exe cmd.exe conhost.exe srep.exe svchost.exe HKLM\..\Run [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s HKLM\..\Run [QuickTime Task] = "C:\Program Files\QuickTime\QTTask.exe" -atboottime HKLM\..\Run [IMBooster] = C:\Program Files\Iminent\IMBooster\imbooster.exe /warmup HKLM\..\Run [] = HKLM\..\Run [ApnUpdater] = "C:\Program Files\Ask.com\Updater\Updater.exe" HKLM\..\Run [SunJavaUpdateSched] = "C:\Program Files\Common Files\Java\Java Update\jusched.exe" HKLM\..\Run [avgnt] = "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min HKCU\..\Run [msnmsgr] = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKCU\..\Run [Google Update] = "C:\Users\Edvinas\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKCU\..\Run [Sidebar] = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKCU\..\Run [{EADF27DE-EEB6-11DF-9731-806E6F6E6963}] = C:\Users\Edvinas\AppData\Roaming\Microsoft\svhcost.exe HKU\.DEFAULT\..\Winlogon; Shell = HKU\S-1-5-19\..\Winlogon; Shell = HKU\S-1-5-20\..\Winlogon; Shell = HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Winlogon; Shell = HKU\S-1-5-21-3101594506-4248310904-250478768-1000_Classes\..\Winlogon; Shell = HKU\S-1-5-18\..\Winlogon; Shell = HKU\S-1-5-19\..\Run [Sidebar] = %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\..\Run [Sidebar] = %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [msnmsgr] = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [Google Update] = "C:\Users\Edvinas\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [Sidebar] = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [{EADF27DE-EEB6-11DF-9731-806E6F6E6963}] = C:\Users\Edvinas\AppData\Roaming\Microsoft\svhcost.exe ==== FINISH 21.11-20.25 ==== WIN_7 X86 Running from F:\ HKLM\..\Winlogon; Shell = explorer.exe [ Microsoft Corporation ] . . . HKCU\..\Winlogon; Shell not found . [System Process] System smss.exe csrss.exe csrss.exe wininit.exe winlogon.exe services.exe lsass.exe lsm.exe svchost.exe svchost.exe svchost.exe svchost.exe svchost.exe svchost.exe cmd.exe conhost.exe ctfmon.exe srep.exe cmd.exe conhost.exe srep.exe HKLM\..\Run [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s HKLM\..\Run [QuickTime Task] = "C:\Program Files\QuickTime\QTTask.exe" -atboottime HKLM\..\Run [IMBooster] = C:\Program Files\Iminent\IMBooster\imbooster.exe /warmup HKLM\..\Run [] = HKLM\..\Run [ApnUpdater] = "C:\Program Files\Ask.com\Updater\Updater.exe" HKLM\..\Run [SunJavaUpdateSched] = "C:\Program Files\Common Files\Java\Java Update\jusched.exe" HKLM\..\Run [avgnt] = "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min HKCU\..\Run [msnmsgr] = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKCU\..\Run [Google Update] = "C:\Users\Edvinas\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKCU\..\Run [Sidebar] = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKCU\..\Run [{EADF27DE-EEB6-11DF-9731-806E6F6E6963}] = C:\Users\Edvinas\AppData\Roaming\Microsoft\svhcost.exe HKU\.DEFAULT\..\Winlogon; Shell = HKU\S-1-5-19\..\Winlogon; Shell = HKU\S-1-5-20\..\Winlogon; Shell = HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Winlogon; Shell = HKU\S-1-5-21-3101594506-4248310904-250478768-1000_Classes\..\Winlogon; Shell = HKU\S-1-5-18\..\Winlogon; Shell = HKU\S-1-5-19\..\Run [Sidebar] = %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\..\Run [Sidebar] = %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [msnmsgr] = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [Google Update] = "C:\Users\Edvinas\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [Sidebar] = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKU\S-1-5-21-3101594506-4248310904-250478768-1000\..\Run [{EADF27DE-EEB6-11DF-9731-806E6F6E6963}] = C:\Users\Edvinas\AppData\Roaming\Microsoft\svhcost.exe ==== FINISH 21.11-20.36 ==== |
| Themen zu Aus sicherheitsgründen ist ihr Windowssystem blockiert. |
| 50 euro, 50 euro zahlen, ahnung, angemeldet, angst, anleitung, bildschirm, blockiert, brauche, daten, daten löschen, einfach, euro, gestern, greifen, hochfahren, hoffe, lieber, löschen, meldung, menschen, notebook, schonmal, sicherheitsgründe, verzweifelt, viren, virus, windowssystem, wirklich, zahlen |
Baum-Darstellung