Internet zu langsam!/Google leitet auf falsche Seiten!->Wurm?

#0
04.02.2009, 21:19
...neu hier

Beiträge: 4
#1 Hallo Leute!
Ich hoffe ich folge den genannten Anweisungen richtig! ;)

Seit neustem braucht mein Laptop sehr lange um Internet-Seiten aufzubauen, die Download-Geschwindigkeit ist horrormäßig schlecht (Ich konnt kaum die Programme für die Logs runterladen) und ich werde öfters auf Ebay umgeleitet wenn ich bei Google etwas suche. Ausserdem braucht mein Laptop sehr lange beim Runterfahren.

Hier sind erstmal die verschiedenen Logs:




Malwarebytes' Anti-Malware 1.33
Datenbank Version: 1728
Windows 6.0.6001 Service Pack 1

04.02.2009 21:08:41
mbam-log-2009-02-04 (21-08-41).txt

Scan-Methode: Quick-Scan
Durchsuchte Objekte: 47544
Laufzeit: 1 minute(s), 55 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)







ComboFix 09-02-04.01 - Kev-O 2009-02-04 20:52:27.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1031.18.3070.1884 [GMT 1:00]
ausgeführt von:: c:\users\Kev-O\Downloads\ComboFix.exe
* Neuer Wiederherstellungspunkt wurde erstellt
.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Kev-O\AppData\Roaming\.#

.
((((((((((((((((((((((( Dateien erstellt von 2009-01-04 bis 2009-02-04 ))))))))))))))))))))))))))))))
.

2009-02-04 20:31 . 2009-02-04 20:31 <DIR> d-------- c:\users\Kev-O\AppData\Roaming\Malwarebytes
2009-02-04 20:31 . 2009-02-04 20:31 <DIR> d-------- c:\users\All Users\Malwarebytes
2009-02-04 20:31 . 2009-02-04 20:31 <DIR> d-------- c:\programdata\Malwarebytes
2009-02-04 20:31 . 2009-02-04 20:37 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-04 20:31 . 2009-01-14 16:11 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-04 20:31 . 2009-01-14 16:11 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-04 19:49 . 2009-02-04 19:49 <DIR> d-------- c:\program files\Trend Micro
2009-02-04 16:40 . 2009-02-04 16:40 <DIR> d-------- c:\program files\TVTool
2009-02-02 22:36 . 2009-02-02 22:36 <DIR> d-------- c:\users\All Users\Apple Computer
2009-02-02 22:36 . 2009-02-02 22:36 <DIR> d-------- c:\programdata\Apple Computer
2009-02-02 22:36 . 2009-02-02 22:37 <DIR> d-------- c:\program files\QuickTime
2009-01-30 16:33 . 2009-01-30 16:34 <DIR> d-------- c:\program files\Microsoft Games for Windows - LIVE
2009-01-30 14:41 . 2009-01-30 14:41 <DIR> d-------- c:\program files\Bethesda Softworks
2009-01-30 14:37 . 2009-01-30 14:37 <DIR> d-------- c:\windows\System32\xlive
2009-01-30 14:19 . 2009-01-30 14:19 <DIR> d-------- c:\users\Kev-O\AppData\Roaming\DAEMON Tools Pro
2009-01-30 14:19 . 2009-01-30 14:19 <DIR> d-------- c:\users\Kev-O\AppData\Roaming\DAEMON Tools Lite
2009-01-30 14:19 . 2009-01-30 14:19 <DIR> d-------- c:\users\All Users\DAEMON Tools Lite
2009-01-30 14:19 . 2009-01-30 14:19 <DIR> d-------- c:\programdata\DAEMON Tools Lite
2009-01-30 14:19 . 2009-01-30 15:08 <DIR> d-------- c:\program files\DAEMON Tools Lite
2009-01-28 10:52 . 2009-01-28 10:52 <DIR> d-------- c:\users\Public\blobby volley
2009-01-15 23:19 . 2009-01-15 23:19 <DIR> d-------- c:\users\All Users\WindowsSearch
2009-01-15 23:19 . 2009-01-15 23:19 <DIR> d-------- c:\programdata\WindowsSearch
2009-01-15 08:21 . 2008-12-16 03:42 288,768 --a------ c:\windows\System32\drivers\srv.sys
2009-01-05 16:18 . 2009-01-05 16:18 90,112 --a------ c:\windows\System32\QuickTimeVR.qtx
2009-01-05 16:18 . 2009-01-05 16:18 57,344 --a------ c:\windows\System32\QuickTime.qts

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-04 19:50 --------- d-----w c:\programdata\Sophos
2009-02-04 19:50 --------- d-----w c:\program files\Sophos
2009-02-04 18:22 80,665 ----a-w c:\users\All Users\nvModes.dat
2009-02-04 18:22 80,665 ----a-w c:\programdata\nvModes.dat
2009-02-04 14:36 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-30 13:19 --------- d-----w c:\users\Kev-O\AppData\Roaming\DAEMON Tools
2009-01-15 11:33 --------- d-----w c:\program files\Windows Mail
2009-01-09 13:04 --------- d-----w c:\users\Kev-O\AppData\Roaming\dvdcss
2009-01-08 12:05 --------- d-----w c:\program files\Google
2008-12-31 18:52 --------- d-----w c:\program files\Mozilla Thunderbird
2008-12-30 14:20 --------- d-----w c:\users\Kev-O\AppData\Roaming\Thunderbird
2008-12-14 06:30 --------- d-----w c:\users\Kev-O\AppData\Roaming\ICQ
2008-12-12 17:39 --------- d-----w c:\program files\DVDVideoSoft
2008-12-12 17:39 --------- d-----w c:\program files\Common Files\DVDVideoSoft
2008-12-12 17:39 --------- d-----w c:\program files\AskBarDis
2008-11-14 07:43 107,888 ----a-w c:\windows\System32\CmdLineExt.dll
2008-11-14 07:40 66,872 ----a-w c:\windows\System32\PnkBstrA.exe
2008-11-14 07:40 22,328 ----a-w c:\users\Kev-O\AppData\Roaming\PnkBstrK.sys
2008-11-14 07:40 2,250,024 ----a-w c:\windows\System32\pbsvc.exe
2008-11-14 07:40 107,832 ----a-w c:\windows\System32\PnkBstrB.exe
2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini
.

(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-26 10:32 279944 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-08 39408]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-31 102400]
"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2007-09-01 32768]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2007-09-06 188416]
"LMgrOSD"="c:\program files\Launch Manager\OSD.exe" [2006-12-26 180224]
"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2007-09-07 86016]
"OmniPass"="c:\program files\Softex\OmniPass\scureapp.exe" [2007-11-02 2564096]
"UCam_Menu"="c:\program files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" [2007-09-13 222504]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-11 13543968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-11 92704]
"toolbar_eula_launcher"="c:\program files\GoogleEULA\EULALauncher.exe" [2007-02-09 16896]
"SAFEHOME HotKeys"="c:\programme\Steganos Safe Home\SteganosHotKeyService.exe" [2007-03-21 25088]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"RtHDVCpl"="RtHDVCpl.exe" [2008-07-03 c:\windows\RtHDVCpl.exe]
"Skytel"="Skytel.exe" [2008-06-25 c:\windows\SkyTel.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoUpdate Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AutoUpdate Monitor.lnk
backup=c:\windows\pss\AutoUpdate Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2008-02-28 17:07 1828136 c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Packard Bell Data Secure]
--a------ 2006-06-20 14:15 2361856 c:\programme\Packard Bell Data Secure\PBDataSecure.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2009-01-05 16:18 413696 c:\program files\QuickTime\QTTask.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{0F47084A-C3E6-4524-8008-397409F71DFD}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{96EE7343-328E-460B-B372-2B36D01EE775}"= c:\program files\HomeCinema\MakeDisc\MakeDisc.exe:CyberLink MakeDisc
"{C7502F25-D77E-45AC-A118-9FB6F5CFC59F}"= c:\program files\HomeCinema\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{9CC3C7EF-F2CA-4D14-AC98-1E1B6AAF8A54}"= c:\program files\HomeCinema\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD
"TCP Query User{8D8273E0-E3CC-453A-82DE-A93440537ED7}c:\\program files\\icq6\\icq.exe"= UDP:c:\program files\icq6\icq.exe:ICQ Library
"UDP Query User{133A4154-0465-42D2-861A-55E5EB5AE9D2}c:\\program files\\icq6\\icq.exe"= TCP:c:\program files\icq6\icq.exe:ICQ Library
"TCP Query User{B21E97FF-1473-45DB-818E-5B79DB0E922F}c:\\program files\\microsoft games\\age of empires ii trial\\empires2.exe"= UDP:c:\program files\microsoft games\age of empires ii trial\empires2.exe:Age of Empires II
"UDP Query User{2DA0DE4C-E782-447B-A1CB-27FA9D18F666}c:\\program files\\microsoft games\\age of empires ii trial\\empires2.exe"= TCP:c:\program files\microsoft games\age of empires ii trial\empires2.exe:Age of Empires II
"TCP Query User{E7781EC0-723F-479C-8B8C-2627E4493C40}c:\\program files\\microsoft games\\worms armageddon\\wa.exe"= UDP:c:\program files\microsoft games\worms armageddon\wa.exe:Worms Armageddon
"UDP Query User{6D46EDF1-BB62-47B6-B084-E0592F57FE28}c:\\program files\\microsoft games\\worms armageddon\\wa.exe"= TCP:c:\program files\microsoft games\worms armageddon\wa.exe:Worms Armageddon
"TCP Query User{E4265784-4E5B-4C4D-B308-E50C507FFFAF}c:\\team17\\worms world party\\wwp.exe"= UDP:c:\team17\worms world party\wwp.exe:Worms World Party
"UDP Query User{5E6033CF-6871-4C7A-9994-DAF7771C9300}c:\\team17\\worms world party\\wwp.exe"= TCP:c:\team17\worms world party\wwp.exe:Worms World Party
"{C8E0CBDF-3A60-47FD-8096-9981A74E9B88}"= UDP:c:\windows\System32\PnkBstrA.exe:pnkBstrA
"{06CDF0AF-FF6F-42E4-B509-33308304F1D1}"= TCP:c:\windows\System32\PnkBstrA.exe:pnkBstrA
"{EF1DBEA2-409B-4DF9-BA94-3626B033107C}"= UDP:c:\windows\System32\PnkBstrB.exe:pnkBstrB
"{BB969C9C-008B-4696-80B5-F55B87E731F8}"= TCP:c:\windows\System32\PnkBstrB.exe:pnkBstrB
"TCP Query User{DE78C5B0-E568-41E5-8806-A19C04110169}c:\\users\\kev-o\\download\\war_vo_german.exe"= UDP:c:\users\kev-o\download\war_vo_german.exe:war_vo_german.exe
"UDP Query User{81775244-6086-4C29-AA23-ACCC17B5123A}c:\\users\\kev-o\\download\\war_vo_german.exe"= TCP:c:\users\kev-o\download\war_vo_german.exe:war_vo_german.exe
"TCP Query User{D9D57276-FB0C-4B05-B984-21118FEFC514}c:\\users\\kev-o\\downloads\\war_vo_german.exe"= UDP:c:\users\kev-o\downloads\war_vo_german.exe:war_vo_german.exe
"UDP Query User{5434BECE-623D-4712-AEF3-13BE5210849B}c:\\users\\kev-o\\downloads\\war_vo_german.exe"= TCP:c:\users\kev-o\downloads\war_vo_german.exe:war_vo_german.exe
"{66640912-3DE5-4AE0-93D5-6D62A3DDBCDD}"= UDP:c:\warhammer online - age of reckoning\warpatch.exe:Warhammer Online - Age of Reckoning
"{0A9BB6BF-D46B-4473-B118-0EA7C6000F2E}"= TCP:c:\warhammer online - age of reckoning\warpatch.exe:Warhammer Online - Age of Reckoning
"TCP Query User{8EBB42A6-AB2D-48B9-B778-771CF50538D7}c:\\users\\kev-o\\desktop\\blobby volley\\volley.exe"= UDP:c:\users\kev-o\desktop\blobby volley\volley.exe:volley.exe
"UDP Query User{290CF166-755E-41A8-9C7A-6587C27D8892}c:\\users\\kev-o\\desktop\\blobby volley\\volley.exe"= TCP:c:\users\kev-o\desktop\blobby volley\volley.exe:volley.exe
"TCP Query User{F7C312E2-9E5C-402C-AC1D-D75480CF00F5}c:\\windows\\system32\\dplaysvr.exe"= UDP:c:\windows\system32\dplaysvr.exe:Microsoft DirectPlay-Helfer
"UDP Query User{2B6C9790-7F20-4FAE-86C1-CB5AC8EA23F0}c:\\windows\\system32\\dplaysvr.exe"= TCP:c:\windows\system32\dplaysvr.exe:Microsoft DirectPlay-Helfer

R0 Si3531;SiI-3531 SATA Controller;c:\windows\System32\drivers\Si3531.sys [2007-06-01 210736]
R1 Hotkey;Hotkey;c:\windows\System32\drivers\HOTKEY.sys [2008-07-17 9867]
R1 SLEE_15_DRIVER;Steganos Live Encryption Engine 15 [Driver];c:\windows\System32\drivers\sleen15.sys [2007-02-21 13:33:54 80232]
R1 tvtool;tvtool;c:\program files\TVTool\TVTOOL.SYS [1996-04-03 5248]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2008-09-23 222456]
R3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [2008-07-17 118784]

--- Andere Dienste/Treiber im Speicher ---

*Deregistered* - kbdqlck
*Deregistered* - sptd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
\shell\AutoRun\command - J:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0492b2de-8e19-11dd-b4c0-001f160295d6}]
\shell\AutoRun\command - H:\FalloutLauncher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4381fd75-9690-11dd-86f2-001f160295d6}]
\shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77efff6d-8ec1-11dd-b63a-001f160295d6}]
\shell\AutoRun\command - I:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f1e92ba-cc1a-11dd-86e4-001f160295d6}]
\shell\AutoRun\command - J:\LaunchU3.exe -a
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

MSConfigStartUp-WinampAgent - c:\programme\Winamp\winampa.exe


.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.web.de/
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-25/4
FF - ProfilePath - c:\users\Kev-O\AppData\Roaming\Mozilla\Firefox\Profiles\a0h8oh71.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- FIREFOX Richtlinien ----
FF - user.js: network.prefetch-next - false
FF - user.js: nglayout.initialpaint.delay - 50
FF - user.js: layout.word_select.eat_space_to_next_word - false
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-04 20:54:03
Windows 6.0.6001 Service Pack 1 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'Explorer.exe'(4980)
c:\program files\Softex\OmniPass\SCUREDLL.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
.
Zeit der Fertigstellung: 2009-02-04 20:55:53
ComboFix-quarantined-files.txt 2009-02-04 19:55:51

Vor Suchlauf: 23 Verzeichnis(se), 171.958.325.248 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 172,205,170,688 Bytes frei

193 --- E O F --- 2009-02-03 08:42:32





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:14:01, on 04.02.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Launch Manager\WButton.exe
C:\Program Files\Softex\OmniPass\scureapp.exe
C:\Windows\System32\rundll32.exe
C:\Programme\Steganos Safe Home\SteganosHotKeyService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\HomeCinema\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe
O4 - HKLM\..\Run: [SAFEHOME HotKeys] "C:\Programme\Steganos Safe Home\SteganosHotKeyService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-25/4 (file missing)
O9 - Extra 'Tools' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-25/4 (file missing)
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-15/4 (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-15/4 (file missing) (HKCU)
O13 - Gopher Prefix:
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\OmniServ.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

--
End of file - 7864 bytes




3531-W-D
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9 - Deutsch
Adobe Shockwave Player 11
Apple Software Update
Ashampoo PowerUp 3.22
Ask Toolbar
AuthenTec Fingerprint Sensor Minimum Install
AviSynth 2.5
CCleaner (remove only)
Command & Conquer™ Alarmstufe Rot 3
Compatibility Pack für 2007 Office System
CyberLink PowerDirector
CyberLink PowerProducer
CyberLink PowerProducer
CyberLink YouCam
Fallout 3
Free YouTube to Mp3 Converter version 3.1
Google Toolbar for Internet Explorer
Hamachi 1.0.3.0
HijackThis 2.0.2
ICQ Toolbar
ICQ6
Inst5657
Intel(R) Matrix Storage Manager
Java(TM) 6 Update 7
K-Lite Codec Pack 4.1.4 (Standard)
Launch Manager V1.4.9
Letstrade
LetsTrade Komponenten
MakeDisc
Malwarebytes' Anti-Malware
MediaShow
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office PowerPoint Viewer 2007 (German)
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Mission Pack
Mozilla Firefox (3.0.5)
Mozilla Thunderbird (2.0.0.19)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
Nero 8 Essentials
neroxml
NVIDIA Drivers
OmniPass 5.00.91
Packard Bell Data Secure
PhotoNow!
PowerDVD
PunkBuster Services
QuickTime
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
SecureW2 EAP Suite 1.0.6 for Windows
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Steganos Safe Home 2007
Synaptics Pointing Device Driver
Total Commander (Remove or Repair)
TVTool
Ulead PhotoImpact 12
Uninstall 1.0.0.1
VLC media player 0.9.4
Warhammer Online: Age of Reckoning
Winamp
Windows Live Anmelde-Assistent
Windows Live installer
Windows Live Messenger
Windows Media Player Firefox Plugin
WinRAR
Worms World Party
Worms World Party Mission Editor


So, ich hoffe, dass das zu alles war, was benötigt wird um mir zu helfen ;)
Ich bin nicht grad ein COmputer-Crack, also seid umsichtig mit mir, falls ich schwer von Begriff bin ;)
Danke schonmal für eure Hilfe!

Gruß
Kev
Seitenanfang Seitenende
05.02.2009, 07:57
Ehrenmitglied
Avatar Argus

Beiträge: 6028
#2 Entferne via Software Ask Toolbar und auf c:\program files\AskBarDis

Start > Ausführen> Kopiere rein ComboFix /U OK

Scanne dein Rechner mit SuperAntispyware
http://board.protecus.de/t31252-1.htm
__________
MfG Argus
Seitenanfang Seitenende
05.02.2009, 09:52
...neu hier

Themenstarter

Beiträge: 4
#3 Hier ist der ScanLog von SuperAntiSpyware, aber Internet ist immernoch Ar***-Langsam ....;)

Kann was anderes noch daran schuld sein?


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 02/05/2009 at 09:21 AM

Application Version : 4.25.1012

Core Rules Database Version : 3744
Trace Rules Database Version: 1712



Danke für die Antwort schonmal!

Scan type : Complete Scan
Total Scan Time : 00:19:20

Memory items scanned : 631
Memory threats detected : 0
Registry items scanned : 7865
Registry threats detected : 2
File items scanned : 24438
File threats detected : 134

Adware.Tracking Cookie
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@serving-sys[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@webmasterplan[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@ad.zanox[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@tradedoubler[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@zbox.zanox[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@advertising[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@mediaplex[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@bs.serving-sys[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@adserver.71i[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@apmebf[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@adfarm1.adition[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@at.atwola[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@tacoda[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@ad.71i[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@sevenoneintermedia.112.2o7[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@atwola[3].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@de2.komtrack[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@doubleclick[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@zbox.zanox[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@tradedoubler[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@adserver.71i[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\kev-o@atwola[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@track.adform[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@www.googleadservices[6].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@www.googleadservices[5].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@www.googleadservices[4].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@www.googleadservices[7].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@www.googleadservices[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@www.googleadservices[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@www.googleadservices[3].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@casalemedia[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@media.adrevolver[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@e-2dj6wgk4opazwdo.stats.esomniture[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@ddl-warez[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@collective-media[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@ehg-foxmovies.hitbox[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@www.usenext[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@googleadservices[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@overture[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@tribalfusion[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@2o7[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@ad.yieldmanager[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@fastclick[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@www.media2.elbenwald[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@serving-sys[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@ad.zanox[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@im.banner.t-online[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@ad.salebroker[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@linksynergy[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@tracking.quisma[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@stats.paypal[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@hitbox[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@mediaplex[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@www.zanox-affiliate[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@microsoftwindows.112.2o7[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@doubleclick[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@ads.quartermedia[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@e-2dj6wfk4ckajeeo.stats.esomniture[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@clickcash[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@a7.adserver01[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@ad.71i[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@bluestreak[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@adserver.71i[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@ad.ambiweb[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@ads.sportwerk[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@a2.adserver01[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@ads.pointroll[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@rotator.adjuggler[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@deutschepostag.112.2o7[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@zanox-affiliate[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@indextools[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@atdmt[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@www.netdebit-counter[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@eas.apm.emediate[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@arcor.122.2o7[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@adtech[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@hbxtracking.sueddeutsche[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@e-2dj6wfmiagc5gcq.stats.esomniture[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@ads.getmobile[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@content.yieldmanager[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@content.yieldmanager[3].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@imrworldwide[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@tracking.the7thchamber[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@www.etracker[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@e-2dj6wdkoujcpmbo.stats.esomniture[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@stat.dealtime[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@smartadserver[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@adfarm1.adition[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@komtrack[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@statcounter[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@track.webtrekk[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@track.webtrekk[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@ad.adnet[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@de2.komtrack[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@statse.webtrendslive[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@specificclick[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@ads.planetactive[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@dealtime[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@ad.ad-srv[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@adopt.euroclick[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@tacoda[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@lokalportal24de.112.2o7[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@adrevolver[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@adserver.easyad[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@wissende.122.2o7[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@nextag[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@server.cpmstar[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@revsci[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@adbrite[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@xiti[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@bs.serving-sys[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@at.atwola[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@adserver.complexx[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@parship.122.2o7[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@adsrv.admediate[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@ads.moviemaze[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@tradedoubler[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@advertising[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@banner.dhl-systems[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@paypal.112.2o7[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@www.active-tracking[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@sevenoneintermedia.112.2o7[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@ads.heias[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@webmasterplan[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@apmebf[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@posex[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@zanox[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@tracking.3gnet[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@traffictrack[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@shop.zanox[2].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@www.ddl-warez[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@spamfighter.112.2o7[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@atwola[1].txt
C:\Users\Kev-O\AppData\Roaming\Microsoft\Windows\Cookies\Low\kev-o@tto2.traffictrack[2].txt

Adware.MyWebSearch/FunWebProducts
HKCR\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}
HKCR\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}\TreatAs
Seitenanfang Seitenende
05.02.2009, 10:00
Ehrenmitglied
Avatar Argus

Beiträge: 6028
#4 Welche Marke von Virenscanner wird eigentlich benutzt
__________
MfG Argus
Seitenanfang Seitenende
05.02.2009, 10:12
...neu hier

Themenstarter

Beiträge: 4
#5 Hab bisher Sophos AntiVirus benutzt, aber werd mir wohl nen anderen holen.


/Edit: Problem gelöst: Hab ein Router Firmware-Update gemacht und jetzt ist die Geschwindigkeit wieder normal.

Bleibt noch das Problem mit dem lang andauernden Herunterfahren.
Kann mir da noch jemand helfen?
Dieser Beitrag wurde am 05.02.2009 um 11:54 Uhr von ToOomoOolt editiert.
Seitenanfang Seitenende
05.02.2009, 13:23
Ehrenmitglied
Avatar Argus

Beiträge: 6028
#6 Unter Sofware steht bei dir kein Sophos nur hier c:\programdata\Sophos

Scanne doch mal dein Rechner mit Kaspersky Online http://virus-protect.org/onlinescan.html

AntiVirenscanner (kostenlos)
Antivir
AVG8
Bitdefender 10
Avast
Comodo
__________
MfG Argus
Seitenanfang Seitenende
05.02.2009, 15:15
...neu hier

Themenstarter

Beiträge: 4
#7 Sophos hatte ich da schon deinstalliert, deswegen ist es nicht mit aufgeführt.
Seitenanfang Seitenende
05.02.2009, 18:32
Ehrenmitglied
Avatar Argus

Beiträge: 6028
#8 Man soll nicht ohne ein Realtime Virenscanner ins Netz gehen !
__________
MfG Argus
Seitenanfang Seitenende