Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's


Plagegeister aller Art und deren Bekämpfung: Internetverbindung schlecht, langsamer Computer und einfrieren des PC's

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 16.04.2014, 20:44   #8
bekirikus
 
Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Standard

Internetverbindung schlecht, langsamer Computer und einfrieren des PC's


Was is IE9 und ServicePack1? und ja der Computer funktioniert schon deutlich besser.

Fixlog.txt

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-04-2014
Ran by Botan at 2014-04-15 22:23:29 Run:1
Running from C:\Users\Botan\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Online Weather] => C:\Users\Schule\AppData\Local\WebPlayer\Online Weather\WebPlayer.exe
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Windows Defender] => C:\ProgramData\Windows\System32\Windows Defender\Definition Update\windef.exe [313344 2013-07-01] (Windows Defender)
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Browser Infrastructure Helper] => C:\Users\Bekir&Botan\AppData\Local\Smartbar\Application\Smartbar.exe startup
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Bekir&Botan\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PlurPush - {82249076-d5c8-431d-982b-023779779587} - C:\Program Files (x86)\PlurPush\PlurPushbho.dll No File
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @qq.com/TXSSO - C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.89\Bin\npSSOAxCtrlForPTLogin.dll No File
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR DefaultNewTabURL: &a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir=
CHR Extension: (MySearchDial __MSG_newtab__) - C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa [2014-04-14]
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKCU\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM-x32\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Botan\AppData\Local\speedial.crx [2014-04-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 Update PlurPush; C:\Program Files (x86)\PlurPush\updatePlurPush.exe [350488 2014-04-15] ()
R2 Util PlurPush; C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe [350488 2014-04-15] ()
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-30] (StdLib)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Task: {248BFF8D-5ABB-40A3-B31F-8F84CE73A98F} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {743AC67F-4CB9-4F96-A4FF-24064BC6E0A3} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {B1809AF3-F82A-4DB0-9E89-832BB19903CF} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
C:\Program Files (x86)\AnyProtectEx
C:\Users\Bekir&Botan\AppData\Roaming\newnext.me
C:\Users\Schule\AppData\Local\WebPlayer
C:\Users\Bekir&Botan\AppData\Local\Smartbar
C:\ProgramData\Windows\
C:\Program Files\McAfee Security Scan
C:\Program Files (x86)\PlurPush
C:\Windows\system32\TesSafe.sys
C:\Windows\System32\drivers\wStLibG64.sys 
C:\Users\Botan\AppData\Local\speedial.crx
C:\Users\Botan\AppData\Local\AnyProtectScannerSetup.exe
2014-04-03 22:06 - 2014-04-03 22:06 - 00000920 _____ () C:\Users\Botan\Downloads\SadiQ_-_TrafiQ_2014_.dlc
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e.htm
2014-04-03 21:59 - 2014-04-03 21:59 - 00000196 _____ () C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e (1).htm
2014-04-03 21:54 - 2014-04-03 21:55 - 07083256 _____ (Welcome to YourFile Downloader!) C:\Users\Botan\Downloads\SadiQ---TrafiQ-(2014)_downloader.exe
C:\Users\Bekir&Botan\AppData\Local\Temp\*.dll
C:\Users\Bekir&Botan\AppData\Local\Temp\*.exe
C:\Users\Botan\AppData\Local\Temp\*.dll
C:\Users\Botan\AppData\Local\Temp\*.exe
C:\Users\Schule\AppData\Local\Temp\*.exe
C:\Users\Xebat\AppData\Local\Temp\*.exe
C:\Users\Schule\AppData\Local\Temp\*.dll
C:\Users\Xebat\AppData\Local\Temp\*.exe
*****************

HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Run\\Online Weather => Value not found.
HKU\S-1-5-21-1789832465-2975819574-3199883490-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Defender => Value not found.
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Run\\Browser Infrastructure Helper => Value not found.
HKU\S-1-5-21-1789832465-2975819574-3199883490-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive => Value not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82249076-d5c8-431d-982b-023779779587} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{82249076-d5c8-431d-982b-023779779587} => Key deleted successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin => Key deleted successfully.
C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll => Moved successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@qq.com/TXSSO => Key deleted successfully.
C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.89\Bin\npSSOAxCtrlForPTLogin.dll not found.
CHR DefaultSearchKeyword: mysearchdial.com ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchProvider: Mysearchdial ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzy0DyD0FyDzztC0E0CtBtBtN0D0Tzu0SzztAyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0C0B0Bzz0CtG0AyB0BzztGyB0ByCtBtG0B0DtD0DtGyB0ByBtAzy0Fzz0A0ByB0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtCtAzz0EzyyDtGyD0FtB0DtG0A0C0CyEtGzz0EtDyBtGyCzytC0DtBzzzztA0FyDtB0A2Q&cr=2124572885&ir= ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa => Key deleted successfully.
C:\Users\Botan\AppData\Local\speedial.crx => Moved successfully.
HKCU\SOFTWARE\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa => Key deleted successfully.
"C:\Users\Botan\AppData\Local\speedial.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa => Key deleted successfully.
"C:\Users\Botan\AppData\Local\speedial.crx" => File/Directory not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
Update PlurPush => Unable to stop service
Update PlurPush => Service deleted successfully.
Util PlurPush => Unable to stop service
Util PlurPush => Service deleted successfully.
wStLibG64 => Unable to stop service
wStLibG64 => Service deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{248BFF8D-5ABB-40A3-B31F-8F84CE73A98F} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{248BFF8D-5ABB-40A3-B31F-8F84CE73A98F} => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP3 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{743AC67F-4CB9-4F96-A4FF-24064BC6E0A3} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{743AC67F-4CB9-4F96-A4FF-24064BC6E0A3} => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP2 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B1809AF3-F82A-4DB0-9E89-832BB19903CF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1809AF3-F82A-4DB0-9E89-832BB19903CF} => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP1 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1 => Key deleted successfully.
C:\Windows\Tasks\APSnotifierPP1.job => Moved successfully.
C:\Windows\Tasks\APSnotifierPP2.job => Moved successfully.
C:\Windows\Tasks\APSnotifierPP3.job => Moved successfully.
"C:\Program Files (x86)\AnyProtectEx" => File/Directory not found.
"C:\Users\Bekir&Botan\AppData\Roaming\newnext.me" => File/Directory not found.
"C:\Users\Schule\AppData\Local\WebPlayer" => File/Directory not found.
"C:\Users\Bekir&Botan\AppData\Local\Smartbar" => File/Directory not found.
C:\ProgramData\Windows => Moved successfully.
C:\Program Files\McAfee Security Scan => Moved successfully.

"C:\Program Files (x86)\PlurPush" directory move:

C:\Program Files (x86)\PlurPush\0 => Moved successfully.
C:\Program Files (x86)\PlurPush\7za.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\PlurPush.ico => Moved successfully.
C:\Program Files (x86)\PlurPush\PlurPushUninstall.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\updatePlurPush.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\updatePlurPush.InstallState => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\7za.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\BrowserAdapterS.7z => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\FilterApp_C64.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\PlurPush.BrowserAdapter.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\PlurPushBA.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\PlurPushBAApp.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\sqlite3.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\utilPlurPush.InstallState => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfs560E.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfs565D.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfsCCA4.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfsCCD3.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfsE519.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\TEMP\mfsE5A6.tmp => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.Bromon.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.BrowserAdapterS.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.CompatibilityChecker.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.FFUpdate.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.IEUpdate.dll => Moved successfully.
C:\Program Files (x86)\PlurPush\bin\plugins\PlurPush.PurBrowseG.dll => Moved successfully.
Could not move "C:\Program Files (x86)\PlurPush" directory. => Scheduled to move on reboot.

C:\Windows\system32\TesSafe.sys => Moved successfully.
C:\Windows\System32\drivers\wStLibG64.sys => Moved successfully.
"C:\Users\Botan\AppData\Local\speedial.crx" => File/Directory not found.
C:\Users\Botan\AppData\Local\AnyProtectScannerSetup.exe => Moved successfully.
C:\Users\Botan\Downloads\SadiQ_-_TrafiQ_2014_.dlc => Moved successfully.
C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e.htm => Moved successfully.
C:\Users\Botan\Downloads\3996ceaf-51bc-43fa-b0fb-7a1459f3413e (1).htm => Moved successfully.
C:\Users\Botan\Downloads\SadiQ---TrafiQ-(2014)_downloader.exe => Moved successfully.
C:\Users\Bekir&Botan\AppData\Local\Temp\*.dll => Moved successfully.
C:\Users\Bekir&Botan\AppData\Local\Temp\*.exe => Moved successfully.
C:\Users\Botan\AppData\Local\Temp\*.dll => Moved successfully.
C:\Users\Botan\AppData\Local\Temp\*.exe => Moved successfully.
C:\Users\Schule\AppData\Local\Temp\*.exe => Moved successfully.
C:\Users\Xebat\AppData\Local\Temp\*.exe => Moved successfully.
C:\Users\Schule\AppData\Local\Temp\*.dll => Moved successfully.
"C:\Users\Xebat\AppData\Local\Temp\*.exe" => File/Directory not found.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-15 22:26:14)<=

C:\Program Files (x86)\PlurPush => Moved successfully.

==== End of Fixlog ====
log.txt

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=74c472855899634ead891d0739e14949
# engine=17910
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-16 05:18:01
# local_time=2014-04-16 07:18:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=774 16777213 71 76 73575 73615 0 0
# compatibility_mode=5893 16776573 100 94 28068 149298531 0 0
# scanned=366506
# found=30
# cleaned=0
# scan_time=17190
sh=078FB2A3E5DE54C3737A4541242A4725C02C6B9C ft=1 fh=d760d12103e04038 vn="a variant of Win32/Adware.MultiPlug.I application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\MiaggnyiPPic\51c7351647449.dll.vir"
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=E08EF6298DB507FC55E944040ECBE7B5AA5CAA6A ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Bekir&Botan\AppData\Local\Google\Chrome\User Data\Default\Extensions\khialnikbocfgkohdegnebhmmaifoglp\1.111_0\contentscript.js.vir"
sh=E08EF6298DB507FC55E944040ECBE7B5AA5CAA6A ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Schule\AppData\Local\Google\Chrome\User Data\Default\Extensions\khialnikbocfgkohdegnebhmmaifoglp\1.111_0\contentscript.js.vir"
sh=B8A15E2B817C650BB246EE96D859D190BC1E2FF5 ft=1 fh=056d0132ff61be3e vn="MSIL/CoinMiner.CM trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Windows\System32\Windows Defender\Definition Update\windef.exe"
sh=4FA174F176A0A3ED0C41BC6A5C54D51FACFB534F ft=1 fh=9d25dcec7d070c82 vn="MSIL/CoinMiner.CN trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Windows\WindowsUpdate\rundll32.exe"
sh=05ED639942CC1E49D422789CE0BAAD7ADD22D1AA ft=0 fh=0000000000000000 vn="MSIL/CoinMiner.CN trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Windows\WindowsUpdate\rundll32.lnk"
sh=AF403E1D2C014FEB5B49354DFFE220A4741EAECA ft=1 fh=ebb6a3c55d41b422 vn="Win32/Adware.Lollipop.H application" ac=I fn="C:\FRST\Quarantine\C\Users\Schule\AppData\Local\Temp\instloffer.exe.xBAD"
sh=EA94BD6973CE722A1EBBD78554A369281FE1A2DE ft=1 fh=33e0d3904fd705f4 vn="multiple threats" ac=I fn="C:\FRST\Quarantine\C\Users\Xebat\AppData\Local\Temp\LyricsPal.exe.xBAD"
sh=5348BD561F3AC044DBBDAA4898D6B9D31FBFF595 ft=1 fh=1b226d3a8e8a5ffc vn="multiple threats" ac=I fn="C:\FRST\Quarantine\C\Users\Xebat\AppData\Local\Temp\lyricstmp.exe.xBAD"
sh=32ADBAC553741526F9F6A537E7A97308D0CD21DF ft=1 fh=08b67f1784dc0558 vn="MSIL/CoinMiner.CN trojan" ac=I fn="C:\ProgramData\AMD\KDB\dwm.exe"
sh=32ADBAC553741526F9F6A537E7A97308D0CD21DF ft=1 fh=08b67f1784dc0558 vn="MSIL/CoinMiner.CN trojan" ac=I fn="C:\Users\All Users\AMD\KDB\dwm.exe"
sh=3F7B7CF08A07483D45A4F5A0A8C64FEE0CFBE6D1 ft=1 fh=b91e9acba36107fd vn="a variant of Win32/AdWare.SpeedingUpMyPC.G application" ac=I fn="C:\Users\Botan\AppData\Local\Temp\is45637729\1974874_stp.EXE"
sh=9D1519C1A54ECB8A55339A5DB040C9CE9C869032 ft=1 fh=21c482d32e956120 vn="a variant of Win32/Injector.AWKK trojan" ac=I fn="C:\Users\Schule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EN1OLNNN\viewtopic[1].php"
sh=49462750C925D892DAB3D690C55CACFBA3ED1894 ft=0 fh=0000000000000000 vn="JS/Kryptik.APU trojan" ac=I fn="C:\Users\Schule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YGXC6DSW\technical[1].htm"
sh=9D1519C1A54ECB8A55339A5DB040C9CE9C869032 ft=1 fh=21c482d32e956120 vn="a variant of Win32/Injector.AWKK trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\Low\bvtray.exe"
sh=E847ABD49144BD4608A580B8D74BA9C7AE0F55BC ft=1 fh=172864099d2e4610 vn="Win32/Agent.UJJ trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmp306f3a4c\23.exe"
sh=BE00A8B0019A19D3B640ABBE3AE9718BB0A9AA45 ft=1 fh=dae9711f88cacd10 vn="a variant of Win32/Kryptik.BAXK trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmp466a6cbe\33.exe"
sh=840FF4A02F82179E23CB1F6DE757CFCE47630003 ft=1 fh=bae0c0a9721e5188 vn="a variant of Win32/Kryptik.BGBE trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmp7922a78e\ut.exe"
sh=840FF4A02F82179E23CB1F6DE757CFCE47630003 ft=1 fh=bae0c0a9721e5188 vn="a variant of Win32/Kryptik.BGBE trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmp7f8588c3\ut.exe"
sh=7630F581221888E622E479C3C4BD446ECAF5A186 ft=1 fh=c101aa4c58d2b03c vn="a variant of Win32/Kryptik.BAOX trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmpb7fbfa3c\13.exe"
sh=AB289788E1B0BB9BB2D60DA086D61B4F631CAA02 ft=1 fh=41148c1388e53a23 vn="a variant of Win32/Kryptik.BAQL trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmpc30cfb44\89.exe"
sh=82BEEA0B3EAF75F1BBF65FBBABF399A97EEE6D55 ft=1 fh=c3a5cb272dbdf656 vn="a variant of Win32/Kryptik.BBAM trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmpd1a23059\34.exe"
sh=0ED353B6D858579DA60611D8B9033230282619E8 ft=1 fh=0e94236bc9e531e0 vn="a variant of Win32/Kryptik.BGBE trojan" ac=I fn="C:\Users\Schule\AppData\Local\Temp\tmpeb897682\14.exe"
sh=445A281D8236F06974CA5455B98A5FDD392A270E ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2013-2423.O trojan" ac=I fn="C:\Users\Schule\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\7f5abc86-7bae5ff1"
sh=436A37E289E55E56F61485E5E248D6F7246221A1 ft=1 fh=f9136369f620230b vn="a variant of Generik.MVICHXB trojan" ac=I fn="C:\Users\Schule\Desktop\Botan\Spam-Bot (Vista & 7).dll"
sh=8E95552B10748C10CEB5EB9C79AA07B05F5852BC ft=1 fh=f91363691ff201c1 vn="a variant of Generik.EUNPGRH trojan" ac=I fn="C:\Users\Schule\Desktop\Botan\Spam-Bot (XP).dll"
sh=E508ACD8F97A24F734F8CE8BA685BCBA296E5C7D ft=1 fh=858fb24a9fdda1dc vn="multiple threats" ac=I fn="C:\Users\Schule\Desktop\Botan\Tools by Unpublished.exe"
sh=23B4190248082916EB94D0304A9231BAB4498BE8 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Users\Xebat\AppData\Local\Temp\che2FC9.tmp"
sh=8781D2528360A4FD04D256B9B752F64BB6B31358 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Users\Xebat\AppData\Local\Temp\che596B.tmp"
Angehängte Grafiken
Dateityp: jpg AVAST_Prüfergebnisse.jpg (85,7 KB, 281x aufgerufen)

 

Themen zu Internetverbindung schlecht, langsamer Computer und einfrieren des PC's
browser, internetverbindung, java/exploit.cve-2013-2423.o, js/kryptik.apu, langsamer computer, mobogenie, mobogenie entfernen, msil/coinminer.cm, msil/coinminer.cn, nationzoom, nationzoom entfernen, seiten, verbindung, win32/adware.addlyrics.f, win32/adware.lollipop.h, win32/adware.multiplug.i, win32/adware.speedingupmypc.g, win32/adware.yontoo.b, win32/agent.ujj, win32/injector.awkk, win32/kryptik.baox, win32/kryptik.baql, win32/kryptik.baxk, win32/kryptik.bbam, win32/kryptik.bgbe, woche


« Windows 7 Ultimate: Google Chrome öffnet von alleine neue Fenster mit Werbung oder neue Tabs | Windows konnte nicht gestartet werden,... »


Ähnliche Themen: Internetverbindung schlecht, langsamer Computer und einfrieren des PC's


  1. Internetverbindung nach einer Zeit immer langsamer und Hoher Ping - Wlan
    Plagegeister aller Art und deren Bekämpfung - 19.09.2015 (24)
  2. langsamer computer
    Log-Analyse und Auswertung - 31.05.2015 (24)
  3. langsamer computer
    Mülltonne - 22.05.2015 (2)
  4. Computer fährt nachts selbstständig hoch und "arbeitet"! Häufiges Einfrieren des gesamten Systems.
    Log-Analyse und Auswertung - 03.02.2015 (11)
  5. Windows 7 erhalte ständig spammails auf outlook und internetverbindung läuft langsamer
    Log-Analyse und Auswertung - 02.11.2014 (17)
  6. Virus auf dem Pc? Anfängliches Ruckeln wird zu Einfrieren des Pcs und sehr langsamer Geschwindigkeit!
    Plagegeister aller Art und deren Bekämpfung - 28.09.2014 (13)
  7. Langsamer PC, oft ohne jeglichen Grund einfrieren, Probleme beim booten
    Log-Analyse und Auswertung - 07.06.2014 (26)
  8. Computer verliert immer wieder Internetverbindung
    Log-Analyse und Auswertung - 03.05.2014 (9)
  9. Internetverbindung nach einer Zeit immer langsamer High Ping Erkennt ihr was?
    Log-Analyse und Auswertung - 18.08.2013 (5)
  10. Internetverbindung nach einer Zeit immer langsamer und Hoher Ping
    Netzwerk und Hardware - 16.08.2013 (1)
  11. Sehr langsamer Computer
    Log-Analyse und Auswertung - 08.11.2011 (1)
  12. PC sowie Internetverbindung ist merklich langsamer geworden, bin ich infiziert?
    Log-Analyse und Auswertung - 29.07.2011 (19)
  13. Langsamer Computer
    Log-Analyse und Auswertung - 16.05.2011 (1)
  14. Internetverbindung wird im Laufe der Sitzung langsamer
    Log-Analyse und Auswertung - 11.01.2009 (0)
  15. Internetverbindung wird langsamer
    Log-Analyse und Auswertung - 01.10.2008 (0)
  16. e-scan-Ergebnis: schlecht od. schlecht?
    Log-Analyse und Auswertung - 01.07.2008 (6)
  17. Internetverbindung langsamer als gewöhnlich
    Log-Analyse und Auswertung - 22.03.2008 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Internetverbindung schlecht, langsamer Computer und einfrieren des PC's - Was is IE9 und ServicePack1? und ja der Computer funktioniert schon deutlich besser. Fixlog.txt Code: Alles auswählen Aufklappen ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) - Internetverbindung schlecht, langsamer Computer und einfrieren des PC's...
Archiv
Du betrachtest: Internetverbindung schlecht, langsamer Computer und einfrieren des PC's auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132