Trojaner-Board - Windows XP: Websiten werden auf QVO6 umgeleitet

Hallo,
anbei das Lgfile von FSS:

Der Rechner hat heute vom drücken des Startknopfes bis zum erscheinen der Startseite ganze 14 Minuten benötigt. Die Programme (Microsoft Outlook, Internet Explorer usw...) benötigen jeweils min. 2-4 Minuten zum öffnen - echt übel.
Irgendwas ist seit dem Trojaner beschädigt.....
Code:
Farbar Service Scanner Version: 04-08-2013

Ran by Meiner (administrator) on 08-08-2013 at 10:26:11

Running from "D:\Downloads"

Microsoft Windows XP Professional Service Pack 3 (X86)

Boot Mode: Normal

****************************************************************
 

Internet Services:

============
 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.
 
 

Windows Firewall:

=============
 

Firewall Disabled Policy: 

==================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall"=DWORD:0
 
 

System Restore:

============
 

System Restore Disabled Policy: 

========================
 
 

Security Center:

============
 
 

Windows Update:

============
 

Windows Autoupdate Disabled Policy: 

============================
 
 

File Check:

========

C:\WINDOWS\system32\dhcpcsvc.dll

[2004-08-04 14:00] - [2008-04-14 07:52] - 0127488 ____A (Microsoft Corporation) C29A1C9B75BA38FA37F8C44405DEC360
 

C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit

C:\WINDOWS\system32\dnsrslvr.dll

[2004-08-04 14:00] - [2009-04-20 19:17] - 0045568 ____A (Microsoft Corporation) 407F3227AC618FD1CA54B335B083DE07
 

C:\WINDOWS\system32\ipnathlp.dll

[2004-08-04 14:00] - [2008-04-14 07:52] - 0334336 ____A (Microsoft Corporation) CAD058D5F8B889A87CA3EB3CF624DCEF
 

C:\WINDOWS\system32\netman.dll

[2004-08-04 14:00] - [2008-04-14 07:52] - 0198144 ____A (Microsoft Corporation) E6D88F1F6745BF00B57E7855A2AB696C
 

C:\WINDOWS\system32\wbem\WMIsvc.dll

[2010-10-23 15:01] - [2008-04-14 07:52] - 0145408 ____A (Microsoft Corporation) 6F3F3973D97714CC5F906A19FE883729
 

C:\WINDOWS\system32\srsvc.dll

[2010-10-23 15:02] - [2008-04-14 07:52] - 0171520 ____A (Microsoft Corporation) FE77A85495065F3AD59C5C65B6C54182
 

C:\WINDOWS\system32\Drivers\sr.sys

[2010-10-23 15:02] - [2008-04-14 07:32] - 0073472 ____A (Microsoft Corporation) 50FA898F8C032796D3B1B9951BB5A90F
 

C:\WINDOWS\system32\wscsvc.dll

[2004-08-04 14:00] - [2008-04-14 07:52] - 0080896 ____A (Microsoft Corporation) 300B3E84FAF1A5C1F791C159BA28035D
 

C:\WINDOWS\system32\wbem\WMIsvc.dll

[2010-10-23 15:01] - [2008-04-14 07:52] - 0145408 ____A (Microsoft Corporation) 6F3F3973D97714CC5F906A19FE883729
 

C:\WINDOWS\system32\wuauserv.dll

[2010-10-23 15:03] - [2008-04-14 07:52] - 0006656 ____A (Microsoft Corporation) 7B4FE05202AA6BF9F4DFD0E6A0D8A085
 

C:\WINDOWS\system32\qmgr.dll

[2010-10-23 15:03] - [2008-04-14 07:52] - 0409088 ____A (Microsoft Corporation) D6F603772A789BB3228F310D650B8BD1
 

C:\WINDOWS\system32\es.dll

[2004-08-04 14:00] - [2008-07-07 22:26] - 0253952 ____A (Microsoft Corporation) AF4F6B5739D18CA7972AB53E091CBC74
 

C:\WINDOWS\system32\cryptsvc.dll

[2004-08-04 14:00] - [2008-04-14 07:52] - 0062464 ____A (Microsoft Corporation) 611F824E5C703A5A899F84C5F1699E4D
 

C:\WINDOWS\system32\svchost.exe

[2004-08-04 14:00] - [2008-04-14 07:53] - 0014336 ____A (Microsoft Corporation) 4FBC75B74479C7A6F829E0CA19DF3366
 

C:\WINDOWS\system32\rpcss.dll

[2004-08-04 14:00] - [2009-02-09 12:51] - 0401408 ____A (Microsoft Corporation) 3127AFBF2C1ED0AB14A1BBB7AAECB85B
 

C:\WINDOWS\system32\services.exe

[2004-08-04 14:00] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) A3EDBE9053889FB24AB22492472B39DC
 
 

Extra List:

=======

Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4) 

0x0900000005000000010000000200000003000000040000005A000000080000000600000007000000

IpSec Tag value is correct.
 

**** End of log ****