weiterleitung zu anderen webseiten

Rebirth12

hallo

ich hab ein problem wie schon mehrmals beschrieben auf dem board.
wenn ich einen suchbegriff eingebe bei google habe ich das problem das ich auf andere seiten weitergeleitet werde. meistens otto, neckerman, pornoseiten, e-bay, oder seiten wo mein virusprogramm sofort alarm schlägt.
ich hab leider keine ahnung wie ich das wieder weg bekomme
würde mich freuen wenn mir jemand helfen könnte.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:45:14, on 21.02.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\ZoneLabs\vsmon.exe
E:\Programme\Alwil Software\Avast4\aswUpdSv.exe
E:\Programme\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\brsvc01a.exe
E:\WINDOWS\system32\brss01a.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Programme\Creative\Shared Files\CTAudSvc.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\CTsvcCDA.exe
E:\Programme\Google\Update\GoogleUpdate.exe
E:\WINDOWS\system32\LckFldService.exe
E:\Programme\NVIDIA Corporation\nTune\nTuneService.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\Programme\CyberLink\Shared files\RichVideo.exe
E:\WINDOWS\System32\TUProgSt.exe
E:\Programme\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
E:\WINDOWS\SYSTEM32\CTXFISPI.EXE
E:\WINDOWS\system32\CTHELPER.EXE
E:\WINDOWS\system32\CTXFIHLP.EXE
E:\Programme\ROCCAT\Kone Mouse\KoneHID.EXE
E:\Programme\Microsoft IntelliType Pro\itype.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Programme\Alwil Software\Avast4\ashMaiSv.exe
E:\Programme\Alwil Software\Avast4\ashDisp.exe
E:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
E:\Programme\Alwil Software\Avast4\ashWebSv.exe
E:\Programme\ROCCAT\Kone Mouse\osd.exe
E:\WINDOWS\system32\svchost.exe
E:\Programme\Microsoft IntelliType Pro\dpupdchk.exe
E:\Programme\Winamp\winamp.exe
E:\Programme\Mozilla Firefox\firefox.exe
E:\Programme\VideoLAN\VLC\vlc.exe
E:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yodl.de/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: Shell=
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - E:\Programme\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - E:\Programme\TechSmith\SnagIt 9\SnagItIEAddin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [AsusStartupHelp] E:\Programme\ASUS\AASP\1.00.17\AsRunHelp.exe
O4 - HKLM\..\Run: [VolPanel] "E:\Programme\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SSBkgdUpdate] "E:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Kone] "E:\Programme\ROCCAT\Kone Mouse\KoneHID.EXE"
O4 - HKLM\..\Run: [itype] "E:\Programme\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TrojanScanner] E:\Programme\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [avast!] "E:\Programme\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "E:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [NVIDIA nTune] "E:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programme\Messenger\msmsgs.exe
O9 - Extra button: Klicke hier um das Projekt xp-AntiSpy zu unterstützen - {0e921e80-267a-42aa-aee4-60b9a1222a44} - E:\Programme\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
O9 - Extra 'Tools' menuitem: Unterstützung für xp-AntiSpy - {0e921e80-267a-42aa-aee4-60b9a1222a44} - E:\Programme\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Programme\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - E:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe (file missing)
O23 - Service: Automatisches LiveUpdate - Scheduler - Unknown owner - E:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: avast! Antivirus - ALWIL Software - E:\Programme\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Programme\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Programme\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - E:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - E:\Programme\Gemeinsame Dateien\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - E:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - E:\Programme\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Google Update Service (gupdate1c9884ccd7293a0) (gupdate1c9884ccd7293a0) - Google Inc. - E:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LckFldService - Unknown owner - E:\WINDOWS\system32\LckFldService.exe
O23 - Service: LiveUpdate Notice Service - Unknown owner - E:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (file missing)
O23 - Service: Norton Internet Security - Unknown owner - E:\Programme\Norton Internet Security\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe (file missing)
O23 - Service: nTune Service (nTuneService) - NVIDIA - E:\Programme\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - E:\Programme\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - E:\Programme\Gemeinsame Dateien\PCSuite\Services\ServiceLayer.exe
O23 - Service: Symantec Core LC - Unknown owner - E:\PROGRA~1\GEMEIN~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - E:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - E:\WINDOWS\System32\TUProgSt.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - E:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 8961 bytes