Werbeseiten in Firefox

Hallo,

seit einiger Zeit habe ich das Problem, dass sich Werbeseiten während dem surfen im Internet öffnen.

Beispiel:

Ich gehe auf amazon.de und schaue mir einen Buch an, nebenbei öffnet sich im Hintergrund “Conrad Electronics…”

[IMG]http://s2.imgimg.de/uploads/computerforum10f09bc7ajpg.jpg[/IMG]

[IMG]http://s2.imgimg.de/uploads/computerforum26719e033jpg.jpg[/IMG]

man achte z.B. auf das Symbol links oben im zweiten Bild.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:48:21, on 18.09.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\dokumente und einstellungen\marius\lokale einstellungen\anwendungsdaten\pikdfea.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\ICQ6.5\ICQ.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL]www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=6061228[/URL]
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [URL]http://www.n24.de/[/URL]
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL]http://go.microsoft.com/fwlink/?LinkId=69157[/URL]
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [URL]http://go.microsoft.com/fwlink/?LinkId=54896[/URL]
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [URL]http://go.microsoft.com/fwlink/?LinkId=54896[/URL]
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [URL]http://go.microsoft.com/fwlink/?LinkId=69157[/URL]
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 – HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = [URL]www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=6061228[/URL]
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 – URLSearchHook: SearchSettings Class – {E312764E-7706-43F1-8DAB-FCDD2B1E416D} – C:\Programme\Search Settings\kb128\SearchSettings.dll
O2 – BHO: Adobe PDF Reader – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 – BHO: IEVkbdBHO – {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} – C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 – BHO: DriveLetterAccess – {5CA3D70E-1895-11CF-8E15-001234567890} – C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 – BHO: Groove GFS Browser Helper – {72853161-30C5-4D22-B7F9-0BBC1D38A37E} – C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 – BHO: Windows Live Anmelde-Hilfsprogramm – {9030D464-4C02-4ABF-8ECC-5164760863C6} – C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58-01DD-4d91-8333-CF10577473F7} – C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O2 – BHO: Google Toolbar Notifier BHO – {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} – C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 – BHO: Google Dictionary Compression sdch – {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} – C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 – BHO: CBrowserHelperObject Object – {CA6319C0-31B7-401E-A518-A07C3DB8F777} – C:\Programme\BAE\BAE.dll
O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 – BHO: SearchSettings Class – {E312764E-7706-43F1-8DAB-FCDD2B1E416D} – C:\Programme\Search Settings\kb128\SearchSettings.dll
O2 – BHO: kikin Plugin – {E601996F-E400-41CA-804B-CD6373A7EEE2} – C:\Programme\kikin\ie_kikin.dll (file missing)
O2 – BHO: JQSIEStartDetectorImpl – {E7E6F031-17CE-4C07-BC86-EABFE594F69C} – C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 – Toolbar: Zonelink iClip Recorder – {6D685611-B7A8-4B4C-A161-346390B5189C} – C:\PROGRA~1\CLIPVI~1\ICLIPV~1\ICLIPI~1.DLL
O3 – Toolbar: Google Toolbar – {2318C2B1-4965-11d4-9B18-009027A5CD4F} – C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O4 – HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 – HKLM\..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 – HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 – HKLM\..\Run: [ISUSScheduler] “C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe” -start
O4 – HKLM\..\Run: [AVP] “C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe”
O4 – HKLM\..\Run: [SunJavaUpdateSched] “C:\Programme\Java\jre6\bin\jusched.exe”
O4 – HKLM\..\Run: [QuickTime Task] “C:\Programme\QuickTime\QTTask.exe” -atboottime
O4 – HKLM\..\Run: [iTunesHelper] “C:\Programme\iTunes\iTunesHelper.exe”
O4 – HKCU\..\Run: [RocketDock] “C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe”
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [pikdfea] “c:\dokumente und einstellungen\marius\lokale einstellungen\anwendungsdaten\pikdfea.exe” pikdfea
O4 – HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 – HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘LOKALER DIENST’)
O4 – HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘NETZWERKDIENST’)
O4 – HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 – HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 – Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O8 – Extra context menu item: Hinzufügen zu Anti-Banner – C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 – Extra context menu item: Nach Microsoft E&xel exportieren – res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 – Extra button: (no name) – {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} – C:\Programme\kikin\ie_kikin.dll (file missing)
O9 – Extra ‘Tools’ menuitem: My kikin – {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} – C:\Programme\kikin\ie_kikin.dll (file missing)
O9 – Extra button: Statistik für den Schutz des Web-Datenverkehrs – {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} – C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 – Extra button: An OneNote senden – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 – Extra ‘Tools’ menuitem: An OneNote s&enden – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 – Extra button: Real.com – {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} – C:\WINDOWS\system32\Shdocvw.dll
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra button: ICQ6 – {E59EB121-F339-4851-A3BA-FE49C35617C2} – C:\Programme\ICQ6.5\ICQ.exe
O9 – Extra ‘Tools’ menuitem: ICQ6 – {E59EB121-F339-4851-A3BA-FE49C35617C2} – C:\Programme\ICQ6.5\ICQ.exe
O9 – Extra button: PartyPoker.net – {F4430FE8-2638-42e5-B849-800749B94EED} – C:\Programme\Spiele\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 – Extra ‘Tools’ menuitem: PartyPoker.net – {F4430FE8-2638-42e5-B849-800749B94EED} – C:\Programme\Spiele\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Programme\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Programme\Messenger\msmsgs.exe
O16 – DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) – [URL]http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab[/URL]
O16 – DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) – [URL]http://www.creative.com/su/ocx/15031/CTSUEng.cab[/URL]
O16 – DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) – [URL]http://gamingzone.ubisoft.com/dev/packages/GSManager.cab[/URL]
O16 – DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) – [URL]http://launch.gamespyarcade.com/software/launch/alaunch.cab[/URL]
O16 – DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) – [URL]http://acs.pandasoftware.com/activescan/as5free/asinst.cab[/URL]
O16 – DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) – [URL]http://static.pe.schuelervz.net/photouploader/ImageUploader5.cab?nocache=1205774265[/URL]
O16 – DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) – [URL]http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab[/URL]
O16 – DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) – [URL]http://www.creative.com/su/ocx/15034/CTPID.cab[/URL]
O18 – Protocol: grooveLocalGWS – {88FED34C-F0CA-4636-A375-3CB6248B04CD} – C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
O18 – Protocol: skype4com – {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} – C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O18 – Filter: x-sdch – {B1759355-3EEC-4C1E-B0F1-B719FE26E377} – C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 – AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O21 – SSODL: wmphost – {B9B36DD7-4AE8-44DF-ACED-7141F61039D1} – (no file)
O23 – Service: Apple Mobile Device – Apple Inc. – C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\system32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: Kaspersky Internet Security (avp) – Kaspersky Lab – C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 – Service: Google Software Updater (gusvc) – Google – C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 – Service: iPod-Dienst (iPod Service) – Apple Inc. – C:\Programme\iPod\bin\iPodService.exe
O23 – Service: Java Quick Starter (JavaQuickStarterService) – Sun Microsystems, Inc. – C:\Programme\Java\jre6\bin\jqs.exe
O23 – Service: PnkBstrA – Unknown owner – C:\WINDOWS\system32\PnkBstrA.exe
O23 – Service: StarWind AE Service (StarWindServiceAE) – Rocket Division Software – C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


End of file – 11296 bytes

Vielen Dank für eure Antworten.

Leave a Reply

Your email address will not be published. Required fields are marked *