Hallo,
kann mir jemand bitte helfen. Bei meinem Internet Explorer erscheint als Startseite http://www.web--search.com/ und läßt sich nicht ändern. Außerdem erscheint sowohl im Explorer als auch beim Arbeitsplatz eine "Search Bar" mit Links zu "Dating", "Pharmacy", ua.

Logfile of HijackThis v1.99.0
Scan saved at 20:38:51, on 24.01.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\System32\P2P Networking\P2P Networking.exe
D:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\MsPMSPSv.exe
D:\Programme\Gemeinsame Dateien\GMT\GMT.exe
D:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
D:\WINDOWS\system32\ZONELABS\vsmon.exe
D:\Dokumente und Einstellungen\jork\Eigene Dateien\Torsten\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web--search.com
R3 - URLSearchHook: StartBHO Class - {30192F8D-0958-44E6-B54D-331FD39AC959} - D:\WINDOWS\webdlg32.dll
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - D:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: StartBHO Class - {30192F8D-0958-44E6-B54D-331FD39AC959} - D:\WINDOWS\webdlg32.dll
O2 - BHO: Explorer Class - {962F12AE-2773-4BEB-99EA-B5C3AB9A6606} - D:\WINDOWS\System32\DSMANA~1.DLL
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - D:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - D:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Search Bar - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - D:\WINDOWS\webdlg32.dll
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - D:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O4 - HKLM\..\Run: [P2P Networking] D:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [CMESys] "D:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programme\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programme\Java\jre1.5.0\bin\npjpi150.dll
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O23 - Service: AntiVir Service - H+BEDV Datentechnik GmbH - D:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - D:\WINDOWS\system32\ZONELABS\vsmon.exe

Einige Malware auf dem System: eScan durchführen.

Zitat:

Neuen Ordner "bases" auf "c:\" erstellen. eScan downloaden. Mit Zip-Programm in neuen Ordner entpacken. Anleitung beachten. eScan online updaten, offline im abgesicherten Modus ausführen. Dauer des Scans ca 1 Stunde. Scan dient dem Aufspüren von Malware, wird bei kostenloser Version nicht entfernt. Kann manuell erledigt werden. Aus der mwav.log (oder die mwXface.log) [im Ordner c:\bases] angeben:

=>Total Number of Files Scanned:
=>Total Number of Virus(es) Found:

zuzüglich die Namen der Viren: -> bearbeiten -> suchen -> infected eingeben -> weitersuchen -> Treffer markieren/kopieren -> ins Forum übertragen.

Ich habe EScan AntiVirus bei mir laufen lassen und es wurden 57 Viren gefunden!

Hier die Log Informationen:
File D:\WINDOWS\System32\DSMANA~1.DLL infected by "not-a-virus:AdWare.BHO.SearchAssistant.b" Virus. Action Taken: No Action Taken.
File D:\WINDOWS\webdlg32.dll infected by "not-a-virus:AdWare.ToolBar.SBSoft.g" Virus. Action Taken: No Action Taken.
File D:\Programme\MyWay\myBar\1.bin\MYBAR.DLL infected by "not-a-virus:AdWare.ToolBar.MyWay.g" Virus. Action Taken: No Action Taken.
File D:\PROGRA~1\GEMEIN~1\CMEII\CMESys.exe infected by "not-a-virus:AdWare.Gator.5115" Virus. Action Taken: No Action Taken.
File D:\PROGRA~1\GEMEIN~1\CMEII\GIocl.dll infected by "not-a-virus:AdWare.Gator.5115" Virus. Action Taken: No Action Taken.
File D:\PROGRA~1\GEMEIN~1\CMEII\GStore.dll infected by "not-a-virus:AdWare.Gator.6051" Virus. Action Taken: No Action Taken.
File D:\PROGRA~1\GEMEIN~1\CMEII\GIOCLC~1.DLL infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
File d:\PROGRA~1\GEMEIN~1\cmeii\gdwldeng.dll infected by "not-a-virus:AdWare.Gator.3124" Virus. Action Taken: No Action Taken.
File d:\PROGRA~1\GEMEIN~1\cmeii\gmtproxy.dll infected by "not-a-virus:AdWare.Gator.5115" Virus. Action Taken: No Action Taken.
File D:\PROGRA~1\GEMEIN~1\GMT\GMT.exe infected by "not-a-virus:AdWare.Gator.4203" Virus. Action Taken: No Action Taken.
File D:\PROGRA~1\GEMEIN~1\GMT\EGNSEN~1.DLL infected by "not-a-virus:AdWare.Gator.5017" Virus. Action Taken: No Action Taken.
File D:\PROGRA~1\GEMEIN~1\GMT\EGGCEN~1.DLL infected by "not-a-virus:AdWare.Gator.5017" Virus. Action Taken: No Action Taken.
File D:\Programme\MyWay\myBar\1.bin\MYBAR.DLL infected by "not-a-virus:AdWare.ToolBar.MyWay.g" Virus. Action Taken: No Action Taken.
File D:\WINDOWS\webdlg32.dll infected by "not-a-virus:AdWare.ToolBar.SBSoft.g" Virus. Action Taken: No Action Taken.
File D:\WINDOWS\System32\DSMANA~1.DLL infected by "not-a-virus:AdWare.BHO.SearchAssistant.b" Virus. Action Taken: No Action Taken.
File D:\PROGRA~1\GEMEIN~1\CMEII\CMESys.exe infected by "not-a-virus:AdWare.Gator.5115" Virus. Action Taken: No Action Taken.
File D:\WINDOWS\System32\dsmanager.dll infected by "not-a-virus:AdWare.BHO.SearchAssistant.b" Virus. Action Taken: No Action Taken.
File D:\WINDOWS\System32\cd_clint.dll infected by "not-a-virus:AdWare.Cydoor" Virus. Action Taken: No Action Taken.
File D:\WINDOWS\System32\KILLAPPS.EXE tagged as not-a-virus:RiskWare.Tool.KillApp.b. No Action Taken.
File D:\DOKUME~1\jork\LOKALE~1\Temp\ADMCache\adm18.tmp infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{47D75F84-D4DD-4BA6-A110-A65093180A77}\RP2\A0001684.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File C:\System Volume Information\_restore{47D75F84-D4DD-4BA6-A110-A65093180A77}\RP2\A0007663.EXE infected by "I-Worm.Desos.a" Virus. Action Taken: No Action Taken.
File C:\Program Files\Altnet\Download Manager\adm25.dll infected by "not-a-virus:AdWare.Altnet.a" Virus. Action Taken: No Action Taken.
File C:\Program Files\Altnet\Download Manager\adm4005.exe infected by "not-a-virus:AdWare.Altnet.a" Virus. Action Taken: No Action Taken.
File C:\Program Files\Altnet\Download Manager\adm4.dll infected by "not-a-virus:AdWare.Altnet.a" Virus. Action Taken: No Action Taken.
File C:\Program Files\Altnet\Download Manager\admprog.dll infected by "not-a-virus:AdWare.Altnet.a" Virus. Action Taken: No Action Taken.
File C:\Program Files\Altnet\Download Manager\asmps.dll infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.
File C:\Program Files\Altnet\Points Manager\sysdetect.dll infected by "not-a-virus:AdWare.BrilliantDigital.1007" Virus. Action Taken: No Action Taken.
File D:\WINDOWS\system32\dsmanager.dll infected by "not-a-virus:AdWare.BHO.SearchAssistant.b" Virus. Action Taken: No Action Taken.
File D:\WINDOWS\system32\cd_clint.dll infected by "not-a-virus:AdWare.Cydoor" Virus. Action Taken: No Action Taken.
File D:\WINDOWS\system32\KILLAPPS.EXE tagged as not-a-virus:RiskWare.Tool.KillApp.b. No Action Taken.
File D:\WINDOWS\Temp\Altnet\Setup.exe infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.
File D:\WINDOWS\Temp\Altnet\adm4.dll infected by "not-a-virus:AdWare.Altnet.a" Virus. Action Taken: No Action Taken.
File D:\WINDOWS\Temp\Altnet\adm25.dll infected by "not-a-virus:AdWare.Altnet.a" Virus. Action Taken: No Action Taken.
File D:\WINDOWS\Temp\Altnet\adm.exe infected by "not-a-virus:AdWare.Altnet.a" Virus. Action Taken: No Action Taken.
File D:\WINDOWS\Temp\Altnet\admprog.dll infected by "not-a-virus:AdWare.Altnet.a" Virus. Action Taken: No Action Taken.
File D:\WINDOWS\Temp\Altnet\mysearch.cab infected by "not-a-virus:AdWare.ToolBar.MyWay.g" Virus. Action Taken: No Action Taken.
File D:\WINDOWS\Temp\Altnet\pmfiles.cab infected by "not-a-virus:AdWare.BrilliantDigital.1007" Virus. Action Taken: No Action Taken.
File D:\Dokumente und Einstellungen\jork\Lokale Einstellungen\Temp\ADMCache\adm18.tmp infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.
File D:\Dokumente und Einstellungen\jork\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SMVOVTRW\asmfiles[1].cab infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.
File D:\Programme\Gemeinsame Dateien\GMT\GMT.exe infected by "not-a-virus:AdWare.Gator.4203" Virus. Action Taken: No Action Taken.
File D:\Programme\Gemeinsame Dateien\GMT\GatorStubSetup.exe infected by "not-a-virus:AdWare.Gator.5115" Virus. Action Taken: No Action Taken.
File D:\Programme\Gemeinsame Dateien\GMT\GUninstaller.exe infected by "not-a-virus:AdWare.Gator.5115" Virus. Action Taken: No Action Taken.
File D:\Programme\Gemeinsame Dateien\GMT\egIEEngine.dll infected by "not-a-virus:AdWare.Gator.5017" Virus. Action Taken: No Action Taken.
File D:\Programme\Gemeinsame Dateien\GMT\EGNSEngine.dll infected by "not-a-virus:AdWare.Gator.5017" Virus. Action Taken: No Action Taken.
File D:\Programme\Gemeinsame Dateien\GMT\EGGCEngine.dll infected by "not-a-virus:AdWare.Gator.5017" Virus. Action Taken: No Action Taken.
File D:\Programme\Gemeinsame Dateien\CMEII\GDwldEng.dll infected by "not-a-virus:AdWare.Gator.3124" Virus. Action Taken: No Action Taken.
File D:\Programme\Gemeinsame Dateien\CMEII\GIocl.dll infected by "not-a-virus:AdWare.Gator.5115" Virus. Action Taken: No Action Taken.
File D:\Programme\Gemeinsame Dateien\CMEII\GIoclClient.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
File D:\Programme\Gemeinsame Dateien\CMEII\GMTProxy.dll infected by "not-a-virus:AdWare.Gator.5115" Virus. Action Taken: No Action Taken.
File D:\Programme\Gemeinsame Dateien\CMEII\GStore.dll infected by "not-a-virus:AdWare.Gator.6051" Virus. Action Taken: No Action Taken.
File D:\Programme\Kazaa\TopSearch.dll infected by "not-a-virus:AdWare.Altnet.d" Virus. Action Taken: No Action Taken.
File D:\Programme\MyWay\myBar\1.bin\MY2NS.EXE infected by "not-a-virus:AdWare.Toolbar.MyWay.b" Virus. Action Taken: No Action Taken.
File D:\Programme\MyWay\myBar\1.bin\NPMYWAY.DLL infected by "not-a-virus:AdWare.ToolBar.MyWay.f" Virus. Action Taken: No Action Taken.
File D:\System Volume Information\_restore{47D75F84-D4DD-4BA6-A110-A65093180A77}\RP38\A0011678.EXE infected by "Backdoor.Win32.Rbot.gen" Virus. Action Taken: No Action Taken.
File D:\System Volume Information\_restore{47D75F84-D4DD-4BA6-A110-A65093180A77}\RP38\A0011871.exe infected by "Backdoor.Win32.Rbot.gen" Virus. Action Taken: No Action Taken.
File D:\Program Files\Altnet\Download Manager\asmps.dll infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.

Was soll ich mit den Dateien machen?

oh..
Backdoor.Win32.Rbot.gen und RiskWare.Tool.KillApp.b drauf.
da gibts wirklich keine andere sichere möglichkeit mehr als neuinstallation
befolge außerdem diese Anleitung

OK. Vielen Dank für die Hilfe. Dann werde ich mich wohl mal an eine Neuinstallation machen.