Hallo!!

Seit ein paar Tagen habe ich als Startseite das Quick Web Search!!

Ich habe schon alles versucht um dies zu ändern, jedoch ohne Erfolg!!

In der Systemsteuerung/Software habe ich seit neuem auch 2 Programme, die ich nicht installiert habe --> Search Extender, Shopping Wizard!!

Logfile of HijackThis v1.99.1
Scan saved at 21:00:07, on 14.05.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\F-Secure\Common\FSAA.EXE
C:\Programme\F-Secure\Common\FSMA32.EXE
C:\Programme\F-Secure\Common\FSMB32.EXE
C:\Programme\F-Secure\Common\FCH32.EXE
C:\Programme\F-Secure\Common\FAMEH32.EXE
C:\Programme\F-Secure\Common\FSGK32.EXE
C:\Programme\F-Secure\Common\FNRB32.EXE
C:\Programme\F-Secure\Common\FIH32.EXE
C:\Programme\F-Secure\Anti-Virus\fsav32.exe
C:\Programme\Java\jre1.5.0_02\bin\jusched.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Messenger\msmsgs.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Dokumente und Einstellungen\da_maxl\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für hijackthis_199.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\oqpam.dll/sp.html#12047
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\oqpam.dll/sp.html#12047
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\oqpam.dll/sp.html#12047
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\oqpam.dll/sp.html#12047
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\oqpam.dll/sp.html#12047
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\oqpam.dll/sp.html#12047
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {B26F49F1-4D20-81BE-1DE2-CF4D74E0AC6B} - C:\WINDOWS\system32\javaio32.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programme\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [IEXPLORE.EXE] C:\Programme\Internet Explorer\IEXPLORE.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1114536478717
O23 - Service: Workstation NetLogon Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\d3qv.exe (file missing)
O23 - Service: BackWeb Client - Unknown owner - C:\Programme\F-Secure\BackWeb\BackWeb\Program\ServiceWrapper.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Programme\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation - C:\Programme\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Programme\F-Secure\Common\FSMA32.EXE

Bitte um Hilfe!!!!

Hallo da_maxl,

dein System ist nicht up to date! Warum?

Deinstalliere Search Extender und Shopping Wizard. Wende anschließend den Cleaner an.

Lade und scanne mit eScan AntiVirus im abgesicherten Modus und poste uns die Virus Log Information, ebenso ein aktuelles HJT Log-File.

Hier die Sachen,die escan bei mir gefunden hat:

File System Found infected by "sw Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "CoolWebSearch Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "hsa Spyware/Adware" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\appkg.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\atlem32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\crdh.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\crsq32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ipcj.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\javaaa32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\javamx.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\javath32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\mfcky.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\mfcmz.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\msnn32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\msoo32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ntyd32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ntye32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\sdkzo.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\winqc32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\apikg.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\apizb.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\atlpc.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\cron32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\crrv32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\d3fs32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\iept32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\ipla.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\mfchp.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\mfcom.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\oqpam.dll infected by "not-a-virus:AdWare.SearchPage" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\winbr32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\winii.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\winou32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\da_maxl\LOKALE~1\Temp\1.tmp infected by "Trojan-Downloader.Win32.WinShow.ay" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\da_maxl\LOKALE~1\TEMPOR~1\Content.IE5\05RT1UQ4\ysb_prompt[2].php infected by "Trojan-Downloader.JS.IstBar.j" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\da_maxl\LOKALE~1\TEMPOR~1\Content.IE5\EZ8XB1YK\xxx[1].jpg infected by "Trojan-Downloader.Win32.Small.ats" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\da_maxl\LOKALE~1\TEMPOR~1\Content.IE5\XRNVHL4E\get[1].gif infected by "Trojan-Downloader.Win32.WinShow.ay" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\da_maxl\Lokale Einstellungen\Temp\1.tmp infected by "Trojan-Downloader.Win32.WinShow.ay" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\da_maxl\Lokale Einstellungen\Temporary Internet Files\Content.IE5\05RT1UQ4\ysb_prompt[2].php infected by "Trojan-Downloader.JS.IstBar.j" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\da_maxl\Lokale Einstellungen\Temporary Internet Files\Content.IE5\EZ8XB1YK\xxx[1].jpg infected by "Trojan-Downloader.Win32.Small.ats" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\da_maxl\Lokale Einstellungen\Temporary Internet Files\Content.IE5\XRNVHL4E\get[1].gif infected by "Trojan-Downloader.Win32.WinShow.ay" Virus. Action Taken: No Action Taken.
File C:\ms32.tmp infected by "Trojan-Downloader.Win32.Small.ats" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{36A89F5F-465E-4A2D-A63F-C03154F504C2}\RP31\A0001190.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{36A89F5F-465E-4A2D-A63F-C03154F504C2}\RP31\A0001203.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\appkg.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\atlem32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\crdh.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\crsq32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ipcj.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\javaaa32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\javamx.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\javath32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\mfcky.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\mfcmz.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\msnn32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\msoo32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ntyd32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ntye32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\sdkzo.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\apikg.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\apizb.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\atlpc.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\cron32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\crrv32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\d3fs32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\iept32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\ipla.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\mfchp.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\mfcom.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\oqpam.dll infected by "not-a-virus:AdWare.SearchPage" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\winbr32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\winii.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\winou32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\winqc32.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: No Action Taken.

Aja und Search Extender und Shopping Wizard kann ich nicht deinstallieren!!