Brauche Hilfe Zu enjoysearch.info/

#1 Erstmal will ich sagen das ich unter der suchfunktion nichts gefunden habe, der auch diesen Fehler hat!!!!
ich habe wirklich schon viel versucht...mit fast jeden prog.
aber es funktioniert net!!!

ich brauch dringend hilfe und das sofort!

und hier meine log file....


Logfile of HijackThis v1.97.7
Scan saved at 22:42:36, on 04.06.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\System32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
G:\Norten internet security\NISUM.EXE
E:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
G:\antivir\AVGNT.EXE
E:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
G:\icq\ICQLite\ICQLite.exe
E:\WINDOWS\jushed32.exe
E:\dokume~1\soldberg\anwend~1\services.exe
E:\Programme\MSN Messenger\MsnMsgr.Exe
G:\tuneup\MemOptimizer.exe
J:\POPUPS~1\POPUPS~1\POP-UP~1\POPUPS~1.EXE
G:\antivir\AVGUARD.EXE
G:\antivir\AVWUPSRV.EXE
G:\Norten internet security\ccPxySvc.exe
F:\maps patches\team speak\teamspeak2_RC2\teamspeak2_RC2\TeamSpeak.exe
G:\leech ftp\Leechftp.exe
E:\WINDOWS\System32\svchost.exe
E:\Dokumente und Einstellungen\Soldberg\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmyrequest.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.enjoysearch.info/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.enjoysearch.info/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.enjoysearch.info/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.enjoysearch.info
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.enjoysearch.info/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.enjoysearch.info/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.enjoysearch.info
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.enjoysearch.info/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.enjoysearch.info
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.enjoysearch.info/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.enjoysearch.info/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.enjoysearch.info/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.enjoysearch.info
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.enjoysearch.info/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\adobe\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {424E25FE-79C0-45B9-ABEF-DEC83E223C20} - (no file)
O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ATIPTA] E:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AVGCtrl] G:\antivir\AVGNT.EXE /min
O4 - HKLM\..\Run: [ccApp] "E:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "E:\Programme\Gemeinsame Dateien\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ICQ Lite] G:\icq\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [NeroCheck] E:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "G:\clonecd\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [System Update2] e:\dokume~1\soldberg\anwend~1\services.exe
O4 - HKCU\..\Run: [MsnMsgr] "E:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "G:\tuneup\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [PopUpStopperProfessional] "J:\POPUPS~1\POPUPS~1\POP-UP~1\POPUPS~1.EXE"
O4 - HKCU\..\RunOnce: [ICQ Lite] G:\icq\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = E:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ Lite (HKLM)
O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {30000273-8230-4DD4-BE4F-6889D1E74167} - http://download.abetterinternet.com/download/cabs/LOT64106/thin.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38110.5238657407
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

#2 Hallo,

O4 - HKCU\..\Run: [System Update2] e:\dokume~1\soldberg\anwend~1\services.exe
Diese services.exe(Wurm oder Trojaner) und E:\WINDOWS\jushed32.exe bei www.kaspersky.com/remoteviruschk.html checken

diese Einträge fixen:

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = h**p://searchmyrequest.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = h**p://www.enjoysearch.info/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = h**p://www.enjoysearch.info/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://www.enjoysearch.info/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.enjoysearch.info
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://www.enjoysearch.info/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = h**p://www.enjoysearch.info/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = h**p://www.enjoysearch.info
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = h**p://www.enjoysearch.info/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.enjoysearch.info
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = h**p://www.enjoysearch.info/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://www.enjoysearch.info/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://www.enjoysearch.info/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = h**p://www.enjoysearch.info
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = h**p://www.enjoysearch.info/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {424E25FE-79C0-45B9-ABEF-DEC83E223C20} - (no file)
O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O16 - DPF: {30000273-8230-4DD4-BE4F-6889D1E74167} - h**p://download.abetterinternet.com/download/cabs/LOT64106/thin.cab
__________
Das Wertvollste im Leben ist die Zeit. Leben heißt, mit der Zeit richtig umzugehen.
Neuaufsetzen des Systems/Absicherung! HJT Anleitung

#3 @Soldberg

NAch dem FIxen dies durchführen
http://board.protecus.de/t9373.htm

Dann neustart machen und nochmal Logfile posten

Das hier muß man nicht fixen
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

Gruß paff
__________
http://www.downclockers.com/ourforum/index.php?board=71.0 Reverse Engineering Malware

#4 îch danke euch beiden.....hat alles super funktioniert....

habe meine alte startseite wieder.

bis denne