Probier mal folgendes.. (mit google gefunden...)
Trifft wahrscheinlich nicht alles zu (weil anderes hijackthis log) aber ich denke du wirst einiges davon auf dem system finden.
--------------------
Now, boot your computer into Safe Mode.
Enter the control panel by clicking on the Start menu, then clicking on Run.
Now type control in the Open field and press the OK button.
Double-click on the Add/Remove Programs icon.
Look for and uninstall the following entries if found in the Add/Remove Programs window. Do not reboot if prompted untill all of the below programs are uninstalled.
Active alert
ISTsvc
Internet Optimizer
Search Extender
Shopping Wizard
Sidefind
Slotchbar
The Bullseye Network
Uninstall 180searchassistant
Webrebates
Win AdTools
It may prompt about whether or not you are sure you want to remove this program. Always read it carefully and choose the option that states you want to remove all components of this program.
Navigate to the c:\hijackthis directory and double-click on HijackThis
When the program starts, double-click on the HijackThis icon and then click on the Scan button.
Put a checkmark next to the following entries if they exist:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.buldog-search.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.gigasearch.biz/?209
R3 - URLSearchHook: GStartBHO Class - {EADD3112-0CF8-444b-AC0F-EBA38E004554} - C:\WINDOWS\Downloaded Program Files\giga32.dll
O1 - Hosts: 69.50.188.82 askjeeves.com
O1 - Hosts: 69.50.188.82
www.askjeeves.com
O1 - Hosts: 69.50.188.82
www.directhit.com
O1 - Hosts: 69.50.188.82 directhit.com
O1 - Hosts: 69.50.188.82
www.excite.com
O1 - Hosts: 69.50.188.82 excite.com
O1 - Hosts: 69.50.188.82
www.alltheweb.com
O1 - Hosts: 69.50.188.82 go.com
O1 - Hosts: 69.50.188.82
www.go.com
O1 - Hosts: 69.50.188.82 goto.com
O1 - Hosts: 69.50.188.82
www.goto.com
O1 - Hosts: 69.50.188.82 lycos.com
O1 - Hosts: 69.50.188.82 dmoz.org
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: GStartBHO Class - {EADD3112-0CF8-444b-AC0F-EBA38E004554} - C:\WINDOWS\Downloaded Program Files\giga32.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [tgf] C:\WINDOWS\tgf.exe
O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Installer Class) -
http://download.35mb.com/images/dlapplet.cab
O16 - DPF: {D03A1C33-1913-4533-A8C1-F2C8D13045DE} -
http://www.cjb.net/search.cab
Because XP will not always show you hidden files and folders by default.
Reset your search settings first.
Go to Start>Search and at the top select Tools>Folder Options
Select the View tab
Display the contents of system folders
Show hidden files and folders
Uncheck: Hide protected operating system files
Click on Apply.
Next go to the side of the Search box and select All files and folders. Go down to More advanced options.
Be sure the first three boxes are selected:
Search System folders
Search Hidden Files and folders
Search SubFolders
Find and delete these files/folders:
C:\WINDOWS\system32\mshtm.exe
C:\Program Files\Windows AdTools.......................folder
C:\Program Files\BullsEye Network ........................folder
C:\Program Files\Web_Rebates .....................folder
C:\WINDOWS\tgf.exe
Now, before you reboot normally:
Open Window Explorer.
Browse to the C:\documents and settings\\User Name (repeat for all users)\local settings\temp folder and delete all files and folders in it.
Then browse to the C:\Windows\Temp folder and delete all files in it.
Then in internet explorer click tools>internet Options>General. Click on Delete Files make sure you get all offline content as well.
Empty Recycle Bin and reboot your computer normally.
Run both of these online virus scans:
http://housecall.antivirus.com/
http://www.pandasoftware.com/activescan/
Reboot.