ciągle dostaję komunikaty o wirusie win32- coś tam - nie mogę się go pozbyć - może ktoś mi pomóc?
Log:
Logfile of HijackThis v1.99.1
Scan saved at 11:10:10, on 2006-09-05
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Creative\Audio2K\PROGRAM\CTMIX32.EXE
C:\WINDOWS\TBPanel.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTSvcCDA.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\T-Online\T-Online_Software_5\Basis-Software\Basis2\kernel.exe
C:\Program Files\T-Online\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe
C:\PROGRA~1\T-Online\T-ONLI~2\BASIS-~1\Basis2\PROFIL~1.EXE
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\TuneUp Utilities\Integrator.exe
C:\WINDOWS\MSmedia.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Outlook Express\msimn.exe
C:\Documents and Settings\Olaf\Ustawienia lokalne\Temp\Katalog tymczasowy 3 dla hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://signup.t-online.de/cgi-bin/vek/ … ode=stcd01
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Lacza
F2 - REG:system.ini: Shell=explorer.exe
O1 - Hosts: 61.129.88.154 lloydstsb.co.uk
O1 - Hosts: 61.129.88.154 online.lloydstsb.co.uk
O1 - Hosts: 61.129.88.154 http://www.lloydstsb.co.uk
O1 - Hosts: 61.129.88.154 http://www.lloydstsb.com
O1 - Hosts: 61.129.88.154 http://www.lloydstsb.com
O1 - Hosts: 61.129.88.154 personal.barclays.co.uk
O1 - Hosts: 61.129.88.154 barclays.co.uk
O1 - Hosts: 61.129.88.154 ibank.barclays.co.uk
O1 - Hosts: 61.129.88.154 http://www.barclays.co.uk
O1 - Hosts: 61.129.88.154 http://www.nwolb.com
O1 - Hosts: 61.129.88.154 nwolb.com
O1 - Hosts: 61.129.88.154 hsbc.co.uk
O1 - Hosts: 61.129.88.154 http://www.hsbc.co.uk
O1 - Hosts: 61.129.88.154 abbey.com
O1 - Hosts: 61.129.88.154 http://www.abbey.com
O1 - Hosts: 61.129.88.154 http://www.abbey.co.uk
O1 - Hosts: 61.129.88.154 abbey.co.uk
O1 - Hosts: 61.129.88.154 cahoot.com
O1 - Hosts: 61.129.88.154 http://www.cahoot.com
O1 - Hosts: 61.129.88.154 http://www.cahoot.co.uk
O1 - Hosts: 61.129.88.154 cahoot.co.uk
O1 - Hosts: 61.129.88.154 http://www.co-operativebank.co.uk
O1 - Hosts: 61.129.88.154 co-operativebank.co.uk
O1 - Hosts: 61.129.88.154 http://www.co-operativebank.com
O1 - Hosts: 61.129.88.154 co-operativebank.com
O1 - Hosts: 61.129.88.154 welcome2.co-operativebankonline.co.uk
O1 - Hosts: 61.129.88.154 welcome6.co-operativebankonline.co.uk
O1 - Hosts: 61.129.88.154 welcome8.co-operativebankonline.co.uk
O1 - Hosts: 61.129.88.154 welcome10.co-operativebankonline.co.uk
O1 - Hosts: 61.129.88.154 http://www.smile.co.uk
O1 - Hosts: 61.129.88.154 smile.co.uk
O1 - Hosts: 61.129.88.154 http://www.cajamar.es
O1 - Hosts: 61.129.88.154 cajamar.es
O1 - Hosts: 61.129.88.154 http://www.cajamar.com
O1 - Hosts: 61.129.88.154 cajamar.com
O1 - Hosts: 61.129.88.154 http://www.unicaja.es
O1 - Hosts: 61.129.88.154 unicaja.es
O1 - Hosts: 61.129.88.154 http://www.unicaja.com
O1 - Hosts: 61.129.88.154 unicaja.com
O1 - Hosts: 61.129.88.154 http://www.caixagalicia.es
O1 - Hosts: 61.129.88.154 caixagalicia.es
O1 - Hosts: 61.129.88.154 http://www.caixagalicia.com
O1 - Hosts: 61.129.88.154 caixagalicia.com
O1 - Hosts: 61.129.88.154 activa.caixagalicia.es
O1 - Hosts: 61.129.88.154 http://www.caixapenedes.es
O1 - Hosts: 61.129.88.154 caixapenedes.es
O1 - Hosts: 61.129.88.154 http://www.caixapenedes.com
O1 - Hosts: 61.129.88.154 caixapenedes.com
O1 - Hosts: 61.129.88.154 bancae.caixapenedes.com
O1 - Hosts: 61.129.88.154 http://www.caixasabadell.es
O1 - Hosts: 61.129.88.154 caixasabadell.es
O1 - Hosts: 61.129.88.154 http://www.caixasabadell.net
O1 - Hosts: 61.129.88.154 caixasabadell.net
O1 - Hosts: 61.129.88.154 http://www.cajamadrid.es
O1 - Hosts: 61.129.88.154 cajamadrid.es
O1 - Hosts: 61.129.88.154 http://www.cajamadrid.com
O1 - Hosts: 61.129.88.154 cajamadrid.com
O1 - Hosts: 61.129.88.154 oi.cajamadrid.es
O1 - Hosts: 61.129.88.154 http://www.ccm.es
O1 - Hosts: 61.129.88.154 ccm.es
O1 - Hosts: 61.129.88.154 http://www.haspa.de
O1 - Hosts: 61.129.88.154 haspa.de
O1 - Hosts: 61.129.88.154 ssl2.haspa.de
O1 - Hosts: 61.129.88.154 http://www.dresdner-bank.de
O1 - Hosts: 61.129.88.154 dresdner-bank.de
O1 - Hosts: 61.129.88.154 http://www.dresdner-privat.de
O1 - Hosts: 61.129.88.154 postbank.de
O1 - Hosts: 61.129.88.154 http://www.postbank.de
O1 - Hosts: 61.129.88.154 banking.postbank.de
O1 - Hosts: 61.129.88.154 http://www.sparda-b.de
O1 - Hosts: 61.129.88.154 sparda-b.de
O1 - Hosts: 61.129.88.154 http://www.bankingonline.de
O1 - Hosts: 61.129.88.154 http://www.raiffeisenbank-erding.de
O1 - Hosts: 61.129.88.154 raiffeisenbank-erding.de
O1 - Hosts: 61.129.88.154 http://www.vr-networld-ebanking.de
O1 - Hosts: 61.129.88.154 vr-networld-ebanking.de
O1 - Hosts: 61.129.88.154 http://www.bnhof.de
O1 - Hosts: 61.129.88.154 bnhof.de
O1 - Hosts: 61.129.88.154 http://www.deutsche-bank.de
O1 - Hosts: 61.129.88.154 deutsche-bank.de
O1 - Hosts: 61.129.88.154 meine.deutsche-bank.de
O1 - Hosts: 61.129.88.154 http://www.citibank.de
O1 - Hosts: 61.129.88.154 citibank.de
O1 - Hosts: 61.129.88.154 http://www.dkb.de
O1 - Hosts: 61.129.88.154 dkb.de
O1 - Hosts: 61.129.88.154 http://www.sparkasse-regensburg.de
O1 - Hosts: 61.129.88.154 sparkasse-regensburg.de
O1 - Hosts: 61.129.88.154 http://www.berliner-bank.de
O1 - Hosts: 61.129.88.154 berliner-bank.de
O1 - Hosts: 61.129.88.154 http://www.berliner-sparkasse.de
O1 - Hosts: 61.129.88.154 berliner-sparkasse.de
O1 - Hosts: 61.129.88.154 http://www.wellsfargo.com
O1 - Hosts: 61.129.88.154 wellsfargo.com
O1 - Hosts: 61.129.88.154 http://www.bankofamerica.com
O1 - Hosts: 61.129.88.154 bankofamerica.com
O1 - Hosts: 61.129.88.154 http://www.usbank.com
O1 - Hosts: 61.129.88.154 usbank.com
O1 - Hosts: 61.129.88.154 http://www.bankone.com
O1 - Hosts: 61.129.88.154 bankone.com
O1 - Hosts: 61.129.88.154 http://www.citibank.com
O1 - Hosts: 61.129.88.154 citibank.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM…\Run: [CreativeMixer] C:\Program Files\Creative\Audio2K\PROGRAM\CTMIX32.EXE /t
O4 - HKLM…\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM…\Run: [Windows Helper] C:\WINDOWS\System32\svchozt.exe
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU…\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip…{AE1CE626-5A05-4336-BE93-AE78841958DD}: NameServer = 217.237.150.205 217.237.150.188
O20 - Winlogon Notify: scsiusr4 - C:\WINDOWS\SYSTEM32\scsiusr4.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.exe
O23 - Service: MicroSoft Media Tools - Unknown owner - C:\WINDOWS\MSmedia.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
z góry dziekuję