Moźe ktoś pomóc
Ustawia mi się strona stratowa http://greatsearch.biz/ i później ładują się róźne gówna. MKS, PANDA nic nie wykrywa, Ad–aware teź nie. Blokuje mi strone www.onet.pl.
Sprawdzałem kompa CWShredder i teź nic.
Z rejestru usunąłem wszystkie wpisy z greatsearch.biz i nic.
Po wejsciu na tą strone w katalogu windows tworzą się pliki dl.html, pc.exe i kilka innych w ktorych AVG wykrywa wirusa

Wrzucam loga z Hijacka moźe ktos bedzie widzaił o co chodzi.

Logfile of HijackThis v1.97.7
Scan saved at 12:03:44, on 2004–05–26
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:PROGRA~1BEZPIE~1AVGavgserv.exe
C:WINDOWSSystem32 vsvc32.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAlcatelSpeedTouch USBDragdiag.exe
C:WINDOWSsoundman.exe
C:PROGRA~1BEZPIE~1AVGavgcc32.exe
C:Program FilesJavaj2re1.5.0injusched.exe
C:WINDOWSSystem32ctfmon.exe
C:WINDOWSSystem32devldr32.exe
C:Program FilesAVerTV2KQuickTV.exe
C:Program Files otalcmdTOTALCMD.EXE
c:HijackThis.exe

R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://greatsearch.biz/
R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://greatsearch.biz/
R0 – HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://greatsearch.biz/
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://greatsearch.biz/
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = http://greatsearch.biz/
R0 – HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = http://greatsearch.biz/
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 – HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program FilesAlcatelSpeedTouch USBDragdiag.exe" /icon
O4 – HKLM..Run: [SoundMan] soundman.exe
O4 – HKLM..Run: [AVG_CC] C:PROGRA~1BEZPIE~1AVGavgcc32.exe /STARTUP
O4 – HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 – HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit
O4 – HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavaj2re1.5.0injusched.exe
O4 – HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O4 – Global Startup: QuickTV.lnk = C:Program FilesAVerTV2KQuickTV.exe
O4 – Global Startup: TeleSA.lnk = C:Program FilesAVer TeletextAVerSA.exe
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 – Extra 'Tools' menuitem: Sun Java Console (HKLM)
O16 – DPF: komentator – http://sport.onet.pl/komentator.cab
O16 – DPF: {166B1BCA–3F9C–11CF–8075–444553540000} (Shockwave ActiveX Control) – http://fpdownload.macromedia.com/pub/shockwave/cabs/director/swdir.cab
O16 – DPF: {2BC66F54–93A8–11D3–BEB6–00105AA9B6AE} (Symantec AntiVirus scanner) – http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 – DPF: {31B7EB4E–8B4B–11D1–A789–00A0CC6651A8} (Cult3D ActiveX Player) – http://www.cult3d.com/download/cult.cab
O16 – DPF: {644E432F–49D3–41A1–8DD5–E099162EEEC5} (Symantec RuFSI Utility Class) – http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 – DPF: {9F1C11AA–197B–4942–BA54–47A8489BB47F} (Update Class) – http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38037.4506134259
O16 – DPF: {A3009861–330C–4E10–822B–39D16EC8829D} (CRAVOnline Object) – http://www.ravantivirus.com/scan/ravonline.cab
O16 – DPF: {D27CDB6E–AE6D–11CF–96B8–444553540000} (Shockwave Flash Object) – http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab