PCTuning fórum

Před několika dny se mi začalo oběvovat okno "advertisment" různá reklama atd. pokaždé když jsem na internetu tak se objevý pod otevřeným oknem internetu. Takže na to asi nepůsobí blokování oken v internetu. Projel jsem to Nodem 32, Spybotem, vymazal jsem historii netu, temp files a furt to tam je už si nevím rady. Mám Explorer 7.0. Předem díky za odpověď.

hod sem log z HijackThis

HijackThis stahneš tady-
http://www.bleepingcomputer.com/files/M ... ckThis.zip
rozbal do vlastní složky,spusť,klikni na "Do a system scan and save a logfile"
Vygenerovaný texťák zkopíruj sem.

Logfile of HijackThis v1.99.1
Scan saved at 11:40:19, on 11.2.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Programs\VirtualCloneDrive\VCDDaemon.exe
C:\Programs\Power DVD\PDVDServ.exe
C:\Program Files\Common Files\{20D8DA06-089D-1029-0823-0403082001a4}\Update.exe
C:\Program Files\Ipwindows\ipwins.exe
C:\Programs\Logitech Cam\LogiTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSI\Star Key Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Programs\Logitech Cam\FxSvr2.exe
C:\PROGRA~1\MSI\STARKE~1\BTSTAC~1.EXE
C:\Program Files\MSI\Star Key Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchosts.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Programs\ICQLite\ICQLite.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Plocha\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ui.skype.com/ui/0/3.0.0.198/cs/exitsurvey?
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programs\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programs\BitComet\tools\BitCometBHO.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programs\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - D:\Programy\PCTRAN~1\WEBIE.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programs\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Programs\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [RemoteControl] "C:\Programs\Power DVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Programs\Power DVD\Language\Language.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programs\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Soft Power ShutDown] C:\Programs\SoftPowerShutDown\SoftPowerShutDown.exe
O4 - HKLM\..\Run: [{20D8DA06-089D-1029-0823-0403082001a4}] "C:\Program Files\Common Files\{20D8DA06-089D-1029-0823-0403082001a4}\Update.exe" te-110-12-0000257
O4 - HKLM\..\Run: [IpWins] C:\Program Files\Ipwindows\ipwins.exe
O4 - HKLM\..\Run: [{20D8DA06-089C-1029-0823-0403082001a4}] "C:\Program Files\Common Files\{20D8DA06-089C-1029-0823-0403082001a4}\Update.exe" te-110-12-0000257
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programs\Logitech Cam\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programs\Logitech Cam\LogiTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Programs\Logitech Cam\ManifestEngine.exe" boot
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programs\ICQLite\ICQLite.exe -trayboot
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programs\Reader\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Download all links using BitComet - res://C:\Programs\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Programs\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Programs\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\Star Key Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programs\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programs\ICQLite\ICQLite.exe
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - D:\Programy\PCTRAN~1\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - D:\Programy\PCTRAN~1\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - D:\Programy\PCTRAN~1\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - D:\Programy\PCTRAN~1\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - D:\Programy\PCTRAN~1\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - D:\Programy\PCTRAN~1\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - D:\Programy\PCTRAN~1\WEBIE.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\Star Key Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\Star Key Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{14D8BDA8-2046-4A42-8727-31945E661F0E}: NameServer = 81.90.168.3,212.96.161.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\MSI\Star Key Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe

Tuky píše: C:\Program Files\Common Files\{20D8DA06-089D-1029-0823-0403082001a4}\Update.exe
C:\Program Files\Ipwindows\ipwins.exe
C:\WINDOWS\system32\svchosts.exe

O4 - HKLM\..\Run: [{20D8DA06-089D-1029-0823-0403082001a4}] "C:\Program Files\Common Files\{20D8DA06-089D-1029-0823-0403082001a4}\Update.exe" te-110-12-0000257
O4 - HKLM\..\Run: [IpWins] C:\Program Files\Ipwindows\ipwins.exe
O4 - HKLM\..\Run: [{20D8DA06-089C-1029-0823-0403082001a4}] "C:\Program Files\Common Files\{20D8DA06-089C-1029-0823-0403082001a4}\Update.exe" te-110-12-0000257

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

tyhle věci bych viděl jako problémový. u většiny si nejsem jistej, ale ty tučný rozhodně zrubat

Tak jsem smáznul to svchosts.exe a furt to dělá mám smáznout i ty ostatní co tady uvádíš. Ale aby jse mi nepoj.... komp. Nerad bych to formátoval.

Tvuj hlavni problem nejspis bude programek ipwins.exe, tak ze komplet pryc. Jinac vse dalsi vypsany ke smaznuti jsou zytecnosti, smazat. Plus bych ještě přidal:O4 - Global Startup: Bluetooth.lnk = ? (ale ničemu to nevadí) a taky se mi nelíbí O4 - HKLM\..\Run: [Soft Power ShutDown] C:\Programs\SoftPowerShutDown\SoftPowerShutDown.exe - takže pokud to není probrámek, který jsi si tam sám nainstaloval a používáš ho, tak bych ho smazal. Sice by to měl být regulérní program, ale protože neni skoro vubec rozsireny, tak bych se nedivil, že dělá nějakou neplechu.

Tak je to asi vyřešeno smáznul jsem ten shit " ipwins.exe " a vypadá to že to bude o.k. A k tomu SoftPowerShutDown.exe, to je mnou nainstalovaný program od jednoho mazáka kterej to vymyslel na vypínání kompu.

Tak OK.
Ja jen ze ten programek neni tolik rozsireny. Pokud nedela neplechu, tak v pohode.