possible website hijack

a kde ti to našel?

no uz sa to podarilo znova pri restarte systemu,len teraz vyskocilo trojan.dns-changer a ked toto vymazem tak mi nechce sa pripojit na siet

Nastav si spravne DNS (siet-vlastnosti-TCP/IP)

P.S. kde ty na tie viry chodis 2 za jeden den.
P.S.2. skus aj nudzovy rezim a prescanovat cely disk pomocou superantispyware.

lenze ak si odtranim ten dns changer ,tak mi potom zacne blikat ze sa nasiel novy hardver via a ten sa snazi instalovat no nejde to

Clovece co ty tam stvaras.
Co presne to pise a ako vyzera to co ti tam zacne "blikat" ? Ked ti najde novy hardware sietovku tak preinstaluj ovladac sietovky.

no nie jeden,,,mam avg 8 a ten nic nenasiel,adware tak isto nic,spyboot tiez nula,ale spywaredoctor az 8 sa tomu cudujem sam.

No hlavna vec ze tam mas 4 spomalovace Windows ktore prd robia. Je ten spyware doctor vobec seriozzny? Napis presne ze kde ti to nasiel co pises. To je dost dolezita vec. Sa mi ten program moc nezda ked ti odstranuje ovladac sietovky alebo co

ak mozem ,vedel by si skontrolovat hijack list?

Ten log z HJT sem zkopíruj (možná to budeš muset rozdělit do více příspěvků).

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ATKKBService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\peter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\peter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\peter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\peter\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb /*ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ig
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {bf23150a-b2ad-43e9-bdc0-6c0cc3d290d2} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Acronis Popup Blocker - {E24AD748-155E-4254-B674-4EDF86E7E1DF} - C:\Program Files\Acronis\PrivacyExpert\PrivacyExpert\Blokován í.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: (no name) - {bf23150a-b2ad-43e9-bdc0-6c0cc3d290d2} - (no file)
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [BM87274053] Rundll32.exe "C:\WINDOWS\system32\kmpgojfg.dll",s
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Acronis Blokování pop-up oken - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\Program Files\Acronis\PrivacyExpert\PrivacyExpert\Blokován í.dll
O9 - Extra 'Tools' menuitem: Acronis Blokování pop-up oken - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\Program Files\Acronis\PrivacyExpert\PrivacyExpert\Blokován í.dll
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5C ontrols/en/x86/client/wuweb_site.cab?1232626477593
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5C ontrols/en/x86/client/muweb_site.cab?1232626461421
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: oakarqbs - C:\Documents and Settings\peter\Application Data\oakarqbs.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MySql - Unknown owner - C:/PROGRA~1/PHP Home Edition 2/mysql/bin/mysqld-nt.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O24 - Desktop Component 0: (no name) - 715.gif

Fixnout:

R3 - URLSearchHook: (no name) - {bf23150a-b2ad-43e9-bdc0-6c0cc3d290d2} - (no file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: (no name) - {bf23150a-b2ad-43e9-bdc0-6c0cc3d290d2} - (no file)
O4 - HKLM\..\Run: [BM87274053] Rundll32.exe "C:\WINDOWS\system32\kmpgojfg.dll",s
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\WINDOWS\System32\shdocvw.dll
O23 - Service: MySql - Unknown owner - C:/PROGRA~1/PHP Home Edition 2/mysql/bin/mysqld-nt.exe (file missing)
O24 - Desktop Component 0: (no name) - 715.gif

Jaké problémy jsou ještě z PC?
Zkoušels SuperAntiSpyware?

ziadny driver nefunguje co mam v pc,ked nieco pripojim telefon ,webcam,mp3,tak napise ze sa nasiel novy hardver,zrazu sa spusti services.exe,zvysi sa spotreba pamete,a ani zanic sa neda instalovat ziadny driver ,stale pise ze sa musi dokoncit instalacia,aj ked som ziadnu nezacal.:(

Zkus ještě ten SAS.
Ta hláška píše přesně co? Čeho instalace nebyla dokončena nepíše?
Co píše prohlížeč událostí?

nepise coho,len ked napise ze bol najdeny novy hardver a chcem ist ho dat instalovat tak mi napise ze sa neda lebo uz instalacia prebieha,ale nepise ze coho,

Nejdříve bych vypnul tu hovadinu Ad-watch (ideální je zbavit se celého Ad-Aware) a podíval se, jak velký je soubor hosts.

tak ad watch ci ako sa vola uz vypol a ten hosts kde najdem?

Ve Windows se dají hledat soubory a složky, to tam nemáš?
WINDOWS\system32\drivers\etc\

hosts je 291 788 a strasne vela je tam toho tych hosts a cisla

Ano, při obřím souboru hosts (poděkuj Ad-Aware) jsou problémy se services.exe zmiňovány.

okej dakujem a co stym teraz?

Nech tam jenom řádek 127.0.0.1 localhost, ostatní smazat.

hosts backup je tam 21 suborov,potom imhosts,networks,protocol,services,a jeden hosts o tej velkosti 291 788,to mam ktore zmazat?

V souboru hosts nech jen ten výše uvedený řádek. Soubor hosts se jmenuje hosts.

no uz .a teraz?restartovat>?

Co teraz? To je celý. Nechat jen ten řádek a uložit. Restartovat můžeš.

mas to u mna,webcam ide aj ostatne,len neviem instalovat realtek ,mam xp prof.a SP3 a nijak to neviem spustit.

neviem instalovat realtek

To tady moc lidí hledat nebude, zkus raději nový dotaz.

zapomněl jsi na:
O20 - Winlogon Notify: oakarqbs - C:\Documents and Settings\peter\Application Data\oakarqbs.dll

to vypadá na nějakou sviňu.

u mě to samý nejde dát do karantény ani odstranit.P oradíte jak na něj??

Asi ne, když nedokážete napsat nic o svém operačním systému, antivirovém programu, opsat přesně hlášku a napsat, který program vám jí vypisuje.