Log-reklamy i błąd:explorer.exe


(Sadekdawid) #1

Ostatnio wyskakują mio jakieś dziwne reklamy i błąd: explorer.exe, proszę o poradę:

Logfile of HijackThis v1.99.1

Scan saved at 14:22:37, on 2006-04-30

Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\drivers\KodakCCS.exe

C:\WINDOWS\System32\nvsvc32.exe

D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZONELABS\vsmon.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\PROGRA~1\NEOSTR~1\CnxMon.exe

C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe

E:\Program Files\Winamp\winampa.exe

C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe

C:\Program Files\VIA\RAID\raid_tool.exe

C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe

C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\PROGRA~1\NEOSTR~1\NeostradaTP.exe

C:\PROGRA~1\NEOSTR~1\ComComp.exe

C:\WINDOWS\System32\wuauclt.exe

C:\PROGRA~1\NEOSTR~1\Watch.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Program Files\Avant Browser\avant.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\explorer.exe

C:\Program Files\WinRAR\WinRAR.exe

C:\DOCUME~1\Dawid\USTAWI~1\Temp\Rar$EX00.937\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - E:\PROGRA~1\FLASHGET\jccatch.dll

O2 - BHO: SafeIE Utility - {B5D4581D-ED6A-4905-A267-25BAF7BE79C1} - C:\WINDOWS\System32\safeie.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Zone Labs Client] D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe

O4 - HKLM\..\Run: [Odkurzacz-MCD] E:\Program Files\Odkurzacz 10.1 Pro\odk_mcd.exe

O4 - HKLM\..\Run: [WinampAgent] E:\Program Files\Winamp\winampa.exe

O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"

O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe

O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe

O8 - Extra context menu item: &Ściągnij wszystko za pomocą WellGeta - E:\Program Files\WellGet\nxall.htm

O8 - Extra context menu item: Blokuj wszystkie obrazy z tego serwera - C:\Program Files\Avant Browser\AddAllToADBlackList.htm

O8 - Extra context menu item: Dodaj do listy blokowanych reklam - C:\Program Files\Avant Browser\AddToADBlackList.htm

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Otwórz w nowym Avant Browser - C:\Program Files\Avant Browser\OpenInNewBrowser.htm

O8 - Extra context menu item: Otwórz wszystkie adresy z tej strony... - C:\Program Files\Avant Browser\OpenAllLinks.htm

O8 - Extra context menu item: Podświetl - C:\Program Files\Avant Browser\Highlight.htm

O8 - Extra context menu item: Szukaj - C:\Program Files\Avant Browser\Search.htm

O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - E:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a - E:\Program Files\FlashGet\jc_all.htm

O8 - Extra context menu item: Ściągnij za pomocą &WellGeta - E:\Program Files\WellGet\nxcatch.htm

O9 - Extra button: WellGet - {35980F6E-A258-4E50-953D-813BB8556899} - E:\Program Files\WellGet\WellGet.exe

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\PROGRA~1\FLASHGET\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\PROGRA~1\FLASHGET\flashget.exe

O16 - DPF: {33331111-1111-1111-1111-611111193423} - 

O16 - DPF: {33331111-1111-1111-1111-611111193429} - 

O16 - DPF: {33331111-1111-1111-1111-611111193457} - 

O16 - DPF: {33331111-1111-1111-1111-615111193427} - 

O16 - DPF: {33331111-1111-1111-1111-622221193458} - 

O16 - DPF: {64311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{2A6F1B6B-1795-46A5-B747-14B8C6163687}: NameServer = 194.204.152.34 217.98.63.164

O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34546} - C:\WINDOWS\System32\vbsys2.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe

O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

Zmień tytuł temat inaczej KOSZ

Pozdrawiam Gutek2222


(Gblade) #2

Skasuj wpisy w hjt i pogrubione pliki w trybie awaryjnym z wyłączonym przywracaniem systemu

Możesz podać treść ?

Wrzuć loga z silent runners