Problem Z Resetowaniem

yetis · 27 Czerwca 2005

Mam wielki problem z mojim XP gdyż samoczynnie resetuje się sprawdzałem metody z http://www.searchengines.pl/phpbb203/index...96entry132561 ale niemogłem nic znaleść a obraz z Hijackthis wygląda tak

Logfile of HijackThis v1.99.1

Scan saved at 17:42:38, on 2005-06-27

Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\UAService7.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe

C:\Program Files\D-Tools\daemon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\System32\taskmgr.exe

C:\WINDOWS\regedit.exe

C:\WINDOWS\System32\dwwin.exe

C:\Downloads\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

F2 - REG:system.ini: Shell=explorer.exe C:\WINDOWS\System32\winserv.exe

O1 - Hosts: 127.0.0.3 fregat.drocherway.com

O1 - Hosts: 127.0.0.3 virgin-tgp.net

O1 - Hosts: 127.0.0.3 www.topsearch10.com

O1 - Hosts: 127.0.0.3 www.megapornix.com

O1 - Hosts: 127.0.0.3 www.virgin-tgp.net

O1 - Hosts: 127.0.0.3 autoescrowpay.com

O1 - Hosts: 127.0.0.3 www.autoescrowpay.com

O1 - Hosts: 127.0.0.3 iframeprofit.com

O1 - Hosts: 127.0.0.3 www.[ciach!]to.biz

O1 - Hosts: 127.0.0.3 www.iframeprofit.com

O1 - Hosts: 127.0.0.3 www.newiframe.biz

O1 - Hosts: 127.0.0.3 n-glx.s-redirect.com

O1 - Hosts: 127.0.0.3 slutmania.biz

O1 - Hosts: 127.0.0.3 iframe.biz

O1 - Hosts: 127.0.0.3 www.buldog-stats.com

O1 - Hosts: 127.0.0.3 buldog-stats.com

O1 - Hosts: 127.0.0.3 topcash.biz

O1 - Hosts: 127.0.0.3 www.slutmania.biz

O1 - Hosts: 127.0.0.3 www.nylonsexy.com

O1 - Hosts: 127.0.0.3 www.vxiframe.biz

O1 - Hosts: 127.0.0.3 www.awmdabest.com

O1 - Hosts: 127.0.0.3 www.vparivalka.com

O1 - Hosts: 127.0.0.3 sp2fucked.biz

O1 - Hosts: 127.0.0.3 www.greg-tut.com

O1 - Hosts: 127.0.0.3 greg-tut.com

O1 - Hosts: 127.0.0.3 www.statscash.biz

O1 - Hosts: 127.0.0.3 awmdabest.com

O1 - Hosts: 127.0.0.3 nylonsexy.com

O1 - Hosts: 127.0.0.3 www.toolbarpartner.com

O1 - Hosts: 127.0.0.3 allforadult.com

O1 - Hosts: 127.0.0.3 www.iframe.biz

O1 - Hosts: 127.0.0.3 vxiframe.biz

O1 - Hosts: 127.0.0.3 aaasexypics.com

O1 - Hosts: 127.0.0.3 www.sexfiles.nu

O1 - Hosts: 127.0.0.3 www.crazy-toolbar.com

O1 - Hosts: 127.0.0.3 newiframe.biz

O1 - Hosts: 127.0.0.3 megapornix.com

O1 - Hosts: 127.0.0.3 crazy-toolbar.com

O1 - Hosts: 127.0.0.3 loadcash.biz

O1 - Hosts: 127.0.0.3 awmcash.biz

O1 - Hosts: 127.0.0.3 statscash.biz

O1 - Hosts: 127.0.0.3 www.loadcash.biz

O1 - Hosts: 127.0.0.3 sexfiles.nu

O1 - Hosts: 127.0.0.3 vparivalka.com

O1 - Hosts: 127.0.0.3 toolbarpartner.com

O1 - Hosts: 127.0.0.3 counter.sexmaniack.com

O1 - Hosts: 127.0.0.3 www.topcash.biz

O1 - Hosts: 127.0.0.3 www.sp2fucked.biz

O1 - Hosts: 127.0.0.3 [ciach!]to.biz

O1 - Hosts: 127.0.0.3 topsearch10.com

O1 - Hosts: 127.0.0.3 www.allforadult.com

O1 - Hosts: 127.0.0.3 www.awmcash.biz

O1 - Hosts: 127.0.0.3 www.aaasexypics.com

O1 - Hosts: 127.0.0.3 www.vesbiz.biz

O1 - Hosts: 127.0.0.3 x.full-tgp.net

O1 - Hosts: 127.0.0.3 vesbiz.biz

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll

O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1045

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000

O16 - DPF: {24311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab

O16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cab

O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{7AE03FD2-C673-4F43-8396-4401FF449F65}: NameServer = 194.204.152.34 217.98.63.164

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe

Kolobos · 27 Czerwca 2005

Probowales kiedys uzywac antyvirusa? eh...

Zainstaluj sobie:

http://download.microsoft.com/download/8/1...wareInstall.exe

http://www.avast.com/eng/avast_4_home.html

Przeskanuj system i usun wszystko co znajda.

W hijackthis usun te wpisy: