|
25-08-2008, 16:15
| #1 (permalink) | ||
| Grandfather of all Knowledge  Join Date: Feb 2006 Location: Bucharest | Blocare conexiune internet/HELP!
Salutare, Am o mica mare problema. La laptopul de serviciu, dupa un control de rutina cu NOD32-ul (pe care nu il am instalat permanent, din motiv lesne de inteles) am gasit 36 de virusi. Dupa curatare/delete-are, am urmatoarea problema: - conexiunea de net (retea, in spatele unui router hardware, ip luat prin dhcp) CADE dupa 10 minute de la logarea in Windows. Efectiv rezista (yahoo, browsing) 5-10 minute, dupa care nici macar gateway-ul nu imi mai raspunde la ping. IP-urile din retea raspund la ping  - real vnc-ul catre "home" ramane activ in ciuda acestei caderi a conexiunii (chiar si acum, scriu din remote, ca netul a cazut din nou  )- yahoo-ul ramane "agatat" - arata ca ar fi conectat, lista de useri ramane "fixa", nu se delogheaza - la restart (nu logoff-logon) netul isi revine Ce naiba are? Am dat si un Spybot S&D scan, am curatat niste adware-spyware si de atunci am problema asta. Daca e nevoie de vreun raport (ex. hijackthis), please ask. Va rog sa ma ajutati (incerc sa evit solutia cu it support si reinstalare de windows, din motive lesne de inteles). Multumesc anticipat.
__________________ The future ain't what it used to be. | ||
|
|
25-08-2008, 16:53
| #2 (permalink) | ||
| Grandfather of all Knowledge Join Date: Feb 2006 Location: Bucharest |
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:47:46, on 25.08.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\ATKKBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\WINDOWS\ATK0100\HControl.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe C:\Program Files\ASUS\Wireless Console\wcourier.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\Program Files\PLANET\Bluetooth Software\BTTray.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.26.249:8080 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\PLANET\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\PLANET\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\PLANET\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1140175288718 O16 - DPF: {CCA0B877-CB5E-4ADC-AD30-457C379512DD} (Gif89 Lite Class) - http://192.168.86.94/xplugLite.cab O16 - DPF: {F0C46420-B50B-4BA1-ADBE-C1ECF47E0916} (XViewer Control) - http://192.168.86.126/XViewer.cab O16 - DPF: {FF3BA0DA-79B5-4110-8FAC-C402D85AAEDA} (IPCAM2 Object) - http://192.168.86.72/view.cab O20 - Winlogon Notify: WinCtrl32 - C:\WINDOWS\SYSTEM32\WinCtrl32.dll O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\PLANET\Bluetooth Software\bin\btwdins.exe O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Windows Presentation Foundation Font Cache 3.0.0.0 FontCache3.0.0.0COMSysApp (FontCache3.0.0.0COMSysApp) - Unknown owner - C:\WINDOWS\ O23 - Service: NetMeeting Remote Desktop Sharing mnmsrvcDnscache (mnmsrvcDnscache) - Unknown owner - C:\WINDOWS\ O23 - Service: NetMeeting Remote Desktop Sharing mnmsrvcWmi (mnmsrvcWmi) - Unknown owner - C:\WINDOWS\ O23 - Service: NT LM Security Support Provider NtLmSspNVSvc (NtLmSspNVSvc) - Unknown owner - C:\WINDOWS\ O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Remote Procedure Call (RPC) Locator RpcLocatorCOMSysApp (RpcLocatorCOMSysApp) - Unknown owner - C:\WINDOWS\ O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: MS Software Shadow Copy Provider SwPrvNetTcpPortSharing (SwPrvNetTcpPortSharing) - Unknown owner - C:\WINDOWS\ O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe O23 - Service: Windows Management Instrumentation Driver Extensions WmiMDM (WmiMDM) - Unknown owner - C:\WINDOWS\ O23 - Service: Security Center wscsvcCiSvc (wscsvcCiSvc) - Unknown owner - C:\WINDOWS\ O23 - Service: Network Provisioning Service xmlprovmnmsrvcDnscache (xmlprovmnmsrvcDnscache) - Unknown owner - C:\WINDOWS\ -- End of file - 8122 bytes
__________________ The future ain't what it used to be. | ||
|
| Advertisment | |
 |
|
| Thread Tools | |
|
|
