Jakob
9 Październik 2006 15:14
#1
Mam dość spory problem z siecią lokalną. Przez pewien czas miałem komputer w serwisie, kiedy przyszedł z nowym dyskiem, zainstalowałem Windowsa XP Pro, później sterowniki. I tu pojawia sie problem. Gadu-gadu działa, ale jakikolwiek klient pocztowy już nie. Podobnie nie działąją żadne przeglądarki internetowe. Sytuacja sie poprawia kiedy włączam tryb awaryjny z obsługą sieci. Wtedy wszystko jest OK. Dodam że nie mam SP2, ani antywirusa.
Log z trybu “normalnego”:
Logfile of HijackThis v1.99.1 Scan saved at 17:10:05, on 2006-10-09 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\serv454.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\System32\stisv.pif C:\WINDOWS\System32\dqjq.exe C:\Program Files\WinFast\WFTVFM\WFWIZ.exe C:\WINDOWS\System32\m2rcx.exe C:\WINDOWS\System32\fdfocxso.exe C:\WINDOWS\System32\suvsi.exe C:\WINDOWS\System32\fovdtvv.exe C:\WINDOWS\System32\m2rcx.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Gadu-Gadu\gg.exe C:\WINDOWS\System32\RUNDLL32.EXE C:\WINDOWS\System32\fovdtvv.exe C:\windows\fonts\ntprint.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Documents and Settings\Administrator\Pulpit\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM…\Run: [routing] fdfocxso.exe O4 - HKLM…\Run: [Adobe Pro] stisv.pif O4 - HKLM…\Run: [msng] dqjq.exe O4 - HKLM…\Run: [s3v3n777] C:\WINDOWS\System32\regxx.exe O4 - HKLM…\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe O4 - HKLM…\Run: [RPC Service] suvsi.exe O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [Ksv Update] fovdtvv.exe O4 - HKLM…\Run: [Rout111] serv454.exe O4 - HKLM…\Run: [sECRETXSERVICE] C:\WINDOWS\System32\m2rcx.exe O4 - HKLM…\RunServices: [routing] fdfocxso.exe O4 - HKLM…\RunServices: [Adobe Pro] stisv.pif O4 - HKLM…\RunServices: [msng] dqjq.exe O4 - HKLM…\RunServices: [RPC Service] suvsi.exe O4 - HKLM…\RunServices: [Ksv Update] fovdtvv.exe O4 - HKLM…\RunServices: [Rout111] serv454.exe O4 - HKLM…\RunOnce: [Rout111] serv454.exe O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU…\Run: [ares] “C:\Program Files\Ares\Ares.exe” -h O4 - HKCU…\Run: [Ksv Update] fovdtvv.exe O4 - HKCU…\Run: [Rout111] serv454.exe O4 - HKCU…\Run: [Microsoft Windows] c:\windows\fonts\ntprint.exe O4 - HKCU…\RunOnce: [Rout111] serv454.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1045\OLFSNT40.EXE O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Log z trybu awaryjnego:
Logfile of HijackThis v1.99.1 Scan saved at 17:08:06, on 2006-10-09 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Administrator\Pulpit\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM…\Run: [routing] fdfocxso.exe O4 - HKLM…\Run: [Adobe Pro] stisv.pif O4 - HKLM…\Run: [msng] dqjq.exe O4 - HKLM…\Run: [s3v3n777] C:\WINDOWS\System32\regxx.exe O4 - HKLM…\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe O4 - HKLM…\Run: [RPC Service] suvsi.exe O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [Ksv Update] fovdtvv.exe O4 - HKLM…\Run: [Rout111] serv454.exe O4 - HKLM…\Run: [sECRETXSERVICE] C:\WINDOWS\System32\m2rcx.exe O4 - HKLM…\RunServices: [routing] fdfocxso.exe O4 - HKLM…\RunServices: [Adobe Pro] stisv.pif O4 - HKLM…\RunServices: [msng] dqjq.exe O4 - HKLM…\RunServices: [RPC Service] suvsi.exe O4 - HKLM…\RunServices: [Ksv Update] fovdtvv.exe O4 - HKLM…\RunServices: [Rout111] serv454.exe O4 - HKLM…\RunOnce: [Rout111] serv454.exe O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU…\Run: [ares] “C:\Program Files\Ares\Ares.exe” -h O4 - HKCU…\Run: [Ksv Update] fovdtvv.exe O4 - HKCU…\Run: [Rout111] serv454.exe O4 - HKCU…\Run: [Microsoft Windows] c:\windows\fonts\ntprint.exe O4 - HKCU…\RunOnce: [Rout111] serv454.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1045\OLFSNT40.EXE O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe