Proces "system" Zużywa Proca

[faro666]

Od jakiegoś czasu proces ten powoduje mulenie się systemu, po zlookaniu w Process Explorer wyszło że winowajcą jest nie jaki "ntkrnlpa.exe"

Co można zrobić?

Z góry dzięki za pomoc.

Pozdrawiam

 

EDIT:

Po napisaniu posta olśniło mnie i odłączyłem kabel LAN od laptopa i wszystko wróciło do normy... jak można ustawić windowsa żeby taka akcja nie miala miejsca??

Edytowane 1 Sierpnia 2009 przez faro666

[Kolobos]

Nie masz zainfekowanego systemu? Zrob skan przy pomocy Dr.Web CureIt oraz Malwarbytes Anti-Malware.

Daj log z combofix. Uzyj tez HdTune i daj screeny ze wszystkich zakladek programu.

[kupon]

Przeglądałem forum i z ciekawości zainstalowałem ten program.Ku mojemu zdziwieniu okazało sie,że mam infekcje.Niestety nie mogę zrozumieć skąd się wzieło P2P bo nieściągam nic ze stron niepolecanych.Nie zauważyłem aby ten program miał funkcje kasowania znalezionych obiektów.

Edytowane 2 Sierpnia 2009 przez kupon

[faro666]

LOG ComboFIXa

 

ComboFix 09-08-01.02 - Paweł 2009-08-02  1:18.1.2 - NTFSx86Microsoft® Windows Vista™ Home Basic   6.0.6002.2.1250.48.1045.18.2042.1347 [GMT 2:00]Uruchomiony z: c:\users\Paweł\Desktop\ComboFix.exeSP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}.(((((((((((((((((((((((((((((((((((((((   Usunięto   ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\temp.exe.(((((((((((((((((((((((((   Pliki utworzone od 2009-07-01 do 2009-08-01  ))))))))))))))))))))))))))))))).2009-08-01 23:24 . 2009-08-01 23:24	--------	d-----w-	c:\users\Administrator\AppData\Local\temp2009-08-01 22:57 . 2009-07-03 14:49	64160	----a-w-	c:\windows\system32\drivers\Lbd.sys2009-08-01 22:57 . 2009-08-01 22:57	--------	dc-h--w-	c:\programdata\{EF63305C-BAD7-4144-9208-D65528260864}2009-08-01 22:57 . 2009-07-08 17:28	2920112	-c--a-w-	c:\programdata\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe2009-08-01 22:56 . 2009-08-01 22:56	--------	d-----w-	c:\program files\Lavasoft2009-08-01 22:56 . 2009-08-01 22:57	--------	d-----w-	c:\programdata\Lavasoft2009-07-28 08:21 . 2008-07-12 06:18	3851784	----a-w-	c:\windows\system32\D3DX9_39.dll2009-07-26 18:03 . 2009-08-01 20:29	--------	d-----w-	c:\programdata\Media Center Programs2009-07-19 16:24 . 2009-06-15 14:53	156672	----a-w-	c:\windows\system32\t2embed.dll2009-07-19 16:24 . 2009-06-15 14:52	23552	----a-w-	c:\windows\system32\lpk.dll2009-07-19 16:24 . 2009-06-15 14:52	72704	----a-w-	c:\windows\system32\fontsub.dll2009-07-19 16:24 . 2009-06-15 14:51	10240	----a-w-	c:\windows\system32\dciman32.dll2009-07-19 16:24 . 2009-06-15 12:42	289792	----a-w-	c:\windows\system32\atmfd.dll2009-07-11 15:29 . 2009-07-11 15:29	--------	d-----w-	c:\windows\system32\ca-ES2009-07-11 15:29 . 2009-07-11 15:29	--------	d-----w-	c:\windows\system32\eu-ES2009-07-11 15:29 . 2009-07-11 15:29	--------	d-----w-	c:\windows\system32\vi-VN2009-07-11 15:07 . 2009-07-11 15:07	--------	d-----w-	c:\windows\system32\EventProviders2009-07-11 15:02 . 2009-04-11 06:28	978432	----a-w-	c:\windows\system32\drmv2clt.dll2009-07-11 15:01 . 2009-04-11 06:28	996352	----a-w-	c:\windows\system32\WMNetMgr.dll2009-07-11 15:00 . 2009-04-11 06:28	34304	----a-w-	c:\windows\system32\wshbth.dll2009-07-11 14:59 . 2009-04-11 06:28	218624	----a-w-	c:\windows\system32\wdscore.dll2009-07-11 14:59 . 2009-04-11 06:27	130560	----a-w-	c:\windows\system32\PkgMgr.exe2009-07-11 14:58 . 2009-04-11 06:28	247808	----a-w-	c:\windows\system32\drvstore.dll2009-07-07 20:34 . 2009-07-07 20:34	56	---ha-w-	c:\windows\system32\ezsidmv.dat2009-07-07 18:41 . 2009-07-07 18:41	--------	d-----w-	c:\program files\Common Files\Skype2009-07-07 18:41 . 2009-07-07 18:42	--------	d-----r-	c:\program files\Skype2009-07-07 18:41 . 2009-07-07 18:41	--------	d-----w-	c:\programdata\Skype.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-08-01 23:06 . 2008-01-21 06:20	662056	----a-w-	c:\windows\system32\perfh015.dat2009-08-01 23:06 . 2008-01-21 06:20	126908	----a-w-	c:\windows\system32\perfc015.dat2009-08-01 22:58 . 2009-05-03 18:47	12	----a-w-	c:\windows\bthservsdp.dat2009-08-01 20:28 . 2009-04-07 14:23	--------	d--h--w-	c:\program files\InstallShield Installation Information2009-08-01 10:14 . 2009-05-06 06:17	--------	d-----w-	c:\program files\Microsoft Silverlight2009-07-27 09:50 . 2009-05-17 13:56	189768	----a-w-	c:\windows\system32\PnkBstrB.exe2009-07-27 09:43 . 2009-05-17 13:56	137928	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys2009-07-21 21:52 . 2009-07-29 09:36	915456	----a-w-	c:\windows\system32\wininet.dll2009-07-21 21:47 . 2009-07-29 09:36	109056	----a-w-	c:\windows\system32\iesysprep.dll2009-07-21 21:47 . 2009-07-29 09:36	71680	----a-w-	c:\windows\system32\iesetup.dll2009-07-21 20:13 . 2009-07-29 09:36	133632	----a-w-	c:\windows\system32\ieUnatt.exe2009-07-19 17:44 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail2009-07-19 16:37 . 2009-05-18 21:45	--------	d-----w-	c:\programdata\Microsoft Help2009-07-11 15:29 . 2006-11-02 12:35	--------	d-----w-	c:\program files\Windows Calendar2009-07-11 15:29 . 2006-11-02 12:35	--------	d-----w-	c:\program files\Windows Sidebar2009-07-11 15:29 . 2006-11-02 12:35	--------	d-----w-	c:\program files\Windows Collaboration2009-07-11 15:29 . 2006-11-02 12:35	--------	d-----w-	c:\program files\Windows Photo Gallery2009-07-11 15:29 . 2006-11-02 12:35	--------	d-----w-	c:\program files\Windows Defender2009-07-11 15:29 . 2006-11-02 10:25	665600	----a-w-	c:\windows\inf\drvindex.dat2009-07-11 15:18 . 2006-11-02 12:35	37665	----a-w-	c:\windows\Fonts\GlobalUserInterface.CompositeFont2009-06-25 22:09 . 2009-06-25 22:09	--------	d-----w-	c:\programdata\Activision2009-06-19 19:05 . 2009-06-19 19:05	--------	d-----w-	c:\program files\Atari2009-06-16 19:59 . 2009-06-16 19:59	--------	d-----w-	c:\programdata\ATI2009-06-16 19:58 . 2009-06-13 12:08	--------	d-----w-	c:\program files\ATI Technologies2009-06-16 17:07 . 2009-06-19 05:03	117136	----a-w-	c:\windows\system32\drivers\VBoxDrv.sys2009-06-16 17:07 . 2009-06-19 05:02	41424	----a-w-	c:\windows\system32\drivers\VBoxUSBMon.sys2009-06-16 17:07 . 2009-06-16 17:07	91280	----a-w-	c:\windows\system32\drivers\VBoxNetAdp.sys2009-06-14 18:28 . 2009-06-14 18:28	--------	d-----w-	c:\program files\Common Files\ATI Technologies2009-06-14 18:03 . 2009-06-13 12:08	--------	d-----w-	c:\program files\ATI2009-06-13 09:25 . 2009-06-13 09:25	--------	d-----w-	c:\program files\XviD2009-06-10 18:14 . 2009-04-07 14:21	410984	----a-w-	c:\windows\system32\deploytk.dll2009-06-09 20:35 . 2009-06-09 20:35	278984	----a-w-	c:\windows\system32\drivers\atksgt.sys2009-06-09 20:35 . 2009-06-09 20:35	25416	----a-w-	c:\windows\system32\drivers\lirsgt.sys2009-06-03 20:06 . 2009-06-03 20:05	--------	d-----w-	c:\program files\QuickTime2009-06-03 20:05 . 2009-06-03 20:05	--------	d-----w-	c:\programdata\Apple Computer2009-06-03 20:05 . 2009-06-03 20:05	--------	d-----w-	c:\program files\Apple Software Update2009-06-03 20:05 . 2009-06-03 20:05	--------	d-----w-	c:\programdata\Apple2009-05-31 13:34 . 2009-05-02 18:25	413696	----a-w-	c:\windows\system32\wrap_oal.dll2009-05-31 13:34 . 2009-05-02 18:25	110592	----a-w-	c:\windows\system32\OpenAL32.dll2009-05-26 12:34 . 2009-05-26 12:34	1700352	----a-w-	c:\windows\system32\gdiplus.dll2009-05-26 12:32 . 2009-05-26 12:32	107888	----a-w-	c:\windows\system32\CmdLineExt.dll2009-05-23 16:49 . 2009-05-23 16:49	114048	----a-w-	c:\windows\system32\drivers\snapman.sys2009-05-23 09:02 . 2009-05-23 09:02	86832	----a-w-	c:\users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT2009-05-22 07:23 . 2009-05-22 07:23	385024	----a-w-	c:\windows\system32\srkey.exe2009-05-17 13:56 . 2009-05-17 13:56	75064	----a-w-	c:\windows\system32\PnkBstrA.exe2009-05-16 04:01 . 2009-05-16 04:01	4933632	----a-w-	c:\windows\system32\drivers\atikmdag.sys2009-05-16 03:24 . 2009-05-16 03:24	442368	----a-w-	c:\windows\system32\ATIDEMGX.dll2009-05-16 03:24 . 2009-05-16 03:24	335872	----a-w-	c:\windows\system32\atieclxx.exe2009-05-16 03:23 . 2009-05-16 03:23	176128	----a-w-	c:\windows\system32\atiesrxx.exe2009-05-16 03:22 . 2009-04-07 23:56	159744	----a-w-	c:\windows\system32\atitmmxx.dll2009-05-16 03:22 . 2009-04-07 23:56	356352	----a-w-	c:\windows\system32\atipdlxx.dll2009-05-16 03:22 . 2009-05-16 03:22	278528	----a-w-	c:\windows\system32\Oemdspif.dll2009-05-16 03:22 . 2009-05-16 03:22	11776	----a-w-	c:\windows\system32\atimuixx.dll2009-05-16 03:22 . 2009-05-16 03:22	43520	----a-w-	c:\windows\system32\ati2edxx.dll2009-05-16 03:19 . 2009-05-16 03:19	2411008	----a-w-	c:\windows\system32\atidxx32.dll2009-05-16 03:08 . 2009-04-07 23:56	3064832	----a-w-	c:\windows\system32\atiumdag.dll2009-05-16 02:53 . 2009-04-07 23:56	2847744	----a-w-	c:\windows\system32\atiumdva.dll2009-05-16 02:42 . 2009-05-16 02:42	51712	----a-w-	c:\windows\system32\atimpc32.dll2009-05-16 02:42 . 2009-05-16 02:42	51712	----a-w-	c:\windows\system32\amdpcom32.dll2009-05-16 02:41 . 2009-05-16 02:41	172032	----a-w-	c:\windows\system32\atiadlxx.dll2009-05-16 02:40 . 2009-05-16 02:40	11376640	----a-w-	c:\windows\system32\atioglxx.dll2009-05-16 02:27 . 2009-05-16 02:27	53248	----a-w-	c:\windows\system32\drivers\ati2erec.dll2009-05-16 02:00 . 2009-05-16 02:00	53248	----a-w-	c:\windows\system32\aticalrt.dll2009-05-16 02:00 . 2009-05-16 02:00	53248	----a-w-	c:\windows\system32\aticalcl.dll2009-05-16 01:59 . 2009-05-16 01:59	3174400	----a-w-	c:\windows\system32\aticaldd.dll2009-05-05 19:33 . 2009-05-05 19:33	118784	----a-w-	c:\windows\system32\atibtmon.exe2009-07-19 18:56 . 2009-05-02 12:57	137208	----a-w-	c:\program files\mozilla firefox\components\brwsrcmp.dll2009-04-07 14:31 . 2009-04-07 14:31	75	--sh--r-	c:\windows\CT4CET.bin2009-04-07 23:36 . 2009-04-07 23:31	8192	--sha-w-	c:\windows\Users\Default\NTUSER.DAT.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DU Meter"="c:\instalacje\Programy\DU Meter\DUMeter.exe" [2008-06-10 2645528][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-07-17 196608]"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-12-22 3810304]"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-10 148888]"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-20 98304]"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-16 483428]"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2008-12-18 76304]c:\users\Pawe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\quickset.exe - skr˘t.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-7-9 1616976]c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-5-13 809488][HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableLUA"= 0 (0x0)"EnableUIADesktopToggle"= 0 (0x0)[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]@="Service"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]@="Service"[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]"VistaSp2"=hex(b):ab,98,3e,62,3d,02,ca,01[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2459798520-3030190099-2410439410-1000]"EnableNotificationsRef"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]"{3C79F63E-0711-4C2B-BC25-E5AB0A26AEE2}"= c:\program files\Dell\MediaDirect\MediaDirect.exe:Dell MediaDirect"{E90D5625-C4AE-4E08-9363-41CF7DCB441B}"= c:\program files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program"{EF2E7093-75E0-4DA0-8FAB-5C164FF60154}"= c:\program files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine"{7599F500-A913-47CC-8AC1-190AFCB4733F}"= c:\program files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server"TCP Query User{7817268C-E8C1-4BF3-B95E-984D5E99B7E7}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary"UDP Query User{625CAE11-06D8-48DA-9B60-77A697D02C9E}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary"TCP Query User{62B77CDA-5A6A-451A-9EE2-F78C4386C4F3}c:\\instalacje\\programy\\flashget universal\\flashget.exe"= UDP:c:\instalacje\programy\flashget universal\flashget.exe:flashget"UDP Query User{D6F24126-E7F8-4C44-A253-533C656C2619}c:\\instalacje\\programy\\flashget universal\\flashget.exe"= TCP:c:\instalacje\programy\flashget universal\flashget.exe:flashget"TCP Query User{871C0943-A675-4CD5-B4F6-2C17AAB3EBA5}c:\\instalacje\\programy\\wapster aqq\\aqq.exe"= UDP:c:\instalacje\programy\wapster aqq\aqq.exe:AQQ"UDP Query User{15D7773D-C4BE-4B0A-B205-128D9BA16E7A}c:\\instalacje\\programy\\wapster aqq\\aqq.exe"= TCP:c:\instalacje\programy\wapster aqq\aqq.exe:AQQ"TCP Query User{B1CF0089-6D6F-4920-AF53-C96B935F92A6}c:\\instalacje\\programy\\wapster aqq\\aqq.exe"= UDP:c:\instalacje\programy\wapster aqq\aqq.exe:AQQ"UDP Query User{C7A484AC-526F-40B7-BB96-95A0B45720FF}c:\\instalacje\\programy\\wapster aqq\\aqq.exe"= TCP:c:\instalacje\programy\wapster aqq\aqq.exe:AQQ"TCP Query User{72FC88F6-A574-404A-A4E8-5D86170F617C}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary"UDP Query User{7B09B526-2C60-4162-9EF1-9F6352C10AC2}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary"TCP Query User{2A16813B-7B01-4239-B62E-271664E43414}c:\\program files\\java\\jre6\\launch4j-tmp\\jdownloader.exe"= UDP:c:\program files\java\jre6\launch4j-tmp\jdownloader.exe:Java(TM) Platform SE binary"UDP Query User{B3F9A1B7-CD5E-46E0-9F23-B2DF95F3DDDC}c:\\program files\\java\\jre6\\launch4j-tmp\\jdownloader.exe"= TCP:c:\program files\java\jre6\launch4j-tmp\jdownloader.exe:Java(TM) Platform SE binary"TCP Query User{98000B6D-31FB-4330-9911-AAA06212B4A9}c:\\windows\\system32\\java.exe"= UDP:c:\windows\system32\java.exe:Java(TM) Platform SE binary"UDP Query User{38553E17-9BAF-442C-88F2-1D5B5D53F2EA}c:\\windows\\system32\\java.exe"= TCP:c:\windows\system32\java.exe:Java(TM) Platform SE binary"TCP Query User{43330EBF-C311-47A3-A542-24E452209D77}c:\\program files\\java\\jre6\\launch4j-tmp\\jdownloader.exe"= UDP:c:\program files\java\jre6\launch4j-tmp\jdownloader.exe:Java(TM) Platform SE binary"UDP Query User{01F45154-963D-4143-9BFD-60374C2C6FF1}c:\\program files\\java\\jre6\\launch4j-tmp\\jdownloader.exe"= TCP:c:\program files\java\jre6\launch4j-tmp\jdownloader.exe:Java(TM) Platform SE binary"TCP Query User{0DED8146-F7ED-428F-9011-2EC9866CDF95}c:\\instalacje\\gry\\call\\cod2mp_s.exe"= UDP:c:\instalacje\gry\call\cod2mp_s.exe:CoD2MP_s"UDP Query User{AB5D6F84-D79C-4521-8082-B155EB2E8410}c:\\instalacje\\gry\\call\\cod2mp_s.exe"= TCP:c:\instalacje\gry\call\cod2mp_s.exe:CoD2MP_s"TCP Query User{8FA4F460-913E-4E7F-B6C9-A352CA9113FA}c:\\instalacje\\programy\\flashget universal\\flashget.exe"= UDP:c:\instalacje\programy\flashget universal\flashget.exe:flashget"UDP Query User{4B420CA8-3458-4687-BBB0-DD2AC4A008BB}c:\\instalacje\\programy\\flashget universal\\flashget.exe"= TCP:c:\instalacje\programy\flashget universal\flashget.exe:flashget"TCP Query User{9DA2B2AE-B6FD-4D34-9626-4D069491C137}c:\\instalacje\\programy\\revconnect\\dcplusplus.exe"= UDP:c:\instalacje\programy\revconnect\dcplusplus.exe:DC++"UDP Query User{6F157E8F-CD59-48A3-833C-A46DEDF8303F}c:\\instalacje\\programy\\revconnect\\dcplusplus.exe"= TCP:c:\instalacje\programy\revconnect\dcplusplus.exe:DC++"{BC6014BA-8230-4DAB-8AF8-921536A135C1}"= UDP:c:\instalacje\Gry\wolf\Binaries\Wolverine.exe:X-Men Origins - Wolverine"{FA4D6A96-F7D6-4042-9171-9C26330451F0}"= TCP:c:\instalacje\Gry\wolf\Binaries\Wolverine.exe:X-Men Origins - Wolverine"TCP Query User{920D671C-477E-4471-8630-12791DE62ABD}c:\\users\\paweł\\desktop\\openarena-0.8.1\\openarena.exe"= UDP:c:\users\paweł\desktop\openarena-0.8.1\openarena.exe:openarena.exe"UDP Query User{FF42157C-BC97-442F-90EB-51057B5C3732}c:\\users\\paweł\\desktop\\openarena-0.8.1\\openarena.exe"= TCP:c:\users\paweł\desktop\openarena-0.8.1\openarena.exe:openarena.exe"TCP Query User{A645EB8D-EA3A-4C7E-9934-EC8A57A52EC1}c:\\instalacje\\gry\\kwakiszon3\\quake3.exe"= UDP:c:\instalacje\gry\kwakiszon3\quake3.exe:quake3"UDP Query User{8A908E3E-DE30-48CE-8A0F-27DD17977C23}c:\\instalacje\\gry\\kwakiszon3\\quake3.exe"= TCP:c:\instalacje\gry\kwakiszon3\quake3.exe:quake3"TCP Query User{0F0C541E-72F0-44D2-B5FF-CB9753F638FF}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus"UDP Query User{3A5DD49B-27E3-4D3C-8B90-1C880756DC4A}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus"TCP Query User{FF10AF16-4226-424D-B704-E85D85007EDE}c:\\program files\\java\\jre6\\launch4j-tmp\\frd.exe"= UDP:c:\program files\java\jre6\launch4j-tmp\frd.exe:Java(TM) Platform SE binary"UDP Query User{0B539150-9B75-4FE8-9428-8165072AFC98}c:\\program files\\java\\jre6\\launch4j-tmp\\frd.exe"= TCP:c:\program files\java\jre6\launch4j-tmp\frd.exe:Java(TM) Platform SE binary"TCP Query User{58D62B04-2DBA-4C49-9BFC-570323E7802B}c:\\program files\\java\\jre6\\launch4j-tmp\\frd.exe"= UDP:c:\program files\java\jre6\launch4j-tmp\frd.exe:Java(TM) Platform SE binary"UDP Query User{32B3D364-6C6A-4232-857E-0B6C539957CB}c:\\program files\\java\\jre6\\launch4j-tmp\\frd.exe"= TCP:c:\program files\java\jre6\launch4j-tmp\frd.exe:Java(TM) Platform SE binary"TCP Query User{EDB6786E-EAA3-40B9-B70C-EAE7042FBE6C}c:\\instalacje\\gry\\iv\\grand theft auto iv\\gtaiv.exe"= UDP:c:\instalacje\gry\iv\grand theft auto iv\gtaiv.exe:Grand Theft Auto IV"UDP Query User{6F7B003B-5AD8-4D9C-8C7B-E525EFA198ED}c:\\instalacje\\gry\\iv\\grand theft auto iv\\gtaiv.exe"= TCP:c:\instalacje\gry\iv\grand theft auto iv\gtaiv.exe:Grand Theft Auto IV"{341372E9-6858-495F-A4AF-DC5F21F21026}"= UDP:c:\instalacje\Gry\Stardock Games\Demigod\bin\Demigod.exe:Demigod"{A7B65030-2935-4EE8-8E42-65B4D04414D0}"= TCP:c:\instalacje\Gry\Stardock Games\Demigod\bin\Demigod.exe:Demigod"TCP Query User{5F269CCA-98A8-45A9-8EE8-73CDB9686BB8}c:\\program files\\java\\jre6\\bin\\java.exe"= UDP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary"UDP Query User{EB18AA0B-8B90-47BC-A89B-B491FFA056DA}c:\\program files\\java\\jre6\\bin\\java.exe"= TCP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary"TCP Query User{49A5BEA6-0A09-449E-8B94-E2D39D635B60}c:\\program files\\java\\jre6\\bin\\java.exe"= UDP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary"UDP Query User{5B1333F9-5BE6-4177-98FB-38438E0EC21C}c:\\program files\\java\\jre6\\bin\\java.exe"= TCP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary"TCP Query User{D59DF46F-D255-4A7C-8851-6C19AB1AE766}c:\\instalacje\\gry\\call\\cod2mp_s.exe"= UDP:c:\instalacje\gry\call\cod2mp_s.exe:CoD2MP_s"UDP Query User{0CDF672A-4F13-457F-94EB-0AABAD61A826}c:\\instalacje\\gry\\call\\cod2mp_s.exe"= TCP:c:\instalacje\gry\call\cod2mp_s.exe:CoD2MP_s"TCP Query User{EF780E28-49FF-4F84-98C3-3264E672AD81}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox"UDP Query User{953D4CF9-8CEE-4674-8262-73A510307C36}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox"{525E6788-42D9-4264-8DD4-25714F7B24B7}"= UDP:c:\instalacje\Programy\JDownloader 0.5.859\JDownloader.exe:JDownloader"{DE9E0CF1-D232-417A-B58C-67B8119E6D23}"= TCP:c:\instalacje\Programy\JDownloader 0.5.859\JDownloader.exe:JDownloader"{48849A85-6195-4364-AF93-5A27A7D92564}"= UDP:c:\instalacje\Gry\prototipiusz\prototypef.exe:Prototype(TM)"{4D84C3F2-5DB2-4E8B-BE8F-B3D7CF9D3CFA}"= TCP:c:\instalacje\Gry\prototipiusz\prototypef.exe:Prototype(TM)"TCP Query User{C297BA70-4B89-4BD7-99B1-14E751D9776B}c:\\instalacje\\gry\\bf2\\bf2.exe"= UDP:c:\instalacje\gry\bf2\bf2.exe:BF2"UDP Query User{1AE1CF62-22A6-49DE-8F53-AE77166E350E}c:\\instalacje\\gry\\bf2\\bf2.exe"= TCP:c:\instalacje\gry\bf2\bf2.exe:BF2"{DAA3F5ED-E913-4067-B459-13EA9761CF13}"= UDP:c:\instalacje\Gry\bf2143\BF2142.exe:Battlefield 2"{62391C31-AF04-4C98-8D5F-3C70FF40B5E4}"= TCP:c:\instalacje\Gry\bf2143\BF2142.exe:Battlefield 2"{26F50031-1B06-4552-9391-09653C49925A}"= c:\program files\Skype\Phone\Skype.exe:Skype"{9EAA2DF2-94B5-47D4-84AB-1842D3AAF880}"= UDP:c:\program files\Skype\Phone\Skype.exe:Skype.exe"{796D1E51-7359-496F-9577-197D6B70D497}"= TCP:c:\program files\Skype\Phone\Skype.exe:Skype.exe"{13EB6B47-2ECB-4139-A958-CD7FAD222887}"= UDP:c:\instalacje\Gry\Mass Effect\Binaries\MassEffect.exe:Mass Effect Game"{2A5BBCFE-8EBF-460F-9102-B563EA041BA8}"= TCP:c:\instalacje\Gry\Mass Effect\Binaries\MassEffect.exe:Mass Effect Game"{9AD24DD3-3660-46C4-A2C0-92039C14D65E}"= UDP:c:\instalacje\Gry\Mass Effect\MassEffectLauncher.exe:Mass Effect Launcher"{2DC5EA09-62D1-4981-A958-E4D29426D7C0}"= TCP:c:\instalacje\Gry\Mass Effect\MassEffectLauncher.exe:Mass Effect Launcher"{3C4BE1F7-A10E-4D89-8894-22AB1FF4374C}"= UDP:c:\instalacje\Gry\fuel\FUEL.exe:FUEL"{066CA19D-3DB4-41BE-9072-9952BCE32554}"= TCP:c:\instalacje\Gry\fuel\FUEL.exe:FUEL[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]"c:\\Instalacje\\Programy\\FlashGet universal\\FlashGet.exe"= c:\instalacje\Programy\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"c:\\Instalacje\\Programy\\FlashGet universal\\LiveUpdate.exe"= c:\instalacje\Programy\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"c:\\Instalacje\\Programy\\FlashGet universal\\LiveUpdateEx.exe"= c:\instalacje\Programy\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateExR0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [2009-08-02 64160]R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2009-05-02 114768]R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe [2009-05-07 81920]R2 AMD External Events Utility;AMD External Events Utility;c:\windows\System32\atiesrxx.exe [2009-05-16 176128]R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2009-05-02 20560]R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2009-05-02 51792]R2 DUMeterSvc;DU Meter Service;c:\instalacje\Programy\DU Meter\DUMeterSvc.exe [2009-05-04 1386008]R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-07-03 1029456]R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\System32\drivers\AtiHdmi.sys [2009-04-24 95544]R3 itecir;ITECIR Infrared Receiver;c:\windows\System32\drivers\itecir.sys [2009-04-08 54784]R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\k57nd60x.sys [2009-04-08 203264]R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\System32\drivers\OA001Ufd.sys [2009-04-08 133472]R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\System32\drivers\OA001Vid.sys [2009-04-08 279488]R3 TSCOMM;CommStudio Virtual Adapter by TamoSoft;c:\windows\System32\drivers\tscomm.sys [2009-05-04 39976]S3 ultradfg;ultradfg;c:\windows\System32\drivers\ultradfg.sys [2009-05-13 33792]S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\System32\drivers\VBoxNetAdp.sys [2009-06-16 91280]S3 whmice2k;Advanced Wheel Mouse Upper Filter Driver;c:\windows\System32\drivers\whmice2k.sys [2009-05-12 6885][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]LocalServiceNoNetwork	REG_MULTI_SZ	   PLA DPS BFE mpssvcbthsvcs	REG_MULTI_SZ	   BthServ[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP.Zawartość folderu 'Zaplanowane zadania'2009-08-01 c:\windows\Tasks\Ad-Aware Update (Weekly).job- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-07-03 14:49]..------- Skan uzupełniający -------.uStart Page = [url="about:blank"]about:blank[/url]IE: &Download All by FlashGet - c:\instalacje\Programy\FlashGet universal\ComDlls\Bhoall.htmIE: &Download by FlashGet - c:\instalacje\Programy\FlashGet universal\ComDlls\Bholink.htmIE: E&ksportuj do programu Microsoft Excel - c:\instal~1\Programy\office07\Office12\[url="http://EXCEL.EXE/3000"]EXCEL.EXE/3000[/url]IE: Wyślij do interfejsu &Bluetooth - c:\program files\X-Micro\Oprogramowanie interfejsu Bluetooth\btsendto_ie_ctx.htmFF - ProfilePath - c:\users\Paweł\AppData\Roaming\Mozilla\Firefox\Profiles\ogb1unj8.default\FF - prefs.js: browser.startup.homepage - google.plFF - component: [url="http://c:%5Cusers%5CPawe%C5%82%5CAppData%5CRoaming%5CMozilla%5CFirefox%5CProfiles%5Cogb1unj8.default%5Cextensions%5Csupport@lastpass.com"]c:\users\Paweł\AppData\Roaming\Mozilla\Firefox\Profiles\ogb1unj8.default\extensions\support@lastpass.com[/url]\platform\WINNT_x86-msvc\components\lpxpcom.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dllFF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\---- FIREFOX - SPOSÓB POSTĘPOWANIA ----c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota",	  5120);c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history",	 true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata",	true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords",   false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads",   true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies",	 true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache",	   true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions",	true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history",				 true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata",				true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords",			   false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads",			   true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies",				 true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache",				   true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions",				true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps",			 false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings",			false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs",	false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "[url="https://www.google.com/loc/json"]https://www.google.com/loc/json[/url]");.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url]Rootkit scan 2009-08-02 01:25Windows 6.0.6002 Service Pack 2 NTFSskanowanie ukrytych procesów ...  skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ...  skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DUMeterSvc]"ImagePath"="c:\instalacje\Programy\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService".--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------[HKEY_USERS\S-1-5-21-2459798520-3030190099-2410439410-1000\Software\SecuROM\License information*]@Allowed: (Read) (RestrictedCode)"datasecu"=hex:5b,f0,5c,a8,d1,9c,3b,46,52,e0,05,64,b8,c1,1c,3f,5e,1c,f3,dc,52,   77,8d,ee,fa,4d,37,3b,8d,f3,dc,7f,db,26,e9,22,ce,45,54,b2,b6,67,2a,5e,e6,4e,\"rkeysecu"=hex:40,10,4d,3e,60,4d,fd,37,94,89,f7,79,83,e5,ac,3d.Czas ukończenia: 2009-08-01  1:27ComboFix-quarantined-files.txt  2009-08-01 23:26Przed: 92 553 592 832 bajtów wolnychPo: 92 625 797 120 bajtów wolnych331	--- E O F ---	2009-08-01 10:07

 

Żaden z programów nie wykrył infekcji.

[ULLISSES]

Mylisz się. ComboFix usunął plik robaczka.

Daj log z HijackThis - może wybierzemy coś jeszcze do skasowania.

[faro666]

hijackthis

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:24:20, on 2009-08-02

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18813)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\WLTRAY.EXE

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Instalacje\Programy\DU Meter\DUMeter.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Instalacje\Programy\FlashGet universal\ComDlls\bhoCATCH.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe

O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe

O4 - HKCU\..\Run: [DU Meter] C:\Instalacje\Programy\DU Meter\DUMeter.exe

O4 - Startup: quickset.exe — skrót.lnk = C:\Program Files\Dell\QuickSet\quickset.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: &Download All by FlashGet - C:\Instalacje\Programy\FlashGet universal\ComDlls\Bhoall.htm

O8 - Extra context menu item: &Download by FlashGet - C:\Instalacje\Programy\FlashGet universal\ComDlls\Bholink.htm

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\INSTAL~1\Programy\office07\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Wyślij do interfejsu &Bluetooth - C:\Program Files\X-Micro\Oprogramowanie interfejsu Bluetooth\btsendto_ie_ctx.htm

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\INSTAL~1\Programy\office07\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe

O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati External Event Utility - AMD - C:\Windows\system32\atiesrxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Instalacje\Programy\DU Meter\DUMeterSvc.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

 

--

End of file - 5549 bytes

 

 

nadal komp muli, możliwe że to przez karte sieciową w laptopie?? (że tak obciąża procesor?)

[ULLISSES]

Eh, znów Vista.

Czy mulenie nie pojawia się przypadkiem przy włączonych programach do pobierania? (Kazaa, Azureus)?

 

Jest jeszcze opcja, że jest coś nie tak ze sterownikiem lub kablem/gniazdkiem.

[faro666]

Eh, znów Vista.

Czy mulenie nie pojawia się przypadkiem przy włączonych programach do pobierania? (Kazaa, Azureus)?

 

Jest jeszcze opcja, że jest coś nie tak ze sterownikiem lub kablem/gniazdkiem.

Nie używam żadnego p2p jedynie JDownloadera. Mulenie jest po prostu jak się wsadzi kabel, wyciągam problem znika, ok dziś znowu wracam do bezprzewodowego neta i zobacze czy problem się powtórzy.

[ULLISSES]

A JDownloader wtedy działa??

Nazwa sugeruje oparcie go o język Java, który może zmulać kompa. Wyłącz wszystkie aplikacje (uruchomione na Twoim koncie - poza Explorer.exe) przy pomocy menedżera zadań i wtedy podłącz kabel.

[faro666]

A JDownloader wtedy działa??

Nazwa sugeruje oparcie go o język Java, który może zmulać kompa. Wyłącz wszystkie aplikacje (uruchomione na Twoim koncie - poza Explorer.exe) przy pomocy menedżera zadań i wtedy podłącz kabel.

znowu korzystam bezprzewodowo z neta i jest lux, system nie zużywa za dużo procka, czyli winowajcą była sieciówka w lapku, z drugiej strony jak mi sie zachce podpiąć kabelek to bede musiał sie liczyc z obniżeniem wydajnosci kompa <_<

 

EDIT:

Nie działa wtedy JD

Edytowane 2 Sierpnia 2009 przez faro666

[Kolobos]

Zamknij porty przy pomocy wwdc.exe, jakis firewall np. ten z Comdo IS tez nie zaszkodzi.

[toman]

prędzej sterownik karty a niżeli sama karta powoduje spowolnienie.

[ULLISSES]

Spróbuj zmienić sterowniki sieciówki. Uruchom jakiegoś Linuxa live-cd. Jeśli na nim sytuacja się powtórzy, to sprzęt nadaje się do serwisu.

Wcześniej jednak sprawdź jeszcze inny kabel i inny port w routerze (czy co tam masz).

[faro666]

hahahahah okazało się że to zintegrowana karta sieciowa obciąża procesor (tzn na innych forach spotkałem się ze stwierdzeniem że to raczej norma) sprawa rozwiązana temat do zamknięcia

pozdro