Wykryto wyłączony javascript
Aktualnie masz wyłączony javascript. Kilka funkcji może nie działać. Włącz ponownie javascript, aby korzystać z pełnej funkcjonalności.
Logi - Zwiększony ping w grach

Rozpoczęty przez Lich-koś , 10 10 2010 16:29
Temat jest zamknięty
1 odpowiedź w tym temacie
#1 Lich-koś

Who doesn't like chocolate rain?
126 postów
Napisano 10 10 2010 - 16:29
A więc od jakichś 2 dni mój komputer wykazuje obciążenie połączenia internetowego. Dzielę łącze z bratem i zazwyczaj nie ogląda filmików. Czasami nawet brata nie ma, a ja mam ping ok. 200 ms. Myślę, że to wina albo wirusów albo antyvira. Narazie wklejam logi i proszę o pomoc.
ComboFix 10-10-09.06 - admin 2010-10-10  16:50:38.1.2 - x86

Uruchomiony z: e:\kuba\ComboFix.exe

.



(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))

.



c:\documents and settings\admin\Dane aplikacji\.#

c:\documents and settings\admin\Dane aplikacji\addons.dat

c:\documents and settings\admin\Dane aplikacji\chrtmp

c:\documents and settings\All Users\Dane aplikacji\hpeF0.dll

C:\ErrLog.txt

c:\windows\system32\Thumbs.db

E:\install.exe



.

(((((((((((((((((((((((((   Pliki utworzone od 2010-09-10 do 2010-10-10  )))))))))))))))))))))))))))))))

.



2010-10-08 19:23 . 2010-10-08 19:23	--------	d-----w-	c:\documents and settings\admin\Dane aplikacji\Avira

2010-10-08 19:22 . 2010-10-08 20:11	--------	d-----w-	c:\windows\system32\NtmsData

2010-10-08 19:13 . 2010-03-01 08:06	124784	----a-w-	c:\windows\system32\drivers\avipbb.sys

2010-10-08 19:13 . 2010-02-16 12:24	60936	----a-w-	c:\windows\system32\drivers\avgntflt.sys

2010-10-08 19:13 . 2009-05-11 10:49	45416	----a-w-	c:\windows\system32\drivers\avgntdd.sys

2010-10-08 19:13 . 2009-05-11 10:49	22360	----a-w-	c:\windows\system32\drivers\avgntmgr.sys

2010-10-08 19:13 . 2010-10-08 19:13	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Avira

2010-10-07 13:49 . 2010-10-07 13:49	--------	d-----w-	c:\program files\Common Files\Adobe

2010-10-02 22:19 . 2010-10-08 11:58	--------	d-----w-	c:\documents and settings\admin\Dane aplikacji\RayV

2010-10-02 22:19 . 2010-10-02 22:19	--------	d-----w-	c:\program files\RayV

2010-10-02 22:05 . 2010-10-04 18:30	--------	d-----w-	c:\documents and settings\admin\Dane aplikacji\Ventrilo

2010-09-22 16:10 . 2010-09-22 16:10	103864	----a-w-	c:\program files\Mozilla Firefox\plugins\nppdf32.dll

2010-09-21 16:56 . 2010-09-21 16:56	--------	d-----w-	c:\documents and settings\admin\Dane aplikacji\AIMP

2010-09-20 18:56 . 2010-09-20 18:56	--------	d-sh--w-	c:\documents and settings\All Users\Dane aplikacji\SecuROM

2010-09-14 11:44 . 2010-09-14 11:44	--------	d-----w-	c:\program files\Common Files\Java

2010-09-14 11:44 . 2010-07-17 03:00	423656	----a-w-	c:\windows\system32\deployJava1.dll

2010-09-14 11:44 . 2010-07-17 03:00	423656	----a-w-	c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll



.

((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-10-19 17:59 . 2009-12-28 13:14	47104	----a-w-	c:\program files\mozilla firefox\components\FFComm.dll

.



(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  

REGEDIT4



[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 868352]

"DAEMON Tools Lite"="e:\kuba\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

"Cracked Steam Service"="e:\kuba\Cracked Steam\SupportSoftware\cs_service.exe" [2009-11-24 292304]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-02-26 153136]

"MP10_EnsureFileVer"="c:\windows\inf\unregmp2.exe" [2008-04-15 208896]

"CTCheck"="e:\kuba\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]

"Ask and Record FLV Service"="c:\program files\Replay Media Catcher\FLVSrvc.exe" [2009-09-22 156672]

"RTHDCPL"="RTHDCPL.EXE" [2010-03-17 19520544]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

"avgnt"="e:\kuba\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]



[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]



c:\documents and settings\All Users\Menu Start\Programy\Autostart\

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]



[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)



[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"e:\\Kuba\\World of Warcraft\\WoW-3.2.0-enGB-downloader.exe"=

"e:\\Kuba\\World of Warcraft\\Launcher.exe"=

"e:\\Kuba\\BitComet\\BitComet.exe"=

"e:\\Kuba\\FrostWire\\FrostWire.exe"=

"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=

"c:\\Program Files\\Cyanide\\GameCenter\\GameCenter.exe"=

"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=

"e:\\Kuba\\League of Legends\\Air\\LolClient.exe"=

"e:\\Kuba\\League of Legends\\Game\\League of Legends.exe"=

"e:\\Kuba\\Cracked Steam\\steamapps\\common\\peggle extreme\\PeggleExtreme.exe"=

"e:\\Skype\\Phone\\Skype.exe"=



[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

"6112:TCP"= 6112:TCP:War3

"13287:TCP"= 13287:TCP:BitComet 13287 TCP

"13287:UDP"= 13287:UDP:BitComet 13287 UDP

"57613:TCP"= 57613:TCP:Pando Media Booster

"57613:UDP"= 57613:UDP:Pando Media Booster

"8378:TCP"= 8378:TCP:League of Legends Launcher

"8378:UDP"= 8378:UDP:League of Legends Launcher

"8379:TCP"= 8379:TCP:League of Legends Launcher

"8379:UDP"= 8379:UDP:League of Legends Launcher

"8394:TCP"= 8394:TCP:League of Legends Launcher

"8394:UDP"= 8394:UDP:League of Legends Launcher

"6947:TCP"= 6947:TCP:League of Legends Launcher

"6947:UDP"= 6947:UDP:League of Legends Launcher



R2 AntiVirMailService;Avira AntiVir MailGuard;e:\kuba\Avira\AntiVir Desktop\avmailc.exe [2010-10-08 337064]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;e:\kuba\Avira\AntiVir Desktop\sched.exe [2010-10-08 135336]

R2 AntiVirWebService;Avira AntiVir WebGuard;e:\kuba\Avira\AntiVir Desktop\avwebgrd.exe [2010-10-08 405672]

R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;e:\kuba\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]

S2 gupdate1ca6c1b1af9375c;Usługa Google Update (gupdate1ca6c1b1af9375c);c:\program files\Google\Update\GoogleUpdate.exe [2009-11-23 133104]

S2 OMSI download service;Sony Ericsson OMSI download service;e:\kuba\Sony Ericsson PC Suite\SupServ.exe [2010-03-10 90112]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-03-29 1691480]

S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\admin\USTAWI~1\Temp\GPB6E.tmp --> c:\docume~1\admin\USTAWI~1\Temp\GPB6E.tmp [?]

S3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\drivers\gan_adapter.sys [2006-08-29 10664]

S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys --> c:\windows\system32\DRIVERS\ManyCam.sys [?]

S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 34064]

S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2010-03-10 89256]

S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2010-03-10 15016]

S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2010-03-10 120744]

S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2010-03-10 114216]

S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2010-03-10 25512]

S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2010-03-10 110632]

S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2010-03-10 115752]

S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-10-01 691696]

.

Zawartość folderu 'Zaplanowane zadania'



2010-10-10 c:\windows\Tasks\GlaryInitialize.job

- e:\kuba\Glary Utilities\initialize.exe [2009-12-27 19:36]



2010-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-23 08:58]



2010-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-23 08:58]

.

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.ask.com?o=14200&l=dis

IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000

IE: Pobierz wszystkie VIdeo za pomocą BitComet - e:\kuba\BitComet\BitComet.exe/AddVideo.htm

IE: Pobierz wszystko za pomocą BitComet - e:\kuba\BitComet\BitComet.exe/AddAllLink.htm

IE: Pobierz za pomocą BitComet - e:\kuba\BitComet\BitComet.exe/AddLink.htm

LSP: e:\kuba\Avira\AntiVir Desktop\avsda.dll

TCP: {7344FEE1-791E-4EAA-8469-2AF4AB19BEDF} = 192.168.1.1,192.168.1.2

FF - ProfilePath - c:\documents and settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\6ggzkz7k.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/

FF - component: c:\documents and settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\6ggzkz7k.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll

FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll

FF - plugin: c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.4.dll

FF - plugin: c:\documents and settings\All Users\Dane aplikacji\id Software\QuakeLive\npquakezero.dll

FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\



---- FIREFOX - SPOSÓB POSTĘPOWANIA ----

FF - user.js: general.useragent.extra.zencast - Creative ZENcast v2.00.13c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); 

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 

.

- - - - USUNIĘTO PUSTE WPISY - - - -



HKCU-Run-RGSC - e:\kuba\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe

ActiveSetup-{9D71D88C-C598-4935-C5D1-43AA4DB90836} - c:\program files\windll\seva.exe

AddRemove-ComicMaker3 - e:\kuba\!imp\TIfA the LIMIT - FINAL HEAVEN\TIA the LIMIT - FINAL HEAVEN\epuninst.exe







[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]

"ImagePath"="\??\c:\docume~1\admin\USTAWI~1\Temp\GPB6E.tmp"

.

--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------



[HKEY_USERS\S-1-5-21-527237240-682003330-773345612-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

"??"=hex:b2,af,7d,e7,4e,71,4d,67,37,07,9a,27,50,81,a3,39,17,a3,34,1f,d5,f3,d8,

   71,07,5d,3b,34,82,4e,40,d2,53,fa,57,6a,a5,c4,7e,11,72,43,76,1b,5a,a0,af,39,\

"??"=hex:e6,7a,30,6a,9c,99,59,a2,1a,ea,43,8d,a0,bf,cb,21



[HKEY_USERS\S-1-5-21-527237240-682003330-773345612-1004\Software\SecuROM\License information*]

"datasecu"=hex:36,1b,7a,e7,f8,c1,5a,70,86,de,5c,2c,02,6c,eb,54,fe,b3,12,7d,18,

   ed,d0,70,58,f3,85,03,d3,fd,2d,04,32,25,3e,d4,1b,bb,3b,cc,b5,c3,93,cf,72,9d,\

"rkeysecu"=hex:da,ca,75,f0,3a,98,7b,d1,00,52,71,c3,ed,7d,58,14

.

--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------



- - - - - - - > 'lsass.exe'(896)

e:\kuba\Avira\AntiVir Desktop\avsda.dll

.

Czas ukończenia: 2010-10-10  16:54:52

ComboFix-quarantined-files.txt  2010-10-10 14:54



Przed: 23 531 638 784 bajtów wolnych

Po: 23 767 212 032 bajtów wolnych



WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect



- - End Of File - - B1A64395534C883A222C1FB89EA4D2F7