Dość duże przymulenie komputera


(Akira3179082) #1

Od kilku dni mój komputer jest dość mocno przymulony. Gdy działa emule nawet foobar się tnie. Mam ponad 30 połączeń z netem z czego około 20 z ashwebsv.exe a nie korzystam w tym momencie z internetu zbyt intensywnie. Poniżej log HJT:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:16:57, on 2007-11-10

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal


Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\ZoneLabs\vsmon.exe

D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

D:\Program Files\Alwil Software\Avast4\ashServ.exe

D:\WINDOWS\system32\spoolsv.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\Explorer.EXE

D:\WINDOWS\Mixer.exe

D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

D:\Program Files\cFosSpeed\cFosSpeed.exe

D:\Program Files\Google\Gmail Notifier\gnotify.exe

D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

D:\Program Files\DialNet\winpppoverethernet.exe

D:\Program Files\Konnekt\konnekt.exe

D:\Program Files\WhatPulse\WhatPulse.exe

D:\Program Files\Xfire\xfire.exe

D:\Program Files\cFosSpeed\spd.exe

D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

D:\Program Files\NetLimiter 2 Pro\nlsvc.exe

D:\WINDOWS\system32\PnkBstrA.exe

D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

D:\Program Files\DialNet\WrOS.EXE

D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

D:\Program Files\Alwil Software\Avast4\ashWebSv.exe

D:\Program Files\NetLimiter 2 Pro\NLClient.exe

D:\WINDOWS\System32\svchost.exe

D:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

D:\WINDOWS\system32\svchost.exe

D:\Program Files\foobar2000\foobar2000.exe

D:\Program Files\Mozilla Firefox\firefox.exe

D:\Program Files\Trend Micro\HijackThis\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.spolszczenia.pl.prv.pl

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\Program Files\FlashGet\jccatch.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\Program Files\FlashGet\getflash.dll

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [SiSUSBRG] D:\WINDOWS\SiSUSBrg.exe

O4 - HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [cFosSpeed] D:\Program Files\cFosSpeed\cFosSpeed.exe

O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] D:\Program Files\Google\Gmail Notifier\gnotify.exe

O4 - HKLM\..\Run: [ZoneAlarm Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [a-winpoet-service] "D:\Program Files\DialNet\winpppoverethernet.exe"

O4 - HKLM\..\Run: [] "D:\PROGRA~1\DialNet\FPLICE~1.EXE zhimakaimen//WINPOET_QUITTING_EVENT"

O4 - HKLM\..\Run: [z-wrdialer] "D:\Program Files\DialNet\wrdialer.exe"

O4 - HKLM\..\Run: [No-IP Client 1.42] D:\Program Files\No-IP Client\noipclient.exe

O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [EPSON Stylus C45 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB001" /M "Stylus C45"

O4 - HKCU\..\Run: [Konnekt] "D:\Program Files\Konnekt\konnekt.exe" /autostart

O4 - HKCU\..\Run: [z-WrDialer] D:\Program Files\DialNet\WrDialer.exe

O4 - HKCU\..\Run: [Gadu-Gadu] "D:\Documents and Settings\Akira.AKIRA-DOM\Pulpit\Gadu-Gadu\gg.exe" /tray

O4 - HKCU\..\Run: [WhatPulse] D:\Program Files\WhatPulse\WhatPulse.exe

O4 - HKCU\..\Run: [Spol] http://www.toya.net.pl/~spol/site/index.htm

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Xfire.lnk = D:\Program Files\Xfire\xfire.exe

O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - D:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - D:\Program Files\FlashGet\jc_all.htm

O8 - Extra context menu item: Download with Rapget - D:\Documents and Settings\Akira.AKIRA-DOM\Pulpit\RapGet\rapget.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\FlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\FlashGet.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{51D83F7C-7B55-4246-87BF-56BDBA93B330}: NameServer = 217.30.129.149 217.30.137.200

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: D:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - Unknown owner - D:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - D:\Program Files\cFosSpeed\spd.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: MSCSPTISRV - Sony Corporation - D:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NetLimiter (nlsvc) - Locktime Software - D:\Program Files\NetLimiter 2 Pro\nlsvc.exe

O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: PACSPTISVR - Sony Corporation - D:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - D:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - D:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe

O23 - Service: Qbik WinGate Engine (WinGateEngine) - Unknown owner - D:\Program Files\WinGate\WinGate.exe (file missing)

O23 - Service: WinPPPoverEthernet - Fine Point Technologies, Inc. - D:\Program Files\DialNet\WrOS.EXE


--

End of file - 8288 bytes

Dzięki z góry za pomoc


(Pan Ziombl) #2

ashwebsv.exe sprawdza czy sa dostepne aktualizacje avasta, chyba masz 2 dialery ale niech inni sprawdza