Plik stronicowania zajęty w 98%

kgb.musztarda · 2 Grudzień 2007 15:25

Otóż robiłem reinstalację systemu i teraz spostrzegłem że plik stronicowania wykorzystywany jest w 98%, wcześniej był w zaledwie 35%. Daję loga:

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:24:54, on 2007-12-02 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\AlienGUIse\wbload.exe E:\WINDOWS\system32\spoolsv.exe E:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe E:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe E:\PROGRA~1\Grisoft\AVG7\avgemc.exe E:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe E:\Program Files\cFosSpeed\spd.exe E:\WINDOWS\System32\nvsvc32.exe E:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe E:\WINDOWS\Explorer.EXE E:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe E:\WINDOWS\SOUNDMAN.EXE E:\WINDOWS\TBPanel.exe E:\Program Files\cFosSpeed\cFosSpeed.exe E:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe E:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe E:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe E:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE E:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe E:\progra~1\mozill~1\firefox.exe E:\Program Files\WapSter\AQQ\AQQ.exe E:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file) O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} - E:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM…\Run: [Gainward] E:\WINDOWS\TBPanel.exe /A O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [AVG7_CC] E:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM…\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM…\Run: [cFosSpeed] E:\Program Files\cFosSpeed\cFosSpeed.exe O4 - HKLM…\Run: [system32] E:\WINDOWS\system32\system32.exe O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User ‘USŁUGA LOKALNA’) O4 - HKUS\S-1-5-19…\Run: [AVG7_Run] E:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User ‘USŁUGA LOKALNA’) O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’) O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’) O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’) O4 - Startup: Alienware Dock.lnk = E:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: DSLMON.lnk = E:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O8 - Extra context menu item: Ściągnij przez IDM - E:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - E:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - E:\Program Files\Internet Download Manager\IEGetVL.htm O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra ‘Tools’ menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: E:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O17 - HKLM\System\CCS\Services\Tcpip…{CBDDF233-B5C0-4F4A-9B76-5BBE250D9BDB}: NameServer = 194.204.159.1 217.98.63.164 O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - E:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - E:\Program Files\cFosSpeed\spd.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - E:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe – End of file - 5029 bytes

Gutek · 2 Grudzień 2007 17:26

usuń wpis HJT

Daj log z ComboFix

kgb.musztarda · 2 Grudzień 2007 18:35

Sfixowałem tamten wpis. Log:

ComboFix 07-12-02.5 - Daniel 2007-12-02 19:22:33.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.675 [GMT 1:00] Running from: E:\Documents and Settings\Daniel\Moje dokumenty\Downloads\Programs\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . E:\Program Files\myglobalsearch E:\Program Files\myglobalsearch\bar\History\search . ((((((((((((((((((((((((( Files Created from 2007-11-02 to 2007-12-02 ))))))))))))))))))))))))))))))) . 2007-12-01 19:59 . 2007-12-01 19:59 61 --a------ E:\WINDOWS\wininit.ini 2007-12-01 19:55 . 2007-12-01 19:59 2007-12-01 18:36 . 2007-12-01 18:36 2007-12-01 18:36 . 2002-11-25 15:57 811,008 --a------ E:\WINDOWS\AquaReal.scr 2007-12-01 18:36 . 2002-11-15 17:56 131,072 --a------ E:\WINDOWS\SNVerifyDLL.dll 2007-12-01 17:56 . 2007-12-02 19:17 2007-12-01 17:56 . 2007-03-13 17:30 649,432 -ra------ E:\WINDOWS\system32\drivers\cfosspeed.sys 2007-12-01 17:56 . 2007-03-13 17:30 281,816 --a------ E:\WINDOWS\system32\cfosspeed.dll 2007-12-01 16:39 . 2007-12-01 16:39 2007-12-01 15:39 . 2007-12-01 17:01 340,017 --a------ E:\WINDOWS\system32\drivers\fwdrv.err 2007-12-01 15:17 . 2006-10-04 15:06 1,197,294 -----c— E:\WINDOWS\system32\dllcache\sysmain.sdb 2007-12-01 15:17 . 2006-10-04 15:06 764,868 -----c— E:\WINDOWS\system32\dllcache\apph_sp.sdb 2007-12-01 15:17 . 2006-10-04 15:06 217,118 -----c— E:\WINDOWS\system32\dllcache\apphelp.sdb 2007-12-01 15:16 . 2007-12-01 15:16 2007-12-01 15:14 . 2007-12-01 15:14 2007-12-01 15:14 . 2007-12-01 15:15 2007-12-01 15:09 . 2004-08-04 00:38 14,848 --a------ E:\WINDOWS\system32\drivers\kbdhid.sys 2007-12-01 15:09 . 2004-08-04 00:38 14,848 --a–c— E:\WINDOWS\system32\dllcache\kbdhid.sys 2007-12-01 15:09 . 2001-10-26 16:57 12,160 --a------ E:\WINDOWS\system32\drivers\mouhid.sys 2007-12-01 15:09 . 2001-10-26 16:57 12,160 --a–c— E:\WINDOWS\system32\dllcache\mouhid.sys 2007-11-30 22:49 . 2007-11-30 22:49 2007-11-30 22:47 . 2004-08-03 23:08 36,224 --a------ E:\WINDOWS\system32\drivers\hidclass.sys 2007-11-30 22:47 . 2004-08-03 23:08 36,224 --a–c— E:\WINDOWS\system32\dllcache\hidclass.sys 2007-11-30 22:47 . 2004-08-03 23:08 24,960 --a------ E:\WINDOWS\system32\drivers\hidparse.sys 2007-11-30 22:47 . 2004-08-03 23:08 24,960 --a–c— E:\WINDOWS\system32\dllcache\hidparse.sys 2007-11-30 22:47 . 2001-08-17 22:02 9,600 --a------ E:\WINDOWS\system32\drivers\hidusb.sys 2007-11-30 22:47 . 2001-08-17 22:02 9,600 --a–c— E:\WINDOWS\system32\dllcache\hidusb.sys 2007-11-30 22:27 . 2007-11-30 22:27 2007-11-30 20:09 . 2007-11-30 20:09 2007-11-30 18:03 . 2007-11-30 18:03 14,468 --a------ E:\lista.fpl 2007-11-29 20:34 . 2007-11-29 20:34 2007-11-29 20:25 . 2007-11-29 20:25 2007-11-28 22:05 . 2007-12-01 20:29 2007-11-28 21:02 . 2007-11-28 21:02 2007-11-28 21:02 . 2007-11-28 21:09 2007-11-28 21:00 . 2007-11-28 21:00 2007-11-28 19:40 . 2007-11-28 19:40 2007-11-28 19:40 . 2006-06-20 10:04 4,239,360 --a------ E:\WINDOWS\system32\qtp-mt334.dll 2007-11-28 19:40 . 2006-06-20 10:04 232,960 --a------ E:\WINDOWS\system32\prgiso.dll 2007-11-28 19:40 . 2006-06-20 10:04 30,820 --a------ E:\WINDOWS\system32\drivers\hotcore.sys 2007-11-28 19:40 . 2006-06-20 10:04 8,192 --a------ E:\WINDOWS\system32\wnaspi32.dll 2007-11-28 19:13 . 2007-11-28 19:58 2007-11-28 18:34 . 2007-11-28 18:34 2007-11-28 18:34 . 2007-12-02 17:00 2007-11-28 18:26 . 2007-11-28 19:09 2007-11-28 18:26 . 2006-12-19 16:53 24,072 --a------ E:\WINDOWS\system32\uxtuneup.dll 2007-11-28 18:25 . 2007-11-28 18:25 2007-11-28 18:25 . 2007-11-28 18:25 2007-11-28 18:05 . 2007-12-01 19:53 2007-11-28 17:53 . 2007-11-28 17:53 2007-11-27 22:59 . 2007-11-27 22:59 2007-11-27 22:59 . 2007-11-27 22:59 2007-11-27 22:58 . 2007-11-27 22:58 2007-11-27 22:56 . 2007-11-27 22:56 2007-11-27 22:36 . 2007-11-27 22:36 2007-11-27 22:36 . 2007-11-27 22:36 2007-11-27 22:27 . 2007-11-29 19:29 2007-11-27 22:27 . 2007-11-30 22:25 2007-11-27 22:27 . 2007-12-02 19:19 2007-11-27 22:24 . 2007-11-27 22:24 2007-11-27 22:17 . 2007-11-27 22:17 3,932,214 --a------ E:\WINDOWS\AW_XenoMorph1280.bmp 2007-11-27 21:49 . 2007-11-27 21:49 2,359,350 --a------ E:\WINDOWS\AW_XenoMorph1024.bmp 2007-11-27 21:46 . 2007-11-27 21:46 2007-11-27 21:46 . 2007-11-27 21:54 2007-11-27 21:46 . 2003-02-26 22:27 36,864 --a------ E:\WINDOWS\system32\wbsys.dll 2007-11-27 21:46 . 2007-11-27 21:46 56 --a------ E:\WINDOWS\wb.ini 2007-11-27 21:44 . 2007-11-27 21:44 2007-11-27 21:44 . 2007-12-02 14:53 2007-11-27 21:44 . 2007-11-27 21:44 499,712 --a------ E:\WINDOWS\system32\msvcp71.dll 2007-11-27 21:44 . 2007-11-27 21:44 348,160 --a------ E:\WINDOWS\system32\msvcr71.dll 2007-11-27 21:43 . 2007-11-27 21:43 2007-11-27 21:43 . 2007-11-27 22:04 2007-11-27 21:24 . 2007-11-27 21:24 2007-11-27 21:23 . 2007-11-30 22:27 2007-11-27 21:18 . 2007-11-27 21:24 316,640 --a------ E:\WINDOWS\WMSysPr9.prx 2007-11-27 21:18 . 2004-08-04 00:44 221,184 --a------ E:\WINDOWS\system32\wmpns.dll 2007-11-27 21:15 . 2007-11-27 21:15 2007-11-27 21:13 . 2006-09-25 17:58 23,856 --a------ E:\WINDOWS\system32\spupdsvc.exe 2007-11-27 21:13 . 2004-07-17 11:40 19,528 --a------ E:\WINDOWS\002361_.tmp 2007-11-27 21:11 . 2007-11-27 21:16 2007-11-27 18:34 . 2007-11-27 18:36 2007-11-27 18:34 . 2007-11-27 18:34 2007-11-27 18:06 . 2007-11-27 18:06 51,232 --a------ E:\Program Files\wwdc.exe 2007-11-27 18:02 . 2007-11-27 18:02 1,156 --a------ E:\WINDOWS\mozver.dat 2007-11-27 18:00 . 2007-11-27 18:00 0 --a------ E:\WINDOWS\nsreg.dat 2007-11-27 17:49 . 2007-11-27 17:49 2007-11-27 17:49 . 2007-11-27 17:49 2007-11-27 17:49 . 2007-11-27 17:49 2007-11-27 17:49 . 2007-11-27 17:49 2007-11-27 17:47 . 2007-11-27 17:50 2007-11-27 17:47 . 2006-08-11 14:42 208,896 --a------ E:\WINDOWS\system32\nvudisp.exe 2007-11-27 17:47 . 2007-12-02 19:15 81,236 --a------ E:\WINDOWS\system32\nvapps.xml 2007-11-27 17:47 . 2006-08-11 14:42 16,960 --a------ E:\WINDOWS\system32\nvdisp.nvu 2007-11-27 17:44 . 2007-11-27 17:44 2007-11-27 17:44 . 2007-11-27 17:44 2007-11-27 17:44 . 2002-07-12 06:17 655,596 --a------ E:\WINDOWS\system32\drivers\ALCXWDM.SYS 2007-11-27 17:44 . 2002-07-12 06:17 629,248 --a------ E:\WINDOWS\system32\ALSNDMGR.CPL 2007-11-27 17:44 . 2002-07-12 06:17 208,896 --------- E:\WINDOWS\alcupd.exe 2007-11-27 17:44 . 2004-08-03 23:15 145,792 --a------ E:\WINDOWS\system32\drivers\portcls.sys 2007-11-27 17:44 . 2004-08-03 23:15 145,792 --a–c— E:\WINDOWS\system32\dllcache\portcls.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-01 17:36 --------- d–h--w E:\Program Files\InstallShield Installation Information 2007-11-27 17:20 --------- d-----w E:\Program Files\SAGEM 2007-11-27 17:18 --------- d-----w E:\Program Files\Neostrada TP 2007-11-27 16:46 --------- d-----w E:\Program Files\Common Files\InstallShield 2007-11-23 16:41 --------- d-----w E:\Program Files\FreshDevices 2007-11-23 16:10 --------- d-----w E:\Program Files\Ashampoo 2007-11-23 16:04 --------- d-----w E:\Program Files\TweakNow PowerPack 2006 2007-11-23 16:04 --------- d-----w E:\Documents and Settings\Daniel\Dane aplikacji\TweakNow PowerPack 2007-11-23 15:50 23 ----a-w E:\WINDOWS\system32\drivers\adidsl.cfg 2007-11-23 15:44 --------- d-----w E:\Program Files\microsoft frontpage 2007-11-23 15:40 --------- d-----w E:\Program Files\Usługi online . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “SoundMan”=“SOUNDMAN.EXE” [2002-07-12 06:17 E:\WINDOWS\SOUNDMAN.EXE] “Gainward”=“E:\WINDOWS\TBPanel.exe” [2006-09-14 10:51] “NvCplDaemon”=“RUNDLL32.exe” [2004-08-04 00:44 E:\WINDOWS\system32\rundll32.exe] “AVG7_CC”=“E:\PROGRA~1\Grisoft\AVG7\avgcc.exe” [2007-11-27 21:43] “NvMediaCenter”=“RunDLL32.exe” [2004-08-04 00:44 E:\WINDOWS\system32\rundll32.exe] “cFosSpeed”=“E:\Program Files\cFosSpeed\cFosSpeed.exe” [2007-03-13 17:30] [HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“E:\WINDOWS\System32\CTFMON.EXE” [2004-08-04 00:44] “AVG7_Run”=“E:\PROGRA~1\Grisoft\AVG7\avgw.exe” [2007-11-27 21:43] E:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ BTTray.lnk - E:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-10-09 01:16:54] DSLMON.lnk - E:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2007-11-23 16:50:53] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] “NoRecentDocsHistory”= 1 (0x1) “MaxRecentDocs”= 11 (0xb) “NoStartMenuMFUprogramsList”= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB] E:\Program Files\AlienGUIse\fastload.dll 2001-12-20 23:34 24576 E:\Program Files\AlienGUIse\fastload.dll R0 hotcore;hotcore;E:\WINDOWS\system32\drivers\hotcore.sys R1 fwdrv;Firewall Driver;E:\WINDOWS\system32\drivers\fwdrv.sys R1 khips;Kerio HIPS Driver;E:\WINDOWS\system32\drivers\khips.sys R1 VIAPFD;VIAPFD;E:\WINDOWS\system32\Drivers\VIAPFD.SYS R2 SPF4;Sunbelt Personal Firewall 4;“E:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe” R2 UxTuneUp;TuneUp Design Expansion;E:\WINDOWS\System32\svchost.exe -k netsvcs S3 FreshIO;FreshIO;??\E:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp *Newly Created Service* - CATCHME *Newly Created Service* - PROCEXP90 . Contents of the ‘Scheduled Tasks’ folder “2007-11-28 17:26:16 E:\WINDOWS\Tasks\1-Click Maintenance.job” - E:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe . ************************************************************************** catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-02 19:26:48 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-02 19:28:21 . — E O F —

Gutek · 2 Grudzień 2007 21:13

Powinno być Ok

kgb.musztarda · 3 Grudzień 2007 13:57

Powinno ale nie jest:/ Ustawiałem już plik stronicowania na inne wartości, na innych partycjach, robiłem bez pliku (tzn wiem że i tak jest 2MB) i nadal jak zrobię 1534MB na partycji z FAT32 do mojego 1GB ramu to wyświetla mi że plik zajmowany jest w 98%. Nawet czyszczenie pliku przy zamykaniu nic nie daje:/ Fragmentacji nie ma bo mam go ustawiony “na sztywno”. Natomiast w Menadżerze zadań pokazuje mi użycie pliku stronicowania na poziomie 382MB i myślę że to powinno być ok ale w programie pokazuje 98%

Gutek · 3 Grudzień 2007 16:41

Optymalizacja XP: http://www.searchengines.pl/phpbb203/in … topic=5989

http://forum.dobreprogramy.pl/viewtopic.php?t=76580