czeste, kilkunastosekundowe zerwania polaczenia z internetem

**Posty:** 11 · przez **ckhontee** 21 Maj 2007, 09:12

witam wszystkich,

mam nastepujacy problem: polaczenie z internetem zrywa mi sie na kilka, kilkanascie, a czasem i kiladziesiat sekund (nie otwieraja sie strony, zatrzymuje sie sciaganie, wyrzuca mnie z pokojow online). niedawno dzialo sie to sporadycznie (raz dziennie), ale potem coraz czesciej i w tej chwili takie przerwania zdarzaja sie przynajmniej raz na minute.

podejrzewam, ze to wirus, mysle ze moze jakis rootkit, bo nie wykrywa go moj antywirus (AVG free edition), ani scan ewido.

ponizej wrzucam logi z hijack i rootkit revealer (zmienilem nazwe pliku przed odpaleniem). niestety nie moge wrzucic logow z silent runners (nie dziala mi obsluga skryptow) ani z gmer (w trakcie szukania robi sie reset kompa, za kazdym razem w tym samym miejscu).

bede bardzo wdzieczny za pomoc

log z Rootkit Revealer:

HKLM\S-1-5-21-823518204-308236825-839522115-500\RemoteAccess\InternetProfile 2006-06-14 13:38 9 bytes Data mismatch between Windows API and raw hive data.
HKLM\SYSTEM\ControlSet001\Services\d347prt\Cfg\0Jf40 2007-05-20 19:22 0 bytes Hidden from Windows API.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\84q6vt39.default\Cache\1508F8C5d01 2007-05-20 19:41 49.64 KB Hidden from Windows API.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\84q6vt39.default\Cache\3594F9F1d01 2007-05-20 19:41 106.93 KB Hidden from Windows API.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\84q6vt39.default\Cache\736EC411d01 2007-05-20 19:41 170.20 KB Hidden from Windows API.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\84q6vt39.default\Cache\C454171Dd01 2007-05-20 19:41 32.13 KB Hidden from Windows API.

log z hijackThis:

Logfile of HijackThis v1.99.1
Scan saved at 08:38:43, on 2007-05-21
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
D:\programy\AVG\avgamsvr.exe
D:\programy\AVG\avgupsvc.exe
C:\WINNT\System32\svchost.exe
D:\programy\ewido anti-spyware 4.0\guard.exe
D:\programy\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINNT\system32\nvsvc32.exe
D:\programy\Kerio\Personal Firewall 4\kpf4gui.exe
D:\programy\Sandboxie\SandboxieServer.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\slserv.exe
d:\programy\TRAYMA~1\ntstart.exe
d:\programy\TRAYMA~1\trayman.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
D:\programy\Kerio\Personal Firewall 4\kpf4gui.exe
C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINNT\system32\RUNDLL32.EXE
D:\programy\AVG\avgcc.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\programy\SlickRun\sr.exe
D:\programy\Virtual Dimension\VirtualDimension.exe
C:\Program Files\iISystem Wiper\SystemWiper.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\KatMouse\KatMouse.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
D:\programy\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] D:\programy\AVG\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SlickRun] "D:\programy\SlickRun\sr.exe"
O4 - HKCU\..\Run: [Virtual Dimension] D:\programy\Virtual Dimension\VirtualDimension.exe
O4 - HKCU\..\Run: [iIWiper] C:\Program Files\iISystem Wiper\SystemWiper.exe m
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - Startup: KatMouse.lnk = C:\Program Files\KatMouse\KatMouse.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:\studia\3rok\VISUAL~1\Excel\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\programy\PartyPoker\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\programy\PartyPoker\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0DDD5E76-B680-47D9-80BB-DA8B36BCE300}: NameServer = 217.30.129.149,217.30.137.200
O17 - HKLM\System\CS1\Services\Tcpip\..\{0DDD5E76-B680-47D9-80BB-DA8B36BCE300}: NameServer = 217.30.129.149,217.30.137.200
O17 - HKLM\System\CS2\Services\Tcpip\..\{0DDD5E76-B680-47D9-80BB-DA8B36BCE300}: NameServer = 217.30.129.149,217.30.137.200
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\programy\AVG\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\programy\AVG\avgupsvc.exe
O23 - Service: Visual Studio Debugger Proxy Service (DbgProxy) - Unknown owner - D:\programy\Visual Studio\Common7\Packages\Debugger\dbgproxy.exe (file missing)
O23 - Service: Usługa administracyjna Menedżera dysków logicznych (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\programy\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - D:\programy\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: PostgreSQL Database Server 8.1 (pgsql-8.1) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.1\bin\pg_ctl.exe
O23 - Service: Sandboxie Service (SandboxU) - tzuk - D:\programy\Sandboxie\SandboxieServer.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINNT\SYSTEM32\slserv.exe
O23 - Service: TrayMan - Unknown owner - d:\programy\TRAYMA~1\ntstart.exe

**Posty:** 18165 · przez **wojtas** 21 Maj 2007, 16:12

skasuj:

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

Użyj WWDC :
http://www.firewallleaktester.com/wwdc.htm
Zmień opcje z disable na enable. Uruchom ponownie komputer.
Tak powinny wyglądać porty (NetBIOS może być żółty) :
http://www.firewallleaktester.com/images_site/wwdc.jpg

oraz daj loga:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

grywasz w pokera ??

O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\programy\PartyPoker\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\programy\PartyPoker\PartyPoker\RunApp.exe

**Posty:** 11 · przez **ckhontee** 21 Maj 2007, 17:23

tak, grywam w pokera

. mam 4 programy: party poker, cd poker, expekt poker i betfair.

co do reszty - wszystko zrobione wedlug instrukcji. w wwdc teraz juz tylko netbios jest na zolto, reszta na zielono.

log z combofix:

"Administrator" - 2007-05-21 16:52:19 Service Pack 4
ComboFix 07-05.21.6.V - Running from: "E:\Instalki\Tools\AntyVir\"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\WINNT\tool1.exe
C:\WINNT\tool2.exe
C:\WINNT\tool3.exe
C:\WINNT\tool4.exe
C:\WINNT\tool5.exe
C:\install.log
C:\WINNT\hosts

((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-21 ))))))))))))))))))))))))))))))))))

2007-05-21 16:47 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_430.dat
2007-05-20 18:15 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_3cc.dat
2007-05-15 13:06 26,944 --a------ C:\WINNT\system32\drivers\avg7rsnt.sys
2007-05-11 21:14 <DIR> d-------- C:\Program Files\Media Player Classic
2007-05-11 21:14 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Real
2007-05-11 21:14 <DIR> d-------- C:\DOCUME~1\ADMINI~1\DANEAP~1\Real
2007-05-11 20:41 765,952 --a------ C:\WINNT\system32\xvidcore.dll
2007-05-11 20:41 73,728 --a------ C:\WINNT\system32\dpl100.dll
2007-05-11 20:41 3,596,288 --a------ C:\WINNT\system32\qt-dx331.dll
2007-05-11 20:41 217,088 --a------ C:\WINNT\system32\yv12vfw.dll
2007-05-11 20:41 200,704 --a------ C:\WINNT\system32\ssldivx.dll
2007-05-11 20:41 196,608 --a------ C:\WINNT\system32\dtu100.dll
2007-05-11 20:41 180,224 --a------ C:\WINNT\system32\xvidvfw.dll
2007-05-11 20:41 10,752 --a------ C:\WINNT\system32\ff_vfw.dll
2007-05-11 20:41 1,044,480 --a------ C:\WINNT\system32\libdivx.dll
2007-05-05 19:05 208,896 --a------ C:\WINNT\system32\NVUNINST.EXE
2007-05-05 19:05 208,896 --a------ C:\WINNT\system32\nvudisp.exe
2007-05-01 08:52 <DIR> d-------- C:\Program Files\Common Files\Skype
2007-04-30 21:57 <DIR> d-------- C:\Poker
2007-04-30 20:39 <DIR> d---s---- C:\DOCUME~1\ADMINI~1\UserData

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-05-21 14:52:53 -------- d-----w C:\DOCUME~1\ADMINI~1\DANEAP~1\Skype
2007-05-21 14:48:12 -------- d-----w C:\DOCUME~1\ADMINI~1\DANEAP~1\OpenOffice.org2
2007-05-20 19:54:02 -------- d-----w C:\Program Files\Burn4Free
2007-05-15 09:14:30 14 ----a-w C:\WINNT\getfile.dat
2007-05-11 19:02:34 -------- d-----w C:\Program Files\Common Files\Real
2007-05-06 08:29:01 -------- d-----w C:\Program Files\Soulseek
2007-05-01 06:52:58 -------- d-----w C:\Program Files\Skype
2007-04-30 19:35:03 9,254 ----a-w C:\WINNT\mozver.dat
2007-04-25 07:34:08 -------- d-----w C:\Program Files\OpenOffice.org 2.0
2007-04-19 18:04:51 4 ----a-w C:\WINNT\bytespersecond.dat
2007-04-19 18:04:03 40 ----a-w C:\WINNT\ujf635.bin
2007-04-19 18:03:57 -------- d-----w C:\Program Files\Betfair
2007-04-19 18:03:57 -------- d-----w C:\DOCUME~1\ADMINI~1\DANEAP~1\Betfair
2007-04-15 09:02:52 -------- d-----w C:\Program Files\PartyGaming
2007-04-11 13:14:34 16,384 ----atw C:\WINNT\system32\Perflib_Perfdata_434.dat
2007-04-11 12:18:35 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-04-11 10:58:13 451,072 ----a-w C:\WINNT\Radeon Omega Drivers v3.8.330 Uninstall.exe
2007-04-11 10:58:13 -------- d-----w C:\Program Files\Radeon Omega Drivers
2007-03-03 21:39:06 10 ----a-w C:\WINNT\popcinfo.dat

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [07-03-14 03:43 ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WheelMouse"="C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe" [04-08-25 07:35 ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [07-03-14 03:43 ]
"NvCplDaemon"="C:\WINNT\system32\NvCpl.dll" [06-10-22 12:22 ]
"nwiz"="nwiz.exe" [06-10-22 12:22 C:\WINNT\system32\nwiz.exe]
"NvMediaCenter"="C:\WINNT\system32\NvMcTray.dll" [06-10-22 12:22 ]
"AVG7_CC"="D:\programy\AVG\avgcc.exe" [07-05-15 13:06 ]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [07-03-30 13:34 ]
"SlickRun"="D:\programy\SlickRun\sr.exe" [05-12-23 13:07 ]
"Virtual Dimension"="D:\programy\Virtual Dimension\VirtualDimension.exe" [05-07-09 11:22 ]
"iIWiper"="C:\Program Files\iISystem Wiper\SystemWiper.exe" [05-09-11 12:24 ]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [06-10-10 17:51 ]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"internat.exe"=internat.exe
"AVG7_Run"=D:\programy\AVG\avgw.exe /RUNONCE

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="D:\programy\ewido anti-spyware 4.0\shellexecutehook.dll" [06-06-16 15:38 ]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages kerberos msv1_0 schannel

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
wugroup wuauserv
BITSgroup BITS

*Newly Created Service* -PROCEXP90

Contents of the 'Scheduled Tasks' folder
2006-09-26 07:48:25 C:\WINNT\tasks\06. GHOSTWRITER.job
2006-12-19 18:58:50 C:\WINNT\tasks\A Tribe Called Quest - Find.job
2006-06-25 22:20:01 C:\WINNT\tasks\best.job
2006-04-11 21:21:09 C:\WINNT\tasks\better.job
2006-11-19 13:17:11 C:\WINNT\tasks\Das Efx - Baknaffek.job
2006-12-04 09:20:29 C:\WINNT\tasks\KC Da Rookee.job
2006-11-26 20:53:15 C:\WINNT\tasks\Kelis - Milkshake.job
2006-11-24 22:46:30 C:\WINNT\tasks\Method Man - Release Yo Delf.job

********************************************************************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-21 16:56:20
Windows 5.0.2195 Service Pack 4 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Virtual Dimension = D:\programy\Virtual Dimension\VirtualDimension.exe??d?"?xZ?w(xn?G???)?*???@?????????p?`??????nn?@?????@???????????????????"??,?w??????????????????????????"??C?w?8qq??????????????????????"??D?w??????????????????????????????Y???????????"??S?w?nn????????????
iIWiper = C:\Program Files\iISystem Wiper\SystemWiper.exe m???dy???X2l????py??????????????6?-l ?2l???????????????????????????????????????????????????????????? ?2l??????????????B?Y???(z???I2l?????y????-l?????????$3l?y??????Y????????N4??????????P?w??^??????N4????????????

scanning hidden files ...

C:\WINNT\winamp.ini 4096 bytes
C:\WINNT\Windows Update.log 8192 bytes
C:\WINNT\winhelp.exe 258048 bytes
C:\WINNT\winhlp32.exe 274432 bytes
C:\WINNT\WININIT.INI 4096 bytes
C:\WINNT\winnt.bmp 24576 bytes
C:\WINNT\winnt256.bmp 49152 bytes
C:\WINNT\winrep.exe 196608 bytes
C:\WINNT\WINSTART.BAT 24 bytes
C:\WINNT\wmsetup.log 28672 bytes
C:\WINNT\WMSysPr9.prx 319488 bytes
C:\WINNT\WORDPAD.INI 4096 bytes
C:\WINNT\xfoptions.ini 64 bytes
C:\WINNT\XLMSoft.ini 392 bytes
C:\WINNT\x_dtrace_log 4096 bytes
C:\WINNT\YDPDICT.INI 4096 bytes
C:\WINNT\_default.pif 4096 bytes
C:\WINNT\` 232 bytes
C:\WINNT\~TempMui.inf 8192 bytes
C:\WINNT\ř 0 bytes
C:\WINNT\C:\WINNT\C:\WINNT\C:\WINNT\
scan completed successfully
hidden files: 24

********************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pgsql-8.1]
"ImagePath"="C:\Program Files\PostgreSQL\8.1\bin\pg_ctl.exe runservice -N \"pgsql-8.1\" -D \"C:\Program Files\PostgreSQL\8.1\data\\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Hardware Profiles\0001\System\ControlSet001\Services\ati2mtag]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Hardware Profiles\0001\System\CurrentControlSet\SERVICES\ATI2MTAG]

[HKEY_LOCAL_MACHINE\system\ControlSet002\Hardware Profiles\0001\System\ControlSet001\Services\ati2mtag]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Hardware Profiles\0001\System\ControlSet001\Services\ati2mtag]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Hardware Profiles\0001\System\CurrentControlSet\SERVICES\ATI2MTAG]

[HKEY_LOCAL_MACHINE\system\ControlSet002\Hardware Profiles\0001\System\ControlSet001\Services\ati2mtag]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Hardware Profiles\0001\System\CurrentControlSet\SERVICES\NV]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nv]
"ImagePath"="system32\DRIVERS\nv4_mini.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Hardware Profiles\0001\System\CurrentControlSet\SERVICES\VGASAVE]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Hardware Profiles\0001\System\ControlSet001\Services\ati2mtag]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Hardware Profiles\0001\System\CurrentControlSet\SERVICES\ATI2MTAG]

[HKEY_LOCAL_MACHINE\system\ControlSet002\Hardware Profiles\0001\System\ControlSet001\Services\ati2mtag]

Completion time: 2007-05-21 16:56:49
C:\ComboFix-quarantined-files.txt ... 07-05-21 16:56
C:\ComboFix2.txt ... 07-05-21 12:20
C:\ComboFix3.txt ... 06-09-22 11:31

--- E O F ---

**Posty:** 18165 · przez **wojtas** 21 Maj 2007, 20:55

start>panel sterowania>zaplanowane zadania> usun jesli cos tam masz chyba ze sam ustawiales

Autor postu otrzymał pochwałę

**Posty:** 11 · przez **ckhontee** 21 Maj 2007, 21:26

w zaplanowanych zadaniach sa tylko te, ktore sam ustawialem.

po uzyciu wwdc wszystko bardzo sie poprawilo. dalej zdarzaja sie zerwania polaczenia, ale o wiele rzadziej. jezeli juz nie ma nic w logach, to tylko potestuje jeszcze lacze i ewentualnie w razie nawrotow bede kontynuowac ten watek.

wielkie dzieki za pomoc

przy okazji szacunek dla ciebie i pozostalych altruistow z forum - robicie naprawde dobra robote

czeste, kilkunastosekundowe zerwania polaczenia z internetem

czeste, kilkunastosekundowe zerwania polaczenia z internetem

Kto jest na forum