Witam mam problem tego typu od jakiegos czasu strasznie zwolnił mi komputer. to znaczy gdy zaczynam pisać tekst pojawia sie dopiero po jakimś czasie itp.
wstawiam loga z Comb fix
ComboFix 09-03-02.01 - Aneta 2009-03-02 20:09:59.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1045.18.446.143 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Aneta\Pulpit\ComboFix.exe
* Utworzono nowy punkt przywracania
.
((((((((((((((((((((((((( Pliki utworzone od 2009-02-02 do 2009-03-02 )))))))))))))))))))))))))))))))
.
2009-03-01 19:58 . 2009-03-01 19:58
2009-02-23 14:35 . 2009-02-23 14:42 952 --ahs---- c:\windows\system32\KGyGaAvL.sys
2009-02-23 14:33 . 2009-02-23 14:33
2009-02-14 20:19 . 2009-02-14 20:20
2009-02-13 21:21 . 2009-02-13 21:21 0 --a------ C:\TP155D18.$$$
2009-02-13 21:06 . 2009-02-13 21:23
2009-02-13 21:06 . 1999-03-23 09:12 299,520 --a------ c:\windows\uninst.exe
2009-02-11 21:20 . 2009-02-11 21:20
2009-02-11 21:19 . 2009-02-11 21:20
2009-02-09 23:18 . 2009-02-09 23:18
2009-02-09 23:13 . 2009-02-11 21:13
2009-02-09 22:29 . 2009-02-10 23:29
2009-02-07 13:44 . 2009-02-20 18:01 54,156 --ah----- c:\windows\QTFont.qfn
2009-02-07 13:44 . 2009-02-07 13:44 1,409 --a------ c:\windows\QTFont.for
2009-02-07 13:39 . 2009-02-07 13:39
2009-02-07 13:36 . 2009-02-07 13:37
2009-02-07 13:25 . 2009-02-07 14:00
2009-02-07 13:23 . 2009-02-07 14:00
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-10 17:56 --------- d-----w c:\program files\Winamp
2009-02-09 19:32 --------- d-----w c:\documents and settings\Aneta\Dane aplikacji\Nowe Gadu-Gadu
2009-02-07 12:36 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Apple Computer
2009-01-31 20:37 --------- d-----w c:\program files\IrfanView
2009-01-11 09:50 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-01-11 09:50 --------- d-----w c:\program files\Java
2009-01-04 13:58 --------- d-----w c:\documents and settings\Aneta\Dane aplikacji\Roxio
2009-01-02 19:58 --------- d-----w c:\documents and settings\Aneta\Dane aplikacji\uTorrent
2008-12-20 23:03 826,368 ----a-w c:\windows\system32\wininet.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-03-01_19.38.32,50 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-03-02 18:59:04 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_7d4.dat
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\system32\ctfmon.exe” [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“ATICCC”=“c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe” [2006-05-10 90112]
“Broadcom Wireless Manager UI”=“c:\windows\system32\WLTRAY.exe” [2007-03-16 1392640]
“RoxWatchTray”=“c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe” [2006-11-05 221184]
“ISUSPM Startup”=“c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe” [2006-10-03 221184]
“ISUSScheduler”=“c:\program files\Common Files\InstallShield\UpdateService\issch.exe” [2006-10-03 81920]
“Dell QuickSet”=“c:\program files\Dell\QuickSet\quickset.exe” [2007-02-20 1191936]
“AppleSyncNotifier”=“c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe” [2008-07-10 116040]
“QuickTime Task”=“c:\program files\QuickTime\QTTask.exe” [2008-01-31 385024]
“SigmatelSysTrayApp”=“stsystra.exe” [2006-07-27 c:\windows\stsystra.exe]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2008-04-14 15360]
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
“msacm.ac3filter”= ac3filter.acm
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
–a------ 2008-06-12 01:38 34672 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
–a------ 2001-07-09 11:50 155648 c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
–a------ 2006-08-17 08:00 1116920 c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
–a------ 2009-01-11 10:51 136600 c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
“AntiVirusOverride”=dword:00000001
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“c:\Program Files\Bonjour\mDNSResponder.exe”=
“%windir%\Network Diagnostic\xpnetdiag.exe”=
“c:\Program Files\uTorrent\uTorrent.exe”=
— Inne Usługi/Sterowniki w Pamięci —
*Deregistered* - ALG
*Deregistered* - Apple Mobile Device
*Deregistered* - Ati HotKey Poller
*Deregistered* - AudioSrv
*Deregistered* - BITS
*Deregistered* - Bonjour Service
*Deregistered* - Browser
*Deregistered* - CryptSvc
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - Dnscache
*Deregistered* - ERSvc
*Deregistered* - EventSystem
*Deregistered* - FastUserSwitchingCompatibility
*Deregistered* - helpsvc
*Deregistered* - ImapiService
*Deregistered* - JavaQuickStarterService
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - LmHosts
*Deregistered* - MDM
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - PolicyAgent
*Deregistered* - ProtectedStorage
*Deregistered* - RasMan
*Deregistered* - RoxMediaDB9
*Deregistered* - RoxWatch9
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - Schedule
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - Spooler
*Deregistered* - srservice
*Deregistered* - SSDPSRV
*Deregistered* - stisvc
*Deregistered* - TapiSrv
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - UMWdf
*Deregistered* - W32Time
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - wltrysvc
*Deregistered* - WmiApSrv
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WZCSVC
.
Zawartość folderu ‘Zaplanowane zadania’
2008-12-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.pl/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Aneta\Dane aplikacji\Mozilla\Firefox\Profiles\4cdmly5c.default\
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-02 20:12:27
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
skanowanie ukrytych procesów …
skanowanie ukrytych wpisów autostartu …
skanowanie ukrytych plików …
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
-
-
-
-
-
-
- > ‘winlogon.exe’(804)
-
-
-
-
-
c:\windows\system32\Ati2evxx.dll
c:\windows\System32\BCMLogon.dll
.
Czas ukończenia: 2009-03-02 20:14:04
ComboFix-quarantined-files.txt 2009-03-02 19:13:36
ComboFix2.txt 2009-03-01 18:39:49
Przed: 53 048 479 744 bajtów wolnych
Po: 53,039,706,112 bajtów wolnych
168 — E O F — 2009-02-25 17:49:30