Straszne spowolnienie kompa

IP: 195.69.80.* 05.02.07, 00:20
Moj komputer sie nagle zawiesil a po wykonaniu resetu,przy ponownej probie
uruchomienia wyswietlil wiadomosc o braku podlaczenia dysku twardego (cos jak
dysk jest niesformatowany i probojemy uruchomic kompa bez dyskietki lub
plyty). Po ponownym resecie ruchomil sie normalnie (moze to wina zasilacza).
Teraz win uruchamia sie bardzo dlugo, i jakiekolwiek aplikacje uruchomiaja sie
rowniez dosc wolno, nawet winamp zaczal mi zwalniac i przerywac muzyke. Jednym
slowem komputer strasznie sie muli i wydawalo by sie jakby pracowal z 5%
szybkoscia swojej mozliwosci. Bede wdzieczny za jakakolwiek pomoc, wszelkie
uwagi i sugestie. Pomizej zamieszczem logi

1. HiJackThis

Logfile of HijackThis v1.99.1
Scan saved at 00:12:32, on 2007-02-05
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\Mixer.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\mozilla.org\Mozilla\Mozilla.exe
C:\Program Files\Gadu-Gadu 7.1\gg.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\WScript.exe
C:\Documents and Settings\Lotek\Pulpit\hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} -
C:\PROGRA~1\FLASHGET\jccatch.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MU Online Toolbar - {B9D1647F-A66A-4695-B249-07901A45FF59} -
C:\Program Files\MU Online Toolbar\v3.2.0.0\MU_Online_Toolbar.dll (file missing)
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [5207cb8b.exe] C:\WINDOWS\System32\5207cb8b.exe
O4 - HKLM\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKLM\..\Run: [79bcb6c3.exe] C:\WINDOWS\System32\79bcb6c3.exe
O4 - HKLM\..\Run: [MKS_MENU] C:\Program Files\MKS\Bin\mks_menu.exe
O4 - HKLM\..\RunServices: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program
Files\mozilla.org\Mozilla\Mozilla.exe" -turbo
O4 - HKCU\..\Run: [5207cb8b.exe] C:\Documents and Settings\Lotek\Ustawienia
lokalne\Dane aplikacji\5207cb8b.exe
O4 - HKCU\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
O4 - HKCU\..\Run: [79bcb6c3.exe] C:\Documents and Settings\Lotek\Ustawienia
lokalne\Dane aplikacji\79bcb6c3.exe
O4 - HKCU\..\Run: [Tttp] "C:\DOCUME~1\Lotek\DANEAP~1\PPPATC~1\csrss.exe" -vt mt
O4 - HKCU\..\Run: [Snzt] C:\Documents and Settings\Lotek\Moje
dokumenty\??stem\?ttrib.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu 7.1\gg.exe" /tray
O8 - Extra context menu item: Download All by FlashGet - C:\Program
Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program
Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
res://E:\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet -
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O17 -
HKLM\System\CCS\Services\Tcpip\..\{26766286-D450-4FD1-BC9F-16CF03C7EA57}:
NameServer = 172.16.1.1,172.16.2.1
O17 -
HKLM\System\CS1\Services\Tcpip\..\{26766286-D450-4FD1-BC9F-16CF03C7EA57}:
NameServer = 172.16.1.1,172.16.2.1
O17 -
HKLM\System\CS2\Services\Tcpip\..\{26766286-D450-4FD1-BC9F-16CF03C7EA57}:
NameServer = 172.16.1.1,172.16.2.1
O20 - AppInit_DLLs: tracert.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner -
C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: MkS_Vir Monitor (MksVirMonSvc) - Unknown owner - C:\Program
Files\MKS\Bin\mksmonsv.exe (file missing)
O23 - Service: RadClock - Unknown owner - C:\WINDOWS\system32\RadClock.exe


2.Silen runners ( wierzcie lub nie ale od uruchomienia programu do otrzymania
loga minelo około 40 minut, inne programy dzialaja relatywnie szybciej :P. Ps.
Mam stary komp, procek 1GHz ale czy to powinno tyle trwac??)

"Silent Runners.vbs", revision R50, www.silentrunners.org/
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"Mozilla Quick Launch" = ""C:\Program Files\mozilla.org\Mozilla\Mozilla.exe"
-turbo" ["Mozilla Foundation"]
"5207cb8b.exe" = "C:\Documents and Settings\Lotek\Ustawienia lokalne\Dane
aplikacji\5207cb8b.exe" [file not found]
"0mcamcap" = "C:\WINDOWS\System32\0mcamcap.exe" [file not found]
"79bcb6c3.exe" = "C:\Documents and Settings\Lotek\Ustawienia lokalne\Dane
aplikacji\79bcb6c3.exe" [file not found]
"Tttp" = ""C:\DOCUME~1\Lotek\DANEAP~1\PPPATC~1\csrss.exe" -vt mt" [file not found]
"Snzt" = "C:\Documents and Settings\Lotek\Moje dokumenty\**stem\*ttrib.exe"
(unwritable string) [file not found]
"Gadu-Gadu" = ""C:\Program Files\Gadu-Gadu 7.1\gg.exe" /tray" ["Gadu-Gadu Sp.
z oo"]

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"WinampAgent" = "C:\Program Files\Winamp\winampa.exe" [null data]
"AtiPTA" = "atiptaxx.exe" ["ATI Technologies, Inc."]
"C-Media Mixer" = "Mixer.exe /startup" ["C-Media Electronic Inc.
(www.cmedia.com.tw)"]
"avast!" = "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [null data]
"SunJavaUpdateSched" = "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
["Sun Microsystems, Inc."]
"5207cb8b.exe" = "C:\WINDOWS\System32\5207cb8b.exe" [file not found]
"0mcamcap" = "C:\WINDOWS\System32\0mcamcap.exe" [file not found]
"79bcb6c3.exe" = "C:\WINDOWS\System32\79bcb6c3.exe" [file not found]
"MKS_MENU" = "C:\Program Files\MKS\Bin\mks_menu.exe" [file not found]
"Emurayden PSX Emulator" = "*\" (unwritable string) [file not found]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat
6.0\Reader\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID}
    • Gość: Marcin Re: Straszne spowolnienie kompa IP: 195.69.80.* 05.02.07, 00:24
      Dalsza czes loga z silenta


      6.0\Reader\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
      {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
      -> {HKLM...CLSID} = "SSVHelper Class"
      \InProcServer32\(Default) = "C:\Program
      Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]
      {A5366673-E8CA-11D3-9CD9-0090271D075B}\(Default) = (no title provided)
      -> {HKLM...CLSID} = "IeCatch2 Class"
      \InProcServer32\(Default) =
      "C:\PROGRA~1\FLASHGET\jccatch.dll" ["Amaze Soft"]

      HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
      "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania
      wyświetlania"
      -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"
      \InProcServer32\(Default) = "deskpan.dll" [file not found]
      "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
      -> {HKLM...CLSID} = "HyperTerminal Icon Ext"
      \InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll"
      ["Hilgraeve, Inc."]
      "{D00900BC-23F7-4FD6-BFA2-8232112C5C49}" = "NRad Extension"
      -> {HKLM...CLSID} = "NRadExt Class"
      \InProcServer32\(Default) = "C:\WINDOWS\System32\NRad.dll"
      [empty string]
      "{5380C14E-C0A1-4D66-87DB-5995E6FF4623}" = "Rad Extension"
      -> {HKLM...CLSID} = "RadPropExt Class"
      \InProcServer32\(Default) = "C:\WINDOWS\System32\Rad.dll"
      [empty string]
      "{D2FD83AE-994A-4D4B-9097-2C9E11ED85F0}" = "RadClkr Extension"
      -> {HKLM...CLSID} = "RadClkRExt Class"
      \InProcServer32\(Default) = "C:\WINDOWS\System32\RadClkR.dll"
      [empty string]
      "{C6844A1E-2C59-415A-84B3-C6A458372779}" = "RadType Extension"
      -> {HKLM...CLSID} = "RadTypeExt Class"
      \InProcServer32\(Default) = "C:\WINDOWS\System32\RadType.dll"
      [empty string]
      "{75B8D633-9021-442C-9EA4-FF4BE72CE20F}" = "NRad2 Extension"
      -> {HKLM...CLSID} = "NRadExt2 Class"
      \InProcServer32\(Default) = "C:\WINDOWS\System32\NRad.dll"
      [empty string]
      "{36518101-49AC-42CB-8E4C-40C1F328A565}" = "Rad2 Extension"
      -> {HKLM...CLSID} = "RadPropExt2 Class"
      \InProcServer32\(Default) = "C:\WINDOWS\System32\Rad.dll"
      [empty string]
      "{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop
      Icon Handler"
      -> {HKLM...CLSID} = "Microsoft Office Outlook"
      \InProcServer32\(Default) =
      "E:\OFFICE~1\OFFICE11\MLSHEXT.DLL" [MS]
      "{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon
      Handler"
      -> {HKLM...CLSID} = "Rozszerzenie ikon plików programu Outlook"
      \InProcServer32\(Default) =
      "E:\OFFICE~1\OFFICE11\OLKFSTUB.DLL" [MS]
      "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
      -> {HKLM...CLSID} = (no title provided)
      \InProcServer32\(Default) =
      "E:\Office2003\OFFICE11\msohev.dll" [MS]
      "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
      -> {HKLM...CLSID} = "WinRAR"
      \InProcServer32\(Default) = "C:\Program
      Files\WinRAR\rarext.dll" [null data]
      "{472083B0-C522-11CF-8763-00608CC02F24}" = "avast"
      -> {HKLM...CLSID} = "avast"
      \InProcServer32\(Default) = "C:\Program Files\Alwil
      Software\Avast4\ashShell.dll" ["ALWIL Software"]
      "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
      -> {HKLM...CLSID} = "RealOne Player Context Menu Class"
      \InProcServer32\(Default) = "C:\Program Files\Real
      Alternative\rpshell.dll" ["RealNetworks, Inc."]
      "{AB77609F-2178-4E6F-9C4B-44AC179D937A}" = "a-squared Context Menu Shell Extension"
      -> {HKLM...CLSID} = "a-squared context menu"
      \InProcServer32\(Default) =
      "C:\PROGRA~1\A-SQUA~1\A2CONT~1.DLL" [file not found]

      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
      <<!>> "{35B2861B-2B26-4691-9FF0-09083722C736}" = "RadExe Extension"
      -> {HKLM...CLSID} = "RadExeExt Class"
      \InProcServer32\(Default) = "C:\WINDOWS\System32\RadExe.dll"
      [empty string]

      HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\
      <<!>> "AppInit_DLLs" = " tracert.dll" [file not found]

      HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
      <<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]

      HKLM\Software\Classes\PROTOCOLS\Filter\
      <<!>> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
      -> {HKLM...CLSID} = (no title provided)
      \InProcServer32\(Default) = "C:\Program Files\Common
      Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]

      HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
      avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
      -> {HKLM...CLSID} = "avast"
      \InProcServer32\(Default) = "C:\Program Files\Alwil
      Software\Avast4\ashShell.dll" ["ALWIL Software"]
      WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
      -> {HKLM...CLSID} = "WinRAR"
      \InProcServer32\(Default) = "C:\Program
      Files\WinRAR\rarext.dll" [null data]

      HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
      WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
      -> {HKLM...CLSID} = "WinRAR"
      \InProcServer32\(Default) = "C:\Program
      Files\WinRAR\rarext.dll" [null data]

      HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
      a2ContMenu\(Default) = "{AB77609F-2178-4E6F-9C4B-44AC179D937A}"
      -> {HKLM...CLSID} = "a-squared context menu"
      \InProcServer32\(Default) =
      "C:\PROGRA~1\A-SQUA~1\A2CONT~1.DLL" [file not found]
      avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
      -> {HKLM...CLSID} = "avast"
      \InProcServer32\(Default) = "C:\Program Files\Alwil
      Software\Avast4\ashShell.dll" ["ALWIL Software"]
      WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
      -> {HKLM...CLSID} = "WinRAR"
      \InProcServer32\(Default) = "C:\Program
      Files\WinRAR\rarext.dll" [null data]

      HKLM\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\
      a2ContMenu\(Default) = "{AB77609F-2178-4E6F-9C4B-44AC179D937A}"
      -> {HKLM...CLSID} = "a-squared context menu"
      \InProcServer32\(Default) =
      "C:\PROGRA~1\A-SQUA~1\A2CONT~1.DLL" [file not found]


      Group Policies {GPedit.msc branch and setting}:
      -----------------------------------------------

      Note: detected settings may not have any effect.

      HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\

      "shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
      {Computer Configuration|Windows Settings|Security Settings|Local
      Policies|Security Options|
      Shutdown: Allow system to be shut down without having to log on}

      "undockwithoutlogon" = (REG_DWORD) hex:0x00000001
      {Computer Configuration|Windows Settings|Security Settings|Local
      Policies|Security Options|
      Devices: Allow undock without having to log on}


      Active Desktop and Wallpaper:
      -----------------------------

      Active Desktop may be disabled at this entry:
      HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

      Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
      HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
      "Wallpaper" = "E:\Obrazki\Fantasy&Mystic\tapety_new312.jpg"

      Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
      HKCU\Control Panel\Desktop\
      "Wallpaper" = "C:\WINDOWS\ACD Wallpaper.bmp"


      Enabled Screen Saver:
      ---------------------

      HKCU\Control Panel\Desktop\
      "SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]


      Winsock2 Service Provider DLLs:
      -------------------------------

      Namespace Service Providers

      HKLM\System\CurrentControlSet\Services\Win
    • Gość: Kolobos Re: Straszne spowolnienie kompa IP: *.escom.net.pl 05.02.07, 00:59
      Masz piracki widnows bez żadnych aktualizacji i pelno trojanow wiec to normalne.
      Zasilacz sprawdz miernikiem lub podmien na inny.

      Zamknij porty przy pomocy wwdc.exe, przeskanuj system przy pomocy ewido.
      Zmien przegladarke na Opere i nie uzywaj wiecej IE!

      W hjt usun:
      O3 - Toolbar: MU Online Toolbar - {B9D1647F-A66A-4695-B249-07901A45FF59} -
      C:\Program Files\MU Online Toolbar\v3.2.0.0\MU_Online_Toolbar.dll (file missing)
      O4 - HKLM\..\Run: [5207cb8b.exe] C:\WINDOWS\System32\5207cb8b.exe <- plik usun z dysku jak i inne exe:
      O4 - HKLM\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
      O4 - HKLM\..\Run: [79bcb6c3.exe] C:\WINDOWS\System32\79bcb6c3.exe
      O4 - HKLM\..\Run: [MKS_MENU] C:\Program Files\MKS\Bin\mks_menu.exe
      O4 - HKLM\..\RunServices: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
      O4 - HKCU\..\Run: [5207cb8b.exe] C:\Documents and Settings\Lotek\Ustawienia
      lokalne\Dane aplikacji\5207cb8b.exe
      O4 - HKCU\..\Run: [0mcamcap] C:\WINDOWS\System32\0mcamcap.exe
      O4 - HKCU\..\Run: [79bcb6c3.exe] C:\Documents and Settings\Lotek\Ustawienia
      lokalne\Dane aplikacji\79bcb6c3.exe <- plik usun z dysku.
      O4 - HKCU\..\Run: [Tttp] "C:\DOCUME~1\Lotek\DANEAP~1\PPPATC~1\csrss.exe" -vt mt <- katalog PPPA... usun z dysku.
      O4 - HKCU\..\Run: [Snzt] C:\Documents and Settings\Lotek\Moje
      dokumenty\??stem\?ttrib.exe <- katalog ??stem usun z dysku.
      O20 - AppInit_DLLs: tracert.dll <- plik usun z dysku.

      Zbedna usluga do kasacji, opis usuwania masz w naglowku forum:
      O23 - Service: MkS_Vir Monitor (MksVirMonSvc) - Unknown owner - C:\Program
      Files\MKS\Bin\mksmonsv.exe (file missing)

      Po wszystkim wklej nowy log z hjt.
Pełna wersja