Usunięciu Norton Security Scan + spowolnienie komputera

Bardzo proszę o sprawdzenie loga i pomoc w usunięciu Norton Security Scan. Od kilku dni komputr dziwnie pracuje - spowolnione działanie i czasem wyrzuca że ma mało pamięci wirtualnej mimo tego że nic prawie nie robi.


ComboFix 09-01-07.01 - ja 2009-01-07 21:46:55.13 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.767.468 [GMT 1:00]
Uruchomiony z: c:\documents and settings\ja\Pulpit\ComboFix.exe
.

((((((((((((((((((((((((( Pliki utworzone od 2008-12-07 do 2009-01-07 )))))))))))))))))))))))))))))))
.

2009-01-07 20:51 . 2009-01-07 21:48 <DIR> d--h----- c:\documents and settings\Administrator\Ustawienia lokalne
2009-01-07 20:51 . 2009-01-07 20:56 <DIR> d-------- c:\documents and settings\Administrator\Ulubione
2009-01-07 20:51 . 2005-11-13 18:12 <DIR> d--h----- c:\documents and settings\Administrator\Szablony
2009-01-07 20:51 . 2005-11-13 18:58 <DIR> d-------- c:\documents and settings\Administrator\Pulpit
2009-01-07 20:51 . 2005-11-13 18:58 <DIR> d-------- c:\documents and settings\Administrator\Moje dokumenty
2009-01-07 20:51 . 2005-11-13 18:58 <DIR> dr------- c:\documents and settings\Administrator\Menu Start
2009-01-07 20:51 . 2005-11-13 18:58 <DIR> dr-h----- c:\documents and settings\Administrator\Dane aplikacji
2009-01-07 20:51 . 2009-01-07 20:52 <DIR> d-------- c:\documents and settings\Administrator
2009-01-04 16:06 . 2009-01-07 20:40 <DIR> d-------- c:\program files\Norton Security Scan
2008-12-16 19:38 . 2008-12-16 20:27 <DIR> d-------- c:\documents and settings\ja\Dane aplikacji\gtk-2.0
2008-12-16 19:36 . 2008-12-17 23:51 <DIR> d-------- c:\documents and settings\ja\.gimp-2.6
2008-12-16 19:36 . 2008-12-16 19:36 <DIR> d-------- c:\documents and settings\ja\.gegl-0.0
2008-12-16 10:56 . 2009-01-05 20:15 54,156 --ah----- c:\windows\QTFont.qfn
2008-12-16 10:56 . 2008-12-16 10:56 1,409 --a------ c:\windows\QTFont.for

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2060-08-18 18:02 1,496,064 ------w c:\windows\system32\CC3250MT.DLL
2060-08-18 17:40 909,824 ------w c:\windows\system32\cp3245mt.dll
2060-08-18 17:40 24,064 ------w c:\windows\system32\borlndmm.dll
2009-01-07 20:30 --------- d-----w c:\documents and settings\ja\Dane aplikacji\OpenOffice.org2
2009-01-07 00:00 --------- d-----w c:\program files\DC++
2009-01-04 15:06 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-12-16 18:35 --------- d-----w c:\program files\GIMP-2.0
2008-12-08 07:52 --------- d-----w c:\documents and settings\ja\Dane aplikacji\Skype
2008-11-23 08:27 63,488 ----a-w c:\windows\system32\HaspEmu.dll
2008-11-23 08:23 --------- d-----w c:\program files\Robot Office
2008-10-23 13:01 283,648 ----a-w c:\windows\system32\gdi32.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 10:39 662,016 ----a-w c:\windows\system32\wininet.dll
2007-09-08 16:31 20 ---h--w c:\documents and settings\All Users\Dane aplikacji\PKP_DLec.DAT
2004-10-01 13:00 40,960 ----a-w c:\program files\Uninstall_CDS.exe
2007-02-21 22:39 66,672 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2007-02-21 22:39 54,376 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2007-02-21 22:39 34,952 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2007-02-21 22:39 46,720 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2007-02-21 22:39 172,144 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-25 68856]
"mxClock"="c:\documents and settings\ja\Pulpit\mxClock.exe" [2007-06-19 720482]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-06-15 6803456]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-06-15 86016]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-02-16 282624]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-18 81000]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-03-02 257088]
"WireLessKeyboard"="c:\program files\Multimedia Keyboard Driver\StartAutorun.exe" [2005-11-30 44032]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2007-05-14 35328]
"nwiz"="nwiz.exe" [2005-06-15 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-09-28 443968]

c:\documents and settings\ja\Menu Start\Programy\Autostart\
OpenOffice.org 2.0.3.lnk - c:\program files\OpenOffice.org 2.0.3\program\quickstart.exe [2006-07-02 393216]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-02-17 65588]
NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2007-07-17 118784]
QuickTV.lnk - c:\program files\AVerTV\QuickTV.exe [2005-08-30 405504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.3ivx"= 3ivxVfWCodec.dll
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= divxa32.acm
"VIDC.HFYU"= huffyuv.dll
"VIDC.i263"= i263_32.drv
"msacm.imc"= imc32.acm
"VIDC.VP31"= vp31vfw.dll
"SENTINEL"= snti386.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\DC++\\DCPlusPlus.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-06-12 110160]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-06-12 20560]
R4 CX88XBAR;AVerMedia, AVerTV Crossbar (88x);c:\windows\system32\drivers\cx88xbar.sys [2007-02-14 9312]
R4 SG_Service;SoftGuard Service;c:\program files\Common Files\RbtProt\sgsrv.exe [2005-04-25 155648]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{122626c0-cde4-11dc-b021-000acd08391f}]
\Shell\AutoRun\command - D:\xo8wr9.exe
\Shell\explore\Command - D:\xo8wr9.exe
\Shell\open\Command - D:\xo8wr9.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{375d8db0-a50a-11dc-afcb-000acd08391f}]
\Shell\Auto\command - D:\activexdebugger32.exe f
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f
\Shell\explore\Command - D:\activexdebugger32.exe f
\Shell\open\Command - D:\activexdebugger32.exe f

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{497b92c0-9708-11da-ad2d-000acd08391f}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{497b92c1-9708-11da-ad2d-000acd08391f}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{61cb3c54-bf5e-11dc-affa-000acd08391f}]
\Shell\AutoRun\command - D:\d.com
\Shell\explore\Command - D:\d.com
\Shell\open\Command - D:\d.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a0604f60-c4f6-11dc-b00a-000acd08391f}]
\Shell\AutoRun\command - D:\m1t8ta.com
\Shell\explore\Command - D:\m1t8ta.com
\Shell\open\Command - D:\m1t8ta.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b6bca1d6-c674-11dc-b00e-000acd08391f}]
\Shell\AutoRun\command - D:\xn1i9x.com
\Shell\explore\Command - D:\xn1i9x.com
\Shell\open\Command - D:\xn1i9x.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c5a04357-6abd-11dc-af28-000acd08391f}]
\Shell\AutoRun\command - G:\LaunchU3.exe
.
Zawartość folderu 'Zaplanowane zadania'

2008-11-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 15:42]

2009-01-07 c:\windows\Tasks\NSSstub.job
- c:\windows\system32\Adobe\Shockwave 11\nssstub.exe []

2009-01-07 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2002-10-08 12:29]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.onet.pl/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Trusted Zone: arcaonline.arcabit.com
Trusted Zone: mks.com.pl
TCP: {67AA1EDD-405D-4F1B-B02C-3B5C68CECE85} = 150.254.5.4,150.254.5.11
TCP: {7A65AC08-DC9F-4997-8DDF-9AAD10E02283} = 150.254.5.4,150.254.5.11
FF - ProfilePath -
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-07 21:48:30
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
Czas ukończenia: 2009-01-07 21:49:56
ComboFix-quarantined-files.txt 2009-01-07 20:49:46
ComboFix2.txt 2009-01-07 20:07:58

Przed: 10 639 056 896 bajtów wolnych
Po: 10,634,764,288 bajtów wolnych

162 --- E O F --- 2008-12-18 15:19:24

Wylecz pendriva lub kartę pamięci
Perlovga Removal Tool
Flash Disinfector
lub format


pobierz MalwareByte's
Klikasz "Skanuj" Wybierasz dyski i skanujesz jak jakieś będą to Usuń i pokaż raport

"Wylecz pendriva lub kartę pamięci
Perlovga Removal Tool
Flash Disinfector
lub format


pobierz MalwareByte's
Klikasz "Skanuj" Wybierasz dyski i skanujesz jak jakieś będą to Usuń i pokaż raport"

Nie mam podłączonych kart pamięci. Możesz mo powiedzieć do czego służy MalwareByte's?

masz syf na pendrive

malware usuwa z dysku różne nieciekawe rzeczy