Vista jak postawić system

[slawek3108]

Witam mój laptop od jakiegoś czasu(około miesiąca)muli i chodzi coraz wolniej.Powoli otwiera internet skypa nawet włącza się coraz wolniej.Przeskanowałem go Dr.Webem znalazł jednego trojana ale nic to nie zmieniło.Chciałbym na nowo postawić system może będzie lepiej.Chyba że są inne opcje.Będę bardzo wdzięczny za pomoc .Mój laptop to acer aspire 5315 a vista basic Dzięki

[gloomm]

Witam
Walka do końca.Format to ostateczność.

1.Trojan Remower zainstaluj i uruchom.
2. ComboFix.

[slawek3108]

witam. Dopiero wstałem i zaraz się biorę do działania.Będę walczył jak lew do końca.Dzięki

Dodano Dzisiaj, 16:45:

Kod: Zaznacz wszystko

ComboFix 09-05-06.08 - Sławek 2009-05-08 16:08.4 - NTFSx86
Microsoft® Windows Vista™ Home Basic   6.0.6001.1.1250.48.1045.18.1013.327 [GMT 2:00]
Uruchomiony z: c:\users\Sławek\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1229 [VPS 081124-0] *On-access scanning enabled* (Updated)
.

(((((((((((((((((((((((((   Pliki utworzone od 2009-04-08 do 2009-05-08  )))))))))))))))))))))))))))))))
.

2009-05-08 14:03 . 2005-08-25 23:50   77312   ----a-w   c:\windows\system32\ztvunace26.dll
2009-05-08 14:03 . 2009-05-08 14:03   --------   d-----w   c:\programdata\Simply Super Software
2009-05-08 14:03 . 2009-05-08 14:03   --------   d-----w   c:\users\All Users\Simply Super Software
2009-05-08 14:03 . 2009-05-08 14:03   --------   d-----w   c:\program files\Trojan Remover
2009-05-07 14:52 . 2009-05-07 14:52   --------   d-----w   c:\programdata\Wru
2009-05-07 14:52 . 2009-05-07 14:52   --------   d-----w   c:\users\All Users\Wru
2009-05-07 14:46 . 2009-05-07 14:52   --------   d-----w   c:\program files\Wru
2009-05-06 17:41 . 2009-05-06 17:41   --------   d-----w   c:\program files\VideoLAN
2009-04-23 19:35 . 2004-06-22 18:06   1040384   ----a-w   c:\windows\system32\GnucCOM.dll
2009-04-23 19:29 . 2009-04-23 19:29   --------   d-----r   c:\users\Public\Videos
2009-04-23 16:53 . 2009-04-23 16:53   --------   d-----r   c:\users\Public\Music
2009-04-23 03:07 . 2009-04-23 03:07   --------   d-----w   c:\programdata\is-VP1QQ
2009-04-23 03:07 . 2009-04-23 03:07   --------   d-----w   c:\users\All Users\is-VP1QQ
2009-04-23 03:06 . 2009-05-08 14:13   35696672   --sha-w   c:\windows\system32\drivers\fidbox.dat
2009-04-23 03:06 . 2008-07-08 12:54   148496   ----a-w   c:\windows\system32\drivers\55459069.sys
2009-04-20 03:27 . 2009-04-20 03:27   --------   d-----w   c:\program files\Microsoft Silverlight
2009-04-20 03:22 . 2009-05-07 14:10   --------   dc----w   c:\windows\system32\DRVSTORE
2009-04-20 03:20 . 2009-04-20 03:20   --------   d-----w   c:\program files\Microsoft SQL Server Compact Edition
2009-04-20 03:19 . 2009-05-07 14:07   --------   d-----w   c:\program files\Microsoft
2009-04-20 03:18 . 2009-04-20 03:18   --------   d-----w   c:\program files\Windows Live SkyDrive
2009-04-20 03:18 . 2009-05-07 14:15   --------   d-----w   c:\program files\Windows Live
2009-04-20 03:09 . 2009-04-20 03:09   --------   d-----w   c:\program files\Common Files\Windows Live
2009-04-19 19:17 . 2009-05-06 04:43   --------   d---a-w   c:\programdata\TEMP
2009-04-19 19:17 . 2009-05-06 04:43   --------   d---a-w   c:\users\All Users\TEMP
2009-04-19 19:17 . 2006-05-25 13:52   162304   ----a-w   c:\windows\system32\ztvunrar36.dll
2009-04-19 19:17 . 2006-06-19 11:01   69632   ----a-w   c:\windows\system32\ztvcabinet.dll
2009-04-19 19:17 . 2002-03-05 23:00   75264   ----a-w   c:\windows\system32\unacev2.dll
2009-04-19 19:17 . 2003-02-02 18:06   153088   ----a-w   c:\windows\system32\UNRAR3.dll
2009-04-19 03:19 . 2009-04-23 03:04   --------   d-----w   c:\users\Public\Documents
2009-04-16 05:05 . 2009-02-13 08:49   1255936   ----a-w   c:\windows\system32\lsasrv.dll
2009-04-16 05:05 . 2009-02-13 08:49   72704   ----a-w   c:\windows\system32\secur32.dll
2009-04-16 05:05 . 2009-03-17 03:38   13824   ----a-w   c:\windows\system32\apilogen.dll
2009-04-16 05:05 . 2009-03-17 03:38   24064   ----a-w   c:\windows\system32\amxread.dll
2009-04-16 05:05 . 2008-06-06 03:27   562176   ----a-w   c:\windows\system32\msdtcprx.dll
2009-04-16 05:05 . 2008-06-06 03:27   38912   ----a-w   c:\windows\system32\xolehlp.dll
2009-04-16 05:05 . 2008-12-06 04:42   376832   ----a-w   c:\windows\system32\winhttp.dll
2009-04-16 05:04 . 2009-03-03 04:39   551424   ----a-w   c:\windows\system32\rpcss.dll
2009-04-16 05:04 . 2009-03-03 04:46   3599328   ----a-w   c:\windows\system32\ntkrnlpa.exe
2009-04-16 05:04 . 2009-03-03 04:46   3547632   ----a-w   c:\windows\system32\ntoskrnl.exe
2009-04-16 05:04 . 2009-03-03 03:04   666624   ----a-w   c:\windows\system32\printfilterpipelinesvc.exe
2009-04-16 05:04 . 2009-03-03 04:39   26112   ----a-w   c:\windows\system32\printfilterpipelineprxy.dll
2009-04-16 05:04 . 2009-03-03 04:39   183296   ----a-w   c:\windows\system32\sdohlp.dll
2009-04-16 05:04 . 2009-03-03 04:37   98304   ----a-w   c:\windows\system32\iasrecst.dll
2009-04-16 05:04 . 2009-03-03 04:37   44032   ----a-w   c:\windows\system32\iasdatastore.dll
2009-04-16 05:04 . 2009-03-03 04:37   54784   ----a-w   c:\windows\system32\iasads.dll
2009-04-16 05:04 . 2009-03-03 02:38   17408   ----a-w   c:\windows\system32\iashost.exe
2009-04-16 05:02 . 2009-03-03 04:40   827392   ----a-w   c:\windows\system32\wininet.dll
2009-04-16 05:02 . 2009-03-03 02:28   26624   ----a-w   c:\windows\system32\ieUnatt.exe
2009-04-16 05:02 . 2009-03-03 04:37   78336   ----a-w   c:\windows\system32\ieencode.dll
2009-04-15 13:25 . 2009-02-13 09:31   55640   ----a-w   c:\windows\system32\drivers\avgntflt.sys
2009-04-15 13:13 . 2009-04-15 13:13   --------   dc-h--w   c:\programdata\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-04-15 13:13 . 2009-04-15 13:13   --------   dc-h--w   c:\users\All Users\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-08 06:21 . 2009-04-23 03:06   371960   --sha-w   c:\windows\system32\drivers\fidbox.idx
2009-05-07 14:20 . 2009-02-11 13:04   --------   d-----w   c:\program files\The Learning Company
2009-05-07 14:18 . 2007-08-16 18:10   --------   d--h--w   c:\program files\InstallShield Installation Information
2009-05-07 14:05 . 2008-10-24 19:07   --------   d-----w   c:\program files\NAPI-PROJEKT
2009-04-20 03:28 . 2006-12-05 05:19   662056   ----a-w   c:\windows\system32\perfh015.dat
2009-04-20 03:28 . 2006-12-05 05:19   126908   ----a-w   c:\windows\system32\perfc015.dat
2009-04-20 03:24 . 2006-11-02 10:25   86016   ----a-w   c:\windows\inf\infpub.dat
2009-04-20 03:24 . 2006-11-02 10:25   143360   ----a-w   c:\windows\inf\infstrng.dat
2009-04-20 03:24 . 2006-11-02 10:25   86016   ----a-w   c:\windows\inf\infstor.dat
2009-04-20 02:57 . 2008-06-27 17:29   --------   d-----w   c:\program files\DivX
2009-04-17 01:13 . 2006-11-02 11:18   --------   d-----w   c:\program files\Windows Mail
2009-04-15 13:12 . 2008-11-04 19:37   --------   d-----w   c:\program files\Lavasoft
2009-04-12 19:14 . 2008-11-25 20:04   --------   d-----w   c:\program files\BearShare Applications
2009-03-21 14:41 . 2008-10-24 05:33   --------   d-----w   c:\program files\GRETECH
2009-02-09 03:10 . 2009-03-11 03:51   2033152   ----a-w   c:\windows\system32\win32k.sys
2008-08-20 20:35 . 2006-11-02 12:48   174   --sh--w   c:\program files\desktop.ini
.

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane 
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2008-09-02 14:05   398776   ----a-w   c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-30 1829712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-06-06 159744]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2009-04-29 1053576]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-07-06 4669440]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-06-15 1826816]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{7DF4A605-CD08-4F3F-9044-0DDA3763E0AC}"= c:\program files\Acer\Acer Arcade\PowerCinema.exe:CyberLink PowerCinema
"{CAB18D13-701F-4C0D-B484-4F4F1FEAB785}"= c:\program files\Acer\Acer Arcade\PCMService.exe:CyberLink PowerCinema Resident Program
"{9574A42F-8091-486C-BBA6-58CDD37A8852}"= c:\program files\Acer\Acer Arcade\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{BA766D29-5B63-4DA1-9CCC-FDB4B2D2D7D0}"= c:\program files\Acer\Acer Arcade\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{719DB1A9-1B04-4FEC-9CB2-D48DF985EC8E}"= c:\program files\Acer\HomeMedia\HomeMedia.exe:HomeMedia
"{28DF4FC8-1333-4FDA-8DA4-63B0E1489711}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{2715FE0A-B12F-407F-8585-35673A0AAD97}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{448902C4-351D-4E22-812F-9C5E0F5480A3}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{3F0DC591-68FC-4CB2-AD1D-76F09EC4636F}"= UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{6FE56862-751F-4BD5-AEA1-2BB1F19B7BCF}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{488F99ED-C6AF-4EA6-8D3B-0D1F33A10963}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{AB4551A0-21A5-44E2-A4BF-2E02FCF34815}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{7CFEE1BA-360C-48DE-909F-CE898F9A1ADF}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{E4AE49AB-0C0C-4610-8FB0-36FED54B770C}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"TCP Query User{78A0D0A5-ACFD-42EE-8E82-4AEDDAA233F7}c:\\users\\sławek\\documents\\utorrent.exe"= UDP:c:\users\sławek\documents\utorrent.exe:utorrent.exe
"UDP Query User{128E1958-EEBE-4C09-8248-D779DDC9CFDD}c:\\users\\sławek\\documents\\utorrent.exe"= TCP:c:\users\sławek\documents\utorrent.exe:utorrent.exe
"TCP Query User{06126338-F474-4EF9-9C76-CD7FD0CAD791}c:\\users\\sławek\\documents\\utorrent.exe"= UDP:c:\users\sławek\documents\utorrent.exe:utorrent.exe
"UDP Query User{787822D8-EAC0-41EB-8F2A-D47439439553}c:\\users\\sławek\\documents\\utorrent.exe"= TCP:c:\users\sławek\documents\utorrent.exe:utorrent.exe
"TCP Query User{A07BEBC6-AE68-4447-840E-6E621B6141D4}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{C333ACA0-FE18-4112-9563-66A03EB71216}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{11959E56-F36C-4E0A-BE19-4EE79CC4CF31}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{73B11B00-56B1-4094-AA37-D6DC5D41CD6D}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"{3644FC34-A181-4CD8-8039-BF23082A3A60}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{D7C851B4-160C-41A1-9749-51AF4D69D46A}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{5AF5FFA9-6B58-4D57-A0F9-EA537D504386}"= UDP:8461:GoD High Port
"{BFCCE6A7-53FD-4519-9D0F-F96B5F929942}"= UDP:8462:GoD Low Port
"TCP Query User{5B24DC66-7687-4613-B6C4-852CF18B8A03}d:\\god\\god.exe"= UDP:d:\god\god.exe:GoD
"UDP Query User{ADC2E118-FE62-4537-B472-001637673034}d:\\god\\god.exe"= TCP:d:\god\god.exe:GoD
"TCP Query User{9C2942F3-0360-4657-A494-6D155492CF89}c:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= UDP:c:\program files\bearshare applications\bearshare\bearshare.exe:BearShare
"UDP Query User{B66E41AA-4DFB-4E82-BB4F-B0155741701D}c:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= TCP:c:\program files\bearshare applications\bearshare\bearshare.exe:BearShare
"TCP Query User{BEE9261F-F1F8-465C-8006-563A5CF93AC4}c:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= UDP:c:\program files\bearshare applications\bearshare\bearshare.exe:BearShare
"UDP Query User{F114E01D-522F-4174-9554-485C2BD8AFFD}c:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= TCP:c:\program files\bearshare applications\bearshare\bearshare.exe:BearShare
"TCP Query User{AAAE3F0E-CA15-42F4-A9AB-56D9026E52BB}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{CF35B39F-2635-47D4-842F-7D5FD44B2B81}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{C9100C22-D026-40FD-8194-847EFBC3087B}"= UDP:d:\pobrane 1\uTorrent.exe:µTorrent (TCP-In)
"{46307126-1515-4A14-B15D-8879038F28A1}"= TCP:d:\pobrane 1\uTorrent.exe:µTorrent (UDP-In)
"{72B76AC0-2D19-45DC-9C29-0ED018612119}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2008-11-04 114768]
R1 is-VP1QQdrv;is-VP1QQdrv;c:\windows\System32\drivers\55459069.sys [2009-04-23 148496]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2008-11-04 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2008-11-04 51792]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [2007-08-17 179712]
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:\windows\System32\drivers\e4ldr.sys [2008-11-25 69656]
S3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\System32\drivers\e4usbaw.sys [2008-11-25 104344]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork   REG_MULTI_SZ      PLA DPS BFE mpssvc
.
.
------- Skan uzupełniający -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://pl.intl.acer.yahoo.com
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Sławek\AppData\Roaming\Mozilla\Firefox\Profiles\e06h5rjd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:pl:official
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-08 16:14
Windows 6.0.6001 Service Pack 1 NTFS

skanowanie ukrytych procesów ... 

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ... 

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-109616326-2995623209-3042806892-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0[/u]000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Czas ukończenia: 2009-05-08 16:16
ComboFix-quarantined-files.txt  2009-05-08 14:16

Przed: 24 949 063 680 bajtów wolnych
Po: 24 842 244 096 bajtów wolnych

204   --- E O F ---   2009-05-07 05:02
[code][/code]

Dodano Dzisiaj, 10:53:
witam a to reszta z T.R

Dodano Dzisiaj, 11:08:
http://wklej.org/id/88095/