Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help me PLZ


  • This topic is locked This topic is locked
1 reply to this topic

#1 Dweks96

Dweks96

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:16 AM

Posted 25 October 2009 - 12:47 PM

Hiho,

i have got this PC 3 years and its very slow... i read that on page top and i dont understeand it!!

here is ComboFix LOG:

ComboFix 09-10-24.06 - Dawid 2009-10-25 18:30.1.1 - NTFSx86Microsoft Windows XP Home Edition  5.1.2600.1.1250.48.1045.18.255.139 [GMT 1:00]Uruchomiony z: c:\documents and settings\Dawid\Pulpit\ComboFix.exeUWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!.(((((((((((((((((((((((((((((((((((((((   Usunięto   ))))))))))))))))))))))))))))))))))))))))))))))))).C:\autorun.infC:\mranjm.exec:\program files\myglobalsearchc:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.JARc:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.MANIFESTc:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.JARc:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.MANIFESTc:\program files\myglobalsearch\bar\1.bin\M9PLUGIN.DLLc:\program files\myglobalsearch\bar\1.bin\MGSBAR.DLLc:\program files\myglobalsearch\bar\1.bin\NPMYGLSH.DLLc:\program files\myglobalsearch\bar\Cache\001351CDc:\program files\myglobalsearch\bar\Cache\001355B5c:\program files\myglobalsearch\bar\Cache\0013577A.binc:\program files\myglobalsearch\bar\Cache\00135B62.binc:\program files\myglobalsearch\bar\Cache\00135CE8.binc:\program files\myglobalsearch\bar\Cache\files.inic:\program files\myglobalsearch\bar\History\searchc:\program files\myglobalsearch\bar\Settings\prevcfg.htmc:\windows\system\msvbvm60.dllc:\windows\system32\ieuinit.infD:\3c.exeD:\Autorun.infD:\mranjm.exeD:\sv8c2bjw.batD:\ucivd6xi.batc:\windows\system32\qmgr.dll . . . jest zainfekowany!!.(((((((((((((((((((((((((   Pliki utworzone od 2009-09-25 do 2009-10-25  ))))))))))))))))))))))))))))))).2009-10-25 07:11 . 2009-10-25 07:11	12328	----a-w-	c:\documents and settings\Dawid\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2009-10-25 07:11 . 2009-10-25 07:15	--------	d-----w-	c:\documents and settings\Dawid\Ustawienia lokalne\Dane aplikacji\Deployment2009-10-24 15:26 . 2009-10-24 15:26	--------	d-----w-	c:\program files\VS Online2009-10-24 15:24 . 2009-10-24 15:25	--------	d-----w-	c:\documents and settings\Dawid\Dane aplikacji\Pionek2009-10-24 15:24 . 2009-10-24 15:24	--------	d-----w-	c:\program files\Pionek2009-10-24 14:42 . 2009-10-24 14:42	--------	d-----w-	c:\program files\CardDetector2009-10-24 14:37 . 2009-10-24 14:37	--------	d-----w-	c:\program files\Vs Online BOT ver 2.1 by r4mzes2009-10-23 12:50 . 2009-10-23 12:50	--------	d-----w-	c:\program files\YourWare Solutions2009-10-23 12:45 . 2009-10-23 12:45	--------	d-----w-	c:\program files\FinitySoft Memory Manger2009-10-18 12:21 . 2007-12-26 15:30	1970176	----a-w-	c:\windows\system32\d3dx9.dll2009-10-18 12:21 . 2007-12-26 15:30	679936	----a-w-	c:\windows\system32\D3DX81ab.dll2009-10-18 12:21 . 2009-10-25 13:57	--------	d-----w-	c:\program files\Cheat Engine2009-10-12 19:11 . 2009-10-14 13:21	--------	d-----w-	c:\program files\Spybot - Search & Destroy2009-10-12 19:11 . 2009-10-14 12:49	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy2009-10-11 11:41 . 2009-08-06 17:24	327896	----a-w-	c:\windows\system32\wucltui.dll2009-10-11 11:41 . 2009-08-06 17:24	209632	----a-w-	c:\windows\system32\wuweb.dll2009-10-11 11:41 . 2009-08-06 17:24	35552	----a-w-	c:\windows\system32\wups.dll2009-10-11 11:41 . 2009-08-06 17:23	575704	----a-w-	c:\windows\system32\wuapi.dll2009-10-11 11:41 . 2004-08-03 12:04	187160	----a-w-	c:\windows\system32\wuaueng1.dll2009-10-11 11:41 . 2004-08-03 12:03	170264	----a-w-	c:\windows\system32\wuauclt1.exe2009-10-11 10:22 . 2009-10-11 10:22	--------	d-----w-	c:\documents and settings\LocalService\Dane aplikacji\iolo2009-10-11 10:22 . 2009-08-28 08:29	93096	----a-w-	c:\windows\system32\IncContxMenu.dll2009-10-11 10:22 . 2009-08-28 08:29	2116008	----a-w-	c:\windows\system32\Incinerator.dll2009-10-11 10:21 . 2009-08-26 13:42	30208	----a-w-	c:\windows\system32\iolobtdfg.exe2009-10-11 10:21 . 2009-08-26 13:42	12288	----a-w-	c:\windows\system32\smrgdf.exe2009-10-11 10:21 . 2009-10-11 10:21	--------	d-----w-	c:\program files\iolo2009-10-11 10:21 . 2009-10-11 10:21	74703	----a-w-	c:\windows\system32\mfc45.dll2009-10-11 10:18 . 2009-10-25 17:17	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\iolo2009-10-11 10:18 . 2009-10-11 10:23	--------	d-----w-	c:\documents and settings\Dawid\Dane aplikacji\iolo2009-10-09 11:47 . 2009-10-09 11:47	--------	d-----w-	c:\documents and settings\Dawid\Dane aplikacji\U32009-10-09 11:12 . 2003-09-23 08:38	155648	----a-w-	c:\windows\system32\SSCE5232.dll2009-10-09 11:12 . 2009-10-09 11:12	--------	d-----w-	c:\program files\Common Files\Wintertree2009-10-09 11:12 . 2009-10-09 11:12	--------	d-----w-	c:\program files\Virtual Mechanics2009-10-09 11:11 . 2003-09-23 08:55	299520	----a-w-	c:\windows\uninst.exe2009-10-09 11:11 . 2009-10-09 11:11	--------	d-----w-	c:\documents and settings\Dawid\WINDOWS2009-10-07 12:13 . 2002-10-29 03:50	545	----a-w-	c:\windows\UC.PIF2009-10-07 12:13 . 2002-10-29 03:50	545	----a-w-	c:\windows\RAR.PIF2009-10-07 12:13 . 2002-10-29 03:50	545	----a-w-	c:\windows\PKZIP.PIF2009-10-07 12:13 . 2002-10-29 03:50	545	----a-w-	c:\windows\PKUNZIP.PIF2009-10-07 12:13 . 2002-10-29 03:50	545	----a-w-	c:\windows\NOCLOSE.PIF2009-10-07 12:13 . 2002-10-29 03:50	545	----a-w-	c:\windows\LHA.PIF2009-10-07 12:13 . 2002-10-29 03:50	545	----a-w-	c:\windows\ARJ.PIF2009-10-07 12:13 . 2009-10-07 12:13	--------	d-----w-	C:\totalcmd2009-10-07 12:04 . 2009-10-07 12:04	--------	d-----w-	c:\program files\City Interactive2009-10-07 11:57 . 2009-10-07 11:59	--------	d-----w-	c:\program files\Alien Nations 2 PL2009-10-05 18:04 . 2009-10-05 18:38	--------	d-----w-	C:\BSHackerReplay2009-10-05 16:36 . 2009-10-05 16:36	--------	d-----w-	c:\program files\uTorrent2009-10-05 16:36 . 2009-10-11 10:36	--------	d-----w-	c:\documents and settings\Dawid\Dane aplikacji\uTorrent2009-10-05 16:14 . 2003-06-13 17:35	10240	----a-w-	c:\windows\system\regsvr32.exe2009-10-05 16:10 . 2000-06-08 15:00	581632	----a-w-	c:\windows\system\COMCTL32.DLL2009-10-05 16:09 . 2005-02-04 11:40	73810	----a-w-	c:\windows\system\rapi.dll2009-10-05 16:09 . 2000-06-08 15:00	1146880	----a-w-	c:\windows\system\SHDOCVW.DLL2009-10-03 13:59 . 2009-10-05 15:47	--------	d-----w-	c:\program files\AutoConnect2009-09-29 18:09 . 2009-10-17 17:49	--------	d-----w-	c:\program files\AC Tool2009-09-29 17:47 . 2009-09-29 17:47	--------	d-----w-	c:\program files\vTask Studio2009-09-29 16:53 . 2009-10-03 14:13	--------	d-----w-	c:\documents and settings\Dawid\Dane aplikacji\ShareazaTb2009-09-29 16:53 . 2009-09-29 16:53	--------	d-----w-	c:\program files\ShareazaTb2009-09-29 16:52 . 2009-09-29 16:59	--------	d-----w-	c:\documents and settings\Dawid\Ustawienia lokalne\Dane aplikacji\Shareaza2009-09-29 16:52 . 2009-09-29 16:52	--------	d-----w-	c:\program files\Shareaza Applications2009-09-29 16:28 . 2009-09-29 16:28	117960	--sh--r-	C:\rg9g9bgq.exe2009-09-29 16:28 . 2009-09-29 16:35	--------	d-----w-	c:\program files\BearShare2009-09-29 16:07 . 2009-09-29 16:07	--------	d-----w-	C:\GRY.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-10-25 07:23 . 2003-04-16 12:00	74230	----a-w-	c:\windows\system32\perfc015.dat2009-10-25 07:23 . 2003-04-16 12:00	448004	----a-w-	c:\windows\system32\perfh015.dat2009-10-24 14:44 . 2009-09-28 19:23	--------	d-----w-	c:\program files\OrangeBS2009-10-24 14:40 . 2009-09-28 19:22	--------	d-----w-	c:\program files\Common Files\France Telecom2009-10-23 12:49 . 2009-09-28 19:15	--------	d-----w-	c:\program files\Gadu-Gadu2009-10-22 16:59 . 2003-04-16 12:00	12464	----a-w-	c:\windows\system32\drivers\secdrv.sys2009-09-29 16:07 . 2009-09-28 19:20	--------	d--h--w-	c:\program files\InstallShield Installation Information2009-09-29 16:07 . 2009-09-28 19:19	--------	d-----w-	c:\program files\Common Files\InstallShield2009-09-28 19:45 . 2009-09-28 19:45	--------	d-----w-	c:\program files\Realtek Sound Manager2009-09-28 19:45 . 2009-09-28 19:45	--------	d-----w-	c:\program files\AvRack2009-09-28 19:43 . 2009-09-28 19:43	335	----a-w-	c:\windows\nsreg.dat2009-09-28 19:43 . 2009-09-28 19:43	118784	----a-w-	c:\windows\SeaMonkeyUninstall.exe2009-09-28 19:43 . 2009-09-28 19:42	7738	----a-w-	c:\windows\mozver.dat2009-09-28 19:43 . 2009-09-28 19:43	118784	----a-w-	c:\windows\GREUninstall.exe2009-09-28 19:42 . 2009-09-28 19:42	--------	d-----w-	c:\program files\Common Files\mozilla.org2009-09-28 19:42 . 2009-09-28 19:42	--------	d-----w-	c:\program files\mozilla.org2009-09-28 19:35 . 2009-09-28 19:35	--------	d-----w-	c:\documents and settings\Dawid\Dane aplikacji\MSN62009-09-28 19:35 . 2009-09-28 19:35	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\MSN62009-09-28 19:22 . 2009-09-28 19:20	--------	d-----w-	c:\program files\ATI Technologies2009-09-28 19:15 . 2009-09-28 19:15	--------	d-----w-	c:\documents and settings\Dawid\Dane aplikacji\Gadu-Gadu2009-09-28 19:13 . 2009-09-28 19:13	--------	d-----w-	c:\program files\Alwil Software2009-09-28 19:07 . 2009-09-28 19:07	--------	d-----w-	c:\program files\microsoft frontpage2009-09-28 19:06 . 2009-09-28 19:04	--------	d-----w-	c:\program files\Usługi online2009-09-28 19:04 . 2009-09-28 19:04	21856	----a-w-	c:\windows\system32\emptyregdb.dat2009-08-06 17:24 . 2008-10-16 12:09	44768	----a-w-	c:\windows\system32\wups2.dll2009-08-06 17:24 . 2009-09-28 19:03	53472	----a-w-	c:\windows\system32\wuauclt.exe2009-08-06 17:24 . 2003-04-16 12:00	96480	----a-w-	c:\windows\system32\cdm.dll2009-08-06 17:23 . 2009-09-28 19:03	1929952	----a-w-	c:\windows\system32\wuaueng.dll.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  REGEDIT4[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE9A4208-64EC-11DE-8440-204256D89593}]2009-08-10 14:07	91584	----a-w-	c:\program files\ShareazaTb\ShareazaDx.dll[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]"{EE9A4208-64EC-11DE-8440-204256D89593}"= "c:\program files\ShareazaTb\ShareazaDx.dll" [2009-08-10 91584][HKEY_CLASSES_ROOT\clsid\{ee9a4208-64ec-11de-8440-204256d89593}][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"VS Online"="c:\program files\VS Online\VSOnline.exe" [2009-08-05 1098752][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-06-25 335872]"CardDetectorZTEMF636"="c:\program files\CardDetector\ZTEMF636\CardDetector.exe" [2008-10-14 274432]"BEWINTERNET-PLSessionManager"="c:\program files\OrangeBS\BEWInternet-PL\SessionManager\SessionManager.exe" [2008-10-24 131824]"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2003-03-27 53248][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2003-04-16 13312]HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cdoosoft[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"c:\\Program Files\\OrangeBS\\BEWInternet-PL\\Connectivity\\ConnectivityManager.exe"=R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-09-28 78416]S2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [2009-10-11 609792]S2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [2009-10-11 609792]S3 ZTEusbnmeaext;ZTE NMEAExt Port;c:\windows\system32\drivers\ZTEusbnmeaext.sys [2009-09-28 103936]..------- Skan uzupełniający -------.uStart Page = hxxp://search.shareazaweb.com/IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htmFF - ProfilePath - c:\documents and settings\Dawid\Dane aplikacji\Mozilla\Firefox\Profiles\zvjfv2am.default\..------- Skojarzenia plików -------.JSEFile=NOTEPAD.EXE %1.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url]Rootkit scan 2009-10-25 18:35Windows 5.1.2600 Dodatek Service Pack. 1 NTFSskanowanie ukrytych procesów ...  skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ...  skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(496)c:\windows\System32\ODBC32.dll- - - - - - - > 'lsass.exe'(552)c:\windows\System32\dssenh.dll.------------------------ Pozostałe uruchomione procesy ------------------------.c:\program files\Alwil Software\Avast4\aswUpdSv.exec:\program files\Alwil Software\Avast4\ashServ.exec:\windows\System32\Ati2evxx.exec:\progra~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exec:\combofix\CF20204.exec:\program files\OrangeBS\BEWInternet-PL\Launcher\Launcher.exec:\progra~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exec:\program files\OrangeBS\BEWInternet-PL\systray\systrayapp.exec:\program files\OrangeBS\BEWInternet-PL\connectivity\connectivitymanager.exec:\program files\OrangeBS\BEWInternet-PL\PhoneTools\TextMessaging.exec:\program files\OrangeBS\BEWInternet-PL\Deskboard\deskboard.exec:\program files\OrangeBS\BEWInternet-PL\connectivity\CoreCom\CoreCom.exec:\progra~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exec:\program files\Alwil Software\Avast4\ashMaiSv.exec:\program files\Alwil Software\Avast4\ashWebSv.exec:\combofix\PEV.cfxxe.**************************************************************************.Czas ukończenia: 2009-10-25 18:38 - komputer został uruchomiony ponownieComboFix-quarantined-files.txt  2009-10-25 17:38Przed: 3 841 757 184 bajtów wolnychPo: 3 815 325 696 bajtów wolnych- - End Of File - - BB95227E0699B0F5B0C568C2C7A58DB3


PLEASE HELP!!

BC AdBot (Login to Remove)

 


#2 Guest_The weatherman_*

Guest_The weatherman_*

  • Guests
  • OFFLINE
  •  

Posted 25 October 2009 - 02:07 PM

Hello Dweks96,

Please note the message text in blue at the top of the Am I infected? What do I do? forum.

ComboFix logs should not to be posted outside the HijackThis forums and then only when requested by a HJT Team member. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

Please create a new topic explaining the nature of your problem in the Am I infected? What do I do? forum. Describe pop-ups and system tray or desktop icons that have appeared. Explain what is "going wrong" with your computer. Note any tools you have used and their respective results.

If needed, we will direct you to our HJT Preparation Guide.

Thank you for using BleepingComputer as your malware removal source.

This topic is now closed. If you have any questions, please PM me or another Moderator.
The BC Staff




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users