Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

strasznie spowolniony komp


  • This topic is locked This topic is locked
2 replies to this topic

#1 zajger

zajger

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:34 PM

Posted 11 May 2012 - 02:30 PM

prosze o pomoc bo strasznie spowolniona mam przegladarke
ComboFix 12-05-09.01 - Viao 11/05/2012 0:08.11.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.511.245 [GMT 2:00]
Lancé depuis: c:\documents and settings\Viao\Bureau\ComboFix.exe
Commutateurs utilisés :: /uninstal
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-04-10 au 2012-05-10 ))))))))))))))))))))))))))))))))))))
.
.
2012-05-10 20:42 . 2012-05-10 20:42 -------- d-----w- c:\program files\Fichiers communs\xing shared
2012-05-10 20:39 . 2012-05-10 20:42 -------- d-----w- c:\program files\Real
2012-05-10 19:51 . 2012-05-10 19:52 -------- d-----w- c:\documents and settings\Viao\Local Settings\Application Data\Adobe
2012-05-06 12:48 . 2012-05-06 12:48 -------- d-----w- c:\program files\NapiProjekt
2012-05-05 19:29 . 2000-07-08 13:06 87040 ----a-w- c:\windows\UnGins.exe
2012-05-05 19:29 . 2012-05-05 19:29 -------- d-----w- c:\program files\MarBit
2012-05-04 19:34 . 2012-05-04 19:34 -------- d-----w- c:\documents and settings\Viao\Local Settings\Application Data\Google
2012-05-04 19:34 . 2012-03-06 23:01 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-05-04 19:34 . 2012-03-06 23:03 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-05-04 19:34 . 2012-03-06 23:02 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-05-04 19:34 . 2012-03-06 23:01 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-05-04 19:34 . 2012-03-06 23:03 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-05-04 19:34 . 2012-03-06 23:01 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-05-04 19:34 . 2012-03-06 23:01 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-05-04 19:34 . 2012-03-06 22:58 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-05-04 19:32 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-05-04 19:32 . 2012-03-06 23:15 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-05-04 19:31 . 2012-05-04 19:31 -------- d-----w- c:\program files\AVAST Software
2012-05-04 19:31 . 2012-05-04 19:31 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2012-05-04 19:01 . 2012-05-04 19:01 -------- d-----w- c:\documents and settings\Viao\Local Settings\Application Data\Conduit
2012-05-04 19:01 . 2012-05-04 19:01 -------- d-----w- c:\documents and settings\Viao\Local Settings\Application Data\temp
2012-04-29 18:49 . 2012-04-29 18:49 -------- d-----w- c:\documents and settings\All Users\Favoris
2012-04-29 18:49 . 2012-04-29 18:49 -------- d--h--w- c:\documents and settings\Viao\Modèles
2012-04-29 18:49 . 2012-04-29 18:49 -------- d--h--w- c:\documents and settings\Viao\Voisinage d'impression
2012-04-29 17:28 . 2012-05-10 20:44 -------- d-----w- c:\documents and settings\All Users\Bureau
2012-04-29 17:23 . 2012-04-29 17:23 -------- d-----w- c:\documents and settings\All Users\Modèles
2012-04-29 13:43 . 2012-05-04 19:19 -------- d-----w- c:\program files\Odkurzacz
2012-04-29 12:53 . 2012-04-29 12:53 -------- d--h--w- c:\documents and settings\Viao\Voisinage réseau
2012-04-29 12:53 . 2012-05-04 19:27 -------- d-sh--w- c:\documents and settings\Viao\UserData
2012-04-28 15:18 . 2012-05-10 20:33 -------- d-----r- c:\documents and settings\Viao\Mes documents
2012-04-28 13:04 . 2012-04-29 18:49 -------- d-----w- c:\documents and settings\All Users\Documents
2012-04-28 10:42 . 2012-04-28 10:42 -------- d-----w- c:\documents and settings\Viao\Local Settings\Application Data\Mozilla
2012-04-28 10:41 . 2012-04-28 10:41 -------- d-----w- c:\documents and settings\All Users\Menu Démarrer
2012-04-28 09:57 . 2012-04-28 09:57 -------- d-----w- c:\documents and settings\Viao\Local Settings\Application Data\Ashampoo
2012-04-28 09:57 . 2012-04-28 10:00 -------- d-----r- c:\documents and settings\Viao\Favoris
2012-04-28 09:57 . 2012-05-10 21:50 -------- d-----w- c:\documents and settings\Viao\Bureau
2012-04-28 09:57 . 2012-04-28 09:57 -------- d-----w- c:\documents and settings\Viao\Menu Démarrer
2012-04-25 16:01 . 2012-04-25 16:01 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-04-25 16:01 . 2012-04-25 16:01 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-25 16:01 . 2012-04-25 16:01 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe
2012-04-24 16:36 . 2012-04-24 16:36 -------- d-----w- c:\program files\Conduit
2012-04-24 16:28 . 2012-05-09 18:22 -------- d-----w- c:\program files\uTorrent
2012-04-23 21:24 . 2012-04-23 21:50 -------- d-----w- c:\windows\SxsCaPendDel
2012-04-17 19:06 . 2012-04-17 19:06 -------- d-----w- c:\program files\Uniblue
2012-04-14 18:34 . 2012-04-14 18:34 -------- d-----w- c:\program files\SFR
2012-04-13 18:09 . 2011-03-02 11:43 175616 ----a-w- c:\windows\system32\unrar.dll
2012-04-13 17:19 . 2012-04-13 17:21 -------- d-----w- c:\program files\CCleaner
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-10 20:40 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-05-10 20:40 . 2003-03-18 19:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-04-14 19:22 . 2011-10-08 15:05 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-14 19:22 . 2011-10-08 15:05 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-11 13:51 . 2004-08-04 00:48 2071168 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 13:51 . 2004-08-20 09:11 1862400 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 13:51 . 2004-08-20 09:10 2194688 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-04 13:56 . 2012-04-10 19:28 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-01 01:15 . 2004-08-20 09:11 832512 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 01:15 . 2004-08-20 09:10 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-03-01 01:15 . 2004-08-20 09:10 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2012-03-01 01:15 . 2004-08-20 09:10 17408 ----a-w- c:\windows\system32\corpol.dll
2012-02-29 14:10 . 2004-08-20 09:11 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2004-08-20 09:10 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-25 16:01 . 2011-10-08 13:51 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-05-09_20.34.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-05-10 20:42 . 2012-05-10 20:42 18944 c:\windows\Installer\c77135.msi
+ 2012-05-10 20:40 . 2012-05-10 20:40 92672 c:\windows\Installer\c7712a.msi
+ 2012-05-10 20:37 . 2012-05-10 20:37 24064 c:\windows\Installer\c77124.msi
+ 2012-05-10 20:40 . 2012-05-10 20:40 5632 c:\windows\system32\pndx5032.dll
+ 2012-05-10 20:40 . 2012-05-10 20:40 6656 c:\windows\system32\pndx5016.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 01:54 . 2008-07-29 01:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2012-05-10 20:41 . 2012-05-10 20:41 198832 c:\windows\system32\rmoc3260.dll
+ 2012-05-10 20:40 . 2012-05-10 20:40 272896 c:\windows\system32\pncrt.dll
+ 2004-08-20 18:17 . 2012-05-10 21:39 172280 c:\windows\system32\FNTCACHE.DAT
- 2004-08-20 18:17 . 2011-10-09 07:10 172280 c:\windows\system32\FNTCACHE.DAT
+ 2012-05-10 05:25 . 2012-02-09 15:43 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
+ 2008-10-15 19:02 . 2012-04-11 13:51 1862400 c:\windows\system32\dllcache\win32k.sys
+ 2008-10-15 19:02 . 2012-04-11 13:51 2194688 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-10-15 19:02 . 2012-04-11 13:51 2028544 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-10-15 19:02 . 2012-04-11 13:51 2071168 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-10-15 19:02 . 2012-04-11 13:51 2150400 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-10-15 19:02 . 2012-04-11 13:51 2194688 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-10-15 19:02 . 2012-04-11 13:51 2028544 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-15 19:02 . 2012-04-11 13:51 2071168 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-10-15 19:02 . 2012-04-11 13:51 2150400 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2005-05-15 14:55 . 2012-05-10 05:35 55656824 c:\windows\system32\MRT.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RegistryBooster"="c:\program files\Uniblue\RegistryBooster\launcher.exe" [2012-04-01 67968]
"Odkurzacz-MCD"="c:\program files\Odkurzacz\odk_mcd.exe" [2011-02-20 370688]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-05-10 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2003-11-07 114688]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-07-10 339968]
"Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 45056]
"SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2004-06-29 180224]
"PDService.exe"="c:\program files\Utimaco\SafeGuard PrivateDisk\pdservice.exe" [2004-07-06 40960]
"PrinTray"="c:\windows\System32\spool\DRIVERS\W32X86\2\printray.exe" [2000-06-26 36864]
"VAIO Update 5"="c:\program files\Sony\VAIO Update 5\VAIOUpdt.exe" [2009-12-08 1324400]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-05-10 296056]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"wave1"=SSMSFltr.dll
"mixer1"=SSMSFltr.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [04/05/2012 21:34 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [04/05/2012 21:34 337880]
R1 PrivateDisk;PrivateDisk;c:\windows\system32\drivers\privatediskm.sys [06/07/2004 14:07 45627]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [04/05/2012 21:34 20696]
S4 Asobsttin;Asobsttin;c:\windows\system32\drivers\ndisuio.sys [04/08/2004 01:03 14592]
.
Contenu du dossier 'Tâches planifiées'
.
2012-05-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2011-10-08 19:22]
.
2012-05-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 09:11]
.
2012-05-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 09:11]
.
2012-05-10 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3224504278-4220017711-696381142-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
2012-05-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3224504278-4220017711-696381142-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
2012-05-10 c:\windows\Tasks\RegistryBooster.job
- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2012-04-17 18:56]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.sfr.fr/kit/adsl/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://fr.search.yahoo.com
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Viao\Application Data\Mozilla\Firefox\Profiles\mskquih8.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-11 01:01
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{0A23C812-28A4-A3EF-EC599404379BDED8}\{EDDB7AE9-60BA-FC8B-2A36AEA66116E16E}\{30AFDBAC-89B1-0DCB-309A1919CB2D0BED}*]
"H3CROQJYX4VDACHZCDNM4SALHE1"=hex:01,00,00,00,00,00,00,00,5c,63,e8,cf,f7,e6,fd,
3a
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B3A3A58F-967E-A40A-C7DDFB524B0CDFB3}\{B28E8422-363F-1C4B-CC056478281B7FCE}\{569EFB20-10B3-C9F5-895B6A19B8852344}*]
"H3CROQJYX4VDACHZCDNM4SALHE1"=hex:01,00,00,00,00,00,00,00,5c,63,e8,cf,f7,e6,fd,
3a
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'winlogon.exe'(616)
c:\windows\system32\SSMSFltr.dll
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'lsass.exe'(676)
c:\windows\system32\SSMSFltr.dll
.
- - - - - - - > 'explorer.exe'(540)
c:\windows\system32\SSMSFltr.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Heure de fin: 2012-05-11 01:21:07
ComboFix-quarantined-files.txt 2012-05-10 23:19
ComboFix2.txt 2012-05-09 20:47
.
Avant-CF: 15 511 781 376 octets libres
Après-CF: 15 491 006 464 octets libres
.
- - End Of File - - 5835F44ECB3511409E90397A9CFA02CD

BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:04:34 PM

Posted 13 May 2012 - 04:28 PM

Hi,

How is your English?

I can find a helper who speaks Polish if you wish. :)
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:04:34 PM

Posted 19 May 2012 - 05:43 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users