MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: my computer is veryl ow
November 19, 2019, 06:30:49 PM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
November 19, 2019, 06:30:49 PM

Login with username, password and session length
 Featured Sites:
News
New  We now offer MyTechSupport.ca Merchandise! Every purchase goes towards maintaining our site.
Thank you for supporting MyTechSupport.ca!
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: my computer is veryl ow  (Read 2483 times)
WENDOLIN
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 8


Bookmark and Share

View Profile
« on: April 23, 2008, 03:19:31 PM »

my computers es verly low, I have a very problems, the programs are not funcion
Logged
WENDOLIN
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 8


Bookmark and Share

View Profile
« Reply #1 on: April 23, 2008, 03:20:09 PM »

please Ineed help
Logged
WENDOLIN
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 8


Bookmark and Share

View Profile
« Reply #2 on: April 23, 2008, 03:22:18 PM »

my computer is a very  problem for the sistem is slow
Logged
WENDOLIN
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 8


Bookmark and Share

View Profile
« Reply #3 on: April 23, 2008, 03:27:28 PM »

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:04:38, on 23/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\system32\acs.exe
C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Archivos de programa\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\ARCHIV~1\MI6841~1\MSSQL\binn\sqlservr.exe
C:\Archivos de programa\Panda Software\Panda Administrator 3\Pav_Agent\Pagent.exe
C:\Archivos de programa\Panda Software\Panda Administrator 3\Scheduler\pavsched.exe
C:\Archivos de programa\Panda Software\Panda Administrator 3\Pav_Agent\pagentwd.exe
C:\Archivos de programa\Archivos comunes\Panda Software\PavShld\pavprsrv.exe
C:\Archivos de programa\Trend Micro\Internet Security\SfCtlCom.exe
C:\Archivos de programa\Trend Micro\BM\TMBMSRV.exe
C:\Archivos de programa\Trend Micro\Internet Security\UfSeAgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Windows Live\Messenger\MsnMsgr.Exe
C:\Archivos de programa\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Archivos de programa\Belkin\PCI F5D7000\Wireless Utility\Belkinwcui.exe
C:\Archivos de programa\Windows Desktop Search\WindowsSearch.exe
C:\ARCHIV~1\INCRED~1\bin\IMApp.exe
C:\Archivos de programa\Windows Desktop Search\WindowsSearchIndexer.exe
C:\ARCHIV~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Archivos de programa\Trend Micro\Internet Security\TmProxy.exe
C:\Archivos de programa\Windows Live\Messenger\usnsvc.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Administrador\Escritorio\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = V
Logged
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #4 on: April 23, 2008, 10:47:56 PM »



Please download SDFix from here and save it to your desktop

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.

Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).
Please copy and paste that log in your next reply.

=================================


Ok.We  need to download ComboFix.exe. This will  give a better view to the files running and also hidden on your computer.

Please visit this webpage for download links, and instructions for running ComboFix


When the tool is finished, it will produce a report for you. Please copy and paste the "C:\ComboFix.txt" along with a new 'HijackThis' log so that we can continue to do any further cleaning that your system may require.

Caution: Never run and remove files with Combofix unless supervised by a qualified  security analyst who is experienced in the use of Combofix. Mal use can cause serious computer problems

NOTE: Combofix prevents autorun of all CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you - please let me know.
Logged

An Australian Member of

EDDY
WENDOLIN
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 8


Bookmark and Share

View Profile
« Reply #5 on: April 24, 2008, 07:33:56 PM »

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:33:44, on 24/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\acs.exe
C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Bonjour\mDNSResponder.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\ARCHIV~1\MI6841~1\MSSQL\binn\sqlservr.exe
C:\Archivos de programa\Panda Software\Panda Administrator 3\Pav_Agent\Pagent.exe
C:\Archivos de programa\Panda Software\Panda Administrator 3\Pav_Agent\pagentwd.exe
C:\Archivos de programa\Panda Software\Panda Administrator 3\Scheduler\pavsched.exe
C:\Archivos de programa\Archivos comunes\Panda Software\PavShld\pavprsrv.exe
C:\Archivos de programa\Trend Micro\Internet Security\SfCtlCom.exe
C:\Archivos de programa\Trend Micro\BM\TMBMSRV.exe
C:\Archivos de programa\Trend Micro\Internet Security\UfSeAgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\svchost.exe
C:\ARCHIV~1\INCRED~1\bin\IMApp.exe
C:\Archivos de programa\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Archivos de programa\Belkin\PCI F5D7000\Wireless Utility\Belkinwcui.exe
C:\Archivos de programa\Windows Desktop Search\WindowsSearch.exe
C:\Archivos de programa\Windows Desktop Search\WindowsSearchIndexer.exe
C:\ARCHIV~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Archivos de programa\Trend Micro\Internet Security\TmProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Administrador\Escritorio\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = V
Logged
WENDOLIN
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 8


Bookmark and Share

View Profile
« Reply #6 on: April 24, 2008, 07:35:06 PM »


SDFix: Version 1.174
Run by Administrador on 24/04/2008 at 14:02

Microsoft Windows XP [Versi
Logged
WENDOLIN
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 8


Bookmark and Share

View Profile
« Reply #7 on: April 24, 2008, 07:36:52 PM »

ComboFix 08-04-22.5 - Administrador 2008-04-24 14:19:44.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1252.1.3082.18.423 [GMT -5:00]
Se ejecuta desde: C:\Documents and Settings\Administrador\Escritorio\ComboFix.exe
 * Creado un nuevo punto de restauraci
Logged
WENDOLIN
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 8


Bookmark and Share

View Profile
« Reply #8 on: April 24, 2008, 07:37:58 PM »

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\StubInstaller.exe"=
"C:\\Archivos de programa\\LimeWire\\LimeWire.exe"=
"C:\Archivos de programa\Panda Software\Panda Administrator 3\Pav_Agent\Pagent.exe"= C:\Archivos de programa\Panda Software\Panda Administrator 3\Pav_Agent\Pagent.exe
"C:\\Archivos de programa\\IncrediMail\\bin\\IMApp.exe"=
"C:\\Archivos de programa\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Archivos de programa\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Archivos de programa\\Bonjour\\mDNSResponder.exe"=
"C:\\Archivos de programa\\iTunes\\iTunes.exe"=
"C:\\Archivos de programa\\Skype\\Phone\\Skype.exe"=
"C:\\Archivos de programa\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Archivos de programa\\Windows Live\\Messenger\\livecall.exe"=

R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\drivers\ShldDrv.sys [2005-08-29 07:23]
R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2006-04-25 10:02]
R3 BLKWGD;Belkin Wireless G Desktop Card Service;C:\WINDOWS\system32\DRIVERS\BLKWGD.sys [2005-06-01 22:37]
R3 wlanndi5;wlanndi5 NDIS Protocol Driver;C:\WINDOWS\system32\wlanndi5.SYS [2004-04-21 17:51]
S3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys []
S3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\system32\PavTPK.sys []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{214b4f6d-e2d1-11db-8efb-001150d35b5b}]
\Shell\Auto\command - adp.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2548f369-1b22-11db-8dff-001150d35b5b}]
\Shell\Auto\command - F:\adp.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47f90ff5-1da0-11dc-8f46-001150d35b5b}]
\Shell\Auto\command - adp.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{625d0c42-a650-11db-8ea9-001150d35b5b}]
\Shell\Auto\command - F:\adp.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a83ebc65-d6ef-11da-8dbb-001676349e7e}]
\Shell\Auto\command - adp.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e11616ae-7e1f-11db-8e77-001150d35b5b}]
\Shell\Auto\command - fun.xls.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fde48b89-2650-11dc-8f5a-001150d35b5b}]
\Shell\Auto\command - adp.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe

.
Contenido de carpeta 'Tareas Programadas'
"2008-01-16 19:57:59 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Archivos de programa\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-24 14:23:42
Windows 5.1.2600 Service Pack 2 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 5

**************************************************************************
.
Tiempo completado: 2008-04-24 14:26:16
ComboFix-quarantined-files.txt  2008-04-24 19:26:07

              20 dirs  45,687,296,000 bytes libres
              23 dirs  45,947,920,384 bytes libres

151   --- E O F ---   2008-04-09 22:01:36


Ok these are the reports

Thanks,

wendolin
Logged
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page July 04, 2018, 01:12:00 PM