MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: my cumputer dont have powe is very low
November 19, 2019, 06:31:20 PM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
November 19, 2019, 06:31:20 PM

Login with username, password and session length
 Featured Sites:
News
New  Check out our improved Download section for tons of software....
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: my cumputer dont have powe is very low  (Read 1477 times)
cpaf
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 5


Bookmark and Share

View Profile
« on: April 23, 2008, 03:24:24 PM »

hello

My computer have very viruses, pls readmy haijackthis.

Thanks

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:12:53, on 01/01/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Archivos de programa\Trend Micro\Internet Security\SfCtlCom.exe
C:\Archivos de programa\Trend Micro\BM\TMBMSRV.exe
C:\Archivos de programa\Trend Micro\Internet Security\UfSeAgnt.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\CAP3RSK.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Belkin\PCI F5D7000\Wireless Utility\Belkinwcui.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP3LAK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\ARCHIV~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Archivos de programa\Trend Micro\Internet Security\TmProxy.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Documents and Settings\COGEMINPA  cia\Escritorio\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = V
Logged
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #1 on: April 23, 2008, 10:39:36 PM »



Please download SDFix from here and save it to your desktop

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.

Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).
Please copy and paste that log in your next reply.

=================================


Ok.We  need to download ComboFix.exe. This will  give a better view to the files running and also hidden on your computer.

Please visit this webpage for download links, and instructions for running ComboFix


When the tool is finished, it will produce a report for you. Please copy and paste the "C:\ComboFix.txt" along with a new 'HijackThis' log so that we can continue to do any further cleaning that your system may require.

Caution: Never run and remove files with Combofix unless supervised by a qualified  security analyst who is experienced in the use of Combofix. Mal use can cause serious computer problems

NOTE: Combofix prevents autorun of all CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you - please let me know.
Logged

An Australian Member of

EDDY
cpaf
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 5


Bookmark and Share

View Profile
« Reply #2 on: April 24, 2008, 08:40:01 PM »


SDFix: Version 1.174
Run by COGEMINPA  cia on 24/04/2008 at 14:57

Microsoft Windows XP [Versi
Logged
cpaf
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 5


Bookmark and Share

View Profile
« Reply #3 on: April 24, 2008, 08:41:21 PM »

ComboFix 08-04-22.5 - COGEMINPA  cia 2008-04-24 15:21:23.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1252.34.3082.18.143 [GMT -5:00]
Se ejecuta desde: C:\Documents and Settings\COGEMINPA  cia\Escritorio\ComboFix.exe
 * Creado un nuevo punto de restauraci
Logged
cpaf
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 5


Bookmark and Share

View Profile
« Reply #4 on: April 24, 2008, 08:42:10 PM »

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Archivos de programa\\Messenger\\msmsgs.exe"=
"C:\\Archivos de programa\\Real\\RealPlayer\\realplay.exe"=
"C:\\Archivos de programa\\Outlook Express\\msimn.exe"=
"C:\\Archivos de programa\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Archivos de programa\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\StubInstaller.exe"=
"C:\\Archivos de programa\\LimeWire\\LimeWire.exe"=
"C:\\Archivos de programa\\MSN Messenger\\msnmsgr.exe"=
"C:\\Archivos de programa\\MSN Messenger\\livecall.exe"=

R3 BLKWGD;Belkin Wireless G Desktop Card Service;C:\WINDOWS\system32\DRIVERS\BLKWGD.sys [2005-06-01 22:37]
R3 wlanndi5;wlanndi5 NDIS Protocol Driver;C:\WINDOWS\system32\wlanndi5.SYS [2004-04-21 17:51]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{01ebad02-2baa-11db-ab3d-00115b154c5c}]
\Shell\Auto\command - E:\adp.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32ba8bbc-2e37-11dc-ac96-00115b154c5c}]
\Shell\Auto\command - adp.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{48dcaef2-d1ad-11db-abff-00115b154c5c}]
\Shell\Auto\command - E:\adp.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4fff4f3c-9773-11dc-ad13-00115b154c5c}]
\Shell\Auto\command - adp.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5560ff6f-a644-11db-abb5-0011506f7357}]
\Shell\Auto\command - E:\adp.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c892032-78b3-11db-ab7e-00115b154c5c}]
\Shell\Auto\command - E:\fun.xls.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6c52b4a5-619e-11da-809e-00115b154c5c}]
\Shell\Auto\command - E:\adp.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c3123b1a-c383-11dc-ad3c-00115b154c5c}]
\Shell\AutoRun\command - g2p3s.exe
\Shell\explore\Command - g2p3s.exe
\Shell\open\Command - g2p3s.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd429d55-f413-11db-ac49-00115b154c5c}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd429d56-f413-11db-ac49-00115b154c5c}]
\Shell\Auto\command - adp.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe

.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-24 15:23:57
Windows 5.1.2600 Service Pack 2 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  IMJPMIG8.2 = msime82.exe???.

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 1

**************************************************************************
.
Tiempo completado: 2008-04-24 15:27:32
ComboFix-quarantined-files.txt  2008-04-24 20:27:27

              27 dirs  106,069,512,192 bytes libres
              31 dirs  106,061,266,944 bytes libres

130   --- E O F ---   2007-09-12 20:01:49
Logged
cpaf
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 5


Bookmark and Share

View Profile
« Reply #5 on: April 24, 2008, 08:44:12 PM »

this is my new hijackthis thanks is that al?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:36:50, on 24/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Archivos de programa\Trend Micro\Internet Security\SfCtlCom.exe
C:\Archivos de programa\Trend Micro\BM\TMBMSRV.exe
C:\Archivos de programa\Trend Micro\Internet Security\UfSeAgnt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\CAP3RSK.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Belkin\PCI F5D7000\Wireless Utility\Belkinwcui.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP3LAK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\ARCHIV~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\Archivos de programa\Trend Micro\Internet Security\TmProxy.exe
C:\Archivos de programa\Trend Micro\Internet Security\UfUpdUi.exe
C:\Documents and Settings\COGEMINPA  cia\Escritorio\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = V
Logged
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #6 on: May 01, 2008, 12:48:27 AM »


Before we can carry on with your cleanup we need to install your Recovery Console.
Go to Microsoft's website => http://support.microsoft.com/kb/310994
Select the download that's appropriate for your Operating System




Download the file & save it as it's originally named, next to ComboFix.exe.






Now close all open windows and programs, including all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Drag the setup package onto ComboFix.exe and drop it.
  • Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console.
  • At the next prompt, click 'Yes' to run the full ComboFix scan.


  • When the tool is finished, it will produce a report for you.
Please post the C:\ComboFix.txt along with a new HijackThis log for further review.












Logged

An Australian Member of

EDDY
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page July 30, 2017, 02:58:56 AM