Kindly be advised we cannot cancel subscriptions or issue refunds on the forum.
You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/

Thank you for your understanding.

My Pc Is Deading!

Options
puma512
puma512
in Malware talk

Hi


I cursed son at a virus. The PC turns and a few seconds after you turn off and so on continuously.


I managed to start only with UBCD4windows Ultimate Boot CD for Windows * if someone can serve, can be found here http://www.ubcd4win.com/ and enough free download, and CD Burning in the pc does not go over the place and he is alone.


And so doing I managed to run the hijack and the result and this>


Scuse me 4 my bad english...ok?


Logfile of Trend Micro HijackThis v2.0.0 (BETA)


Scan saved at 17.34.45, on 21/11/08


Platform: Windows XP SP2 (WinNT 5.01.2600)


Boot mode: Normal


Running processes:


X:\I386\system32\csrss.exe


X:\I386\system32\services.exe


X:\I386\system32\lsass.exe


X:\I386\system32\svchost.exe


X:\Programs\Nu2Menu\nu2menu.exe


X:\programs\geoshell\GEOSHELL.EXE


X:\I386\system32\svchost.exe


X:\I386\system32\svchost.exe


X:\PROGRAMS\Firefox\firefox.exe


X:\PROGRAMS\xplorer2\xplorer2.exe


B:\UBCD4Win User Settings\Administrator\My Documents\HiJackThis_v2.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank


F2 - REG:system.ini: Shell=preshell.exe


O13 - DefaultPrefix:


O13 - WWW Prefix:


O13 - Home Prefix:


O13 - Mosaic Prefix:


O13 - FTP Prefix:


O13 - Gopher Prefix:


O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone (HKLM)


O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone (HKLM)


O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone (HKLM)


O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM)


O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone (HKLM)


O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - X:\I386\System32\browseui.dll


O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - X:\I386\System32\browseui.dll


O23 - Service: AntiVir Personal Scheduler (AntiVirScheduler) - Unknown owner - B:\AntiVir\sched.exe (file missing)


O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - X:\I386\System32\msdtc.exe (file missing)


O23 - Service: Virtual Disk Service (vds) - Unknown owner - X:\I386\System32\vds.exe (file missing)


--


End of file - 1916 bytes


In attesa di gia ringrazio a chi si offre ad aiutarmi.


Marcello

Comments

  • alexcrist
    alexcrist
    Options

    HijackThis only provides valuable and usable information only if it is used from within the infected operating system. If used from another operating system (such as UBCD4Windows), the log of HijackThis is totally useless, as it doesn't provide any information whatsoever about the infected system.


    So, in simple words... the log that you posted doesn't offer any clues related to your problem.


    Try running your system in SafeMode (reboot, press F8 multiple times until the Boot Menu appears, and select SafeMode). Then maybe the system can start and you can run HijackThis correctly. If you can, post that log.


    Cris.

All Time Leaders

Categories

Defenders of the month