Jump to content

Is there still a problem?


hobby3
 Share

Recommended Posts

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 09:24:32, on 07/02/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Sygate\SPF\smc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\cisvc.exe

C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\cidaemon.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\Program Files\Microsoft Hardware\Keyboard\type32.exe

C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe

C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 3.5\BHR3.5.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Orange\Systray\SystrayApp.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Orange\Launcher\Launcher.exe

C:\Program Files\Orange\connectivity\connectivitymanager.exe

C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe

C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe

C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe

C:\Program Files\Mozilla Firefox 3 Beta 3\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bsi.fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fen

Link to post
Share on other sites

Where is your MBAM log and what issue are you having?

Hello,

Here it is, I update it regularly like all my programs and I use CCleaner. It did't find anything. Yesterday it did: rogue installer in my Program.files, I deleted it. Then I scanned again. Antivir didn't find anything either, so didn't Spybot search and destroy.

Thank you in advance.

hobby3

Malwarebytes' Anti-Malware 1.33

Version de la base de donn

Link to post
Share on other sites

Before scanning I turnt off the System Restore and after it I turnt it on again.

Before scanning I put on my computer with a button number F8, as they say we should do when cleaning and to be sure the malware is not active.

Now I have no problems with my computer, it works normally. I am very careful, I never forget to update my programs. But I like surfing, I use Firefox. So I sometimes or quite rarely have some spywares, one or two.

Thank you for your answer.

hobby3

Link to post
Share on other sites

  • Root Admin

I'll close your post soon so that other don't post into it and leave you with this information and suggestions.

So how did I get infected in the first place?

At this time your system appears to be clean. Nothing else in the logs indicates that you are still infected.

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Disable and Enable System Restore-VISTA

This is a good time to clear your existing system restore points and establish a new clean restore point:

Turn off System Restore-Vista

  • Click the
    Vista/Start
    icon.
  • Right Click >> Computer

  • Click
    Properties
    .

  • Click the
    System Protection tab
    .

  • Uncheck
    All drives

  • Click "Turn Off System Restore" at the prompt then click "Apply".

  • Restart your computer.

Turn ON System Restore-Vista

  • Click the
    Vista/Start
    icon
  • Right Click >> Computer

  • Click
    Properties
    .

  • Click the
    System Protection tab
    .

  • Checkmark All drives
    that were selected previously then click "Apply".

This will remove all restore points except the new one you just created.

Here are some free programs I recommend that could help you improve your computer's security.

(Vista users, you must ensure that any program versions downloaded are Vista compatible
BEFORE
installing)

Install SpyWare Blaster

Download it from
here

Find here the tutorial on how to use Spyware Blaster
here

Install WinPatrol

Download it from
here

Here you can find information about how WinPatrol works
here

Install FireTrust SiteHound

You can find information and download it from
here

Install hpHosts

Download it from
here

hpHosts is a community managed and maintained hosts file that allows an additional layer of protection against access to ad,

tracking and malicious websites. This prevents your computer from connecting to these untrusted sites

by redirecting them to 127.0.0.1 which is your own local computer.

Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.

You can use one of these sites to check if any updates are needed for your pc.

Enable automatic Windows Update on your system in Control Panel, or at least manually scan each week for updates.

The windows firewall is not sufficient to protect your system. It doesn't monitor outgoing traffic well and this is a must. I recommend
Comodo Firewall Pro

A little outdated but good reading on

how to prevent Malware

Since this issue is resolved I will close the thread to prevent others from posting into it. If you need assistance please start your own topic and someone will be happy to assist you.

The fixes and advice in this thread are for this machine only. Do not apply to your machine unless you
Fully Understand

how these programs work and what you're doing. Please start a thread of your own and someone will be happy to help you, just follow the Pre-Hijackthis instructions found here before posting
Pre- HJT Post Instructions

Also don't forget that we offer
FREE
assistance with General PC questions and repair here
PC Help

If you're pleased with the product
Malwarebytes
and the service provided you, please let your friends, family, and co-workers know.
http://www.malwarebytes.org

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.