Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware I think

Started by bbadaboum , Oct 14 2005 11:06 AM

  • Please log in to reply

#1
bbadaboum
Posted 14 October 2005 - 11:06 AM

bbadaboum

    New Member

  • Member
  • Pip
  • 3 posts
[font=Arial][size=7] PLEASE CAN SOMEONE HELP ME FO THE SECOND TIME???

I have 3 computers at home.
Mine is independent and works fine with BitDefender 8.

The other 2 were connected until July p.p (Sebastien and Catherine).

Sebastien's computer had a virus (message alerts all the time, slower and blocking after entering the internet) and I've decided to copy all it's files into Catherine's computer. After copying the files, I disconnected these 2 computers and proceeded formatting Sebastien's computer hard drive. The problems kept on going when I discovered geekstogo were I was advised to do some downloads of hijack, cleanup, killbox and ewido. Although I don't think that it is totally solved on that computer, I can now be on the internet for as long as I want.

Because I copied the files into Catherine's computer (how stupid of me) I then injected the problem into her computer. After doing in her computer the same I did in Sebastien's computer the final result was null. It keeps having message alerts, slows down and blocking after entering the internet. So I've decided once more to contact you to solve this issue.

SO I’M SENDING YOU SEBASTIEN’S HIJACKTHIS LOG for you to tell me if there is something else I can do on his computer
SEBASTIEN'S COMPUTER
Logfile of HijackThis v1.99.1
Scan saved at 16:07:34, on 29-09-2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\csrs.exe
C:\Programas\Ficheiros comuns\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Programas\Ficheiros comuns\Softwin\BitDefender Scan Server\bdss.exe
C:\Programas\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Programas\Softwin\BitDefender8\bdmcon.exe
C:\Programas\Softwin\BitDefender8\bdoesrv.exe
C:\Programas\Softwin\BitDefender8\bdnagent.exe
C:\Programas\Softwin\BitDefender8\bdswitch.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programas\Messenger\msmsgs.exe
C:\Programas\Softwin\BitDefender8\vsserv.exe
C:\Documents and Settings\Kete\Ambiente de trabalho\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Programas\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [BDMCon] C:\Programas\Softwin\BitDefender8\\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Programas\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Programas\Softwin\BitDefender8\\bdnagent.exe
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Programas\Softwin\BitDefender8\\bdswitch.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programas\Messenger\msmsgs.exe" /background
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programas\Ficheiros comuns\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Programas\Softwin\BitDefender8\vsserv.exe
O23 - Service: Windows Time Sync (wservtime) - Unknown owner - C:\WINDOWS\csrs.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Programas\Ficheiros comuns\Softwin\BitDefender Communicator\xcommsvr.exe

And

CATHERINE’S HIJACKTHIS LOG with it’s present problems to solve
CATHERINE'S COMPUTER
Logfile of HijackThis v1.99.1
Scan saved at 15:50:14, on 14-10-2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programas\Ficheiros comuns\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Programas\Ficheiros comuns\Softwin\BitDefender Scan Server\bdss.exe
C:\Programas\Softwin\BitDefender8\vsserv.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Catarina\Ambiente de trabalho\HijackThis.exe
C:\Programas\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Programas\Softwin\BitDefender8\bdmcon.exe
C:\Programas\Softwin\BitDefender8\bdoesrv.exe
C:\Programas\Softwin\BitDefender8\bdnagent.exe
C:\Programas\Softwin\BitDefender8\bdswitch.exe
C:\WINDOWS\System32\ctfmon.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Programas\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [BDMCon] C:\Programas\Softwin\BitDefender8\\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Programas\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Programas\Softwin\BitDefender8\\bdnagent.exe
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Programas\Softwin\BitDefender8\\bdswitch.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1129295710878
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programas\Ficheiros comuns\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Programas\Softwin\BitDefender8\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Programas\Ficheiros comuns\Softwin\BitDefender Communicator\xcommsvr.exe


As you can easily guess, I’m not a professional, but I do understand some things about computers.

P L E A S E H E L P M E

P.S. The 2 computers belong to my children, one of them beeing a 14 years boy, and although with BitDefender installed, My guess is He got the virus visiting Sites... You know. :tazz:

Edited by bbadaboum, 17 October 2005 - 07:14 AM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP