Jump to content

HopeLess

Members
 View Profile  See their activity

  • Posts

    2

  • Joined

  • Last visited

Reputation

0 Neutral
  1. HopeLess
    Okay...Well i am posting the same info again over from another posting...I am a computer dune or the most part so i hope i did all that was instructed under my last message. I am posting again the log that Highjack this created. I attempted to run the "analyze this" however i am prompted with a message prompting me that the program has encountered a problem and must shut down. As mentioned in the topic title...the computer in question is part of a larger company network. A company that does NOT have an IT dept or furnish its employees with virus protection of any kind. I am desperate to solve this issue and bring my computer back to a safe ops level. Please review the below post that was created by Highjack this and let me know what i need to do next. **Be advised: I am a layman at this so please take that into consideration when taking time to reply. Consider your efforts to be a huge display of charity and good point with whomever for your soul.....*** I appreciate any and all efforts offered up by the members here. Thank you. HL Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:28:39 AM, on 1/8/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\nfscsrv.exe C:\PROGRA~1\TUN\COMMON\ESLCBCST.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\winscenter.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\Program Files\TUN\tcpw\walld32.exe C:\Program Files\TUN\TCPW\wportm32.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\TUN\contain\EskCntr.exe C:\WINDOWS\explorer.exe C:\WINDOWS\9129837.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\DOCUME~1\blopez\LOCALS~1\Temp\system.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://*.windowsupdate.com O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = national.com O17 - HKLM\Software\..\Telephony: DomainName = national.com O17 - HKLM\System\CCS\Services\Tcpip\..\{FB4F4534-EAC6-4015-926B-013AA460046E}: NameServer = 10.101.1.2,12.127.16.67 O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = national.com O17 - HKLM\System\CS4\Services\Tcpip\Parameters: Domain = national.com O17 - HKLM\System\CS5\Services\Tcpip\Parameters: Domain = national.com O17 - HKLM\System\CS6\Services\Tcpip\Parameters: Domain = national.com O20 - AppInit_DLLs: yypawh.dll O21 - SSODL: ieModule - {FF2A707D-FE50-4EB6-BA52-2FD7111BF5D0} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll O21 - SSODL: InternetConnection - {C4490069-4043-4377-8B8E-C87162C9F7D7} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\hfiyknaexd.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Esker License Control (EskerLicenseControl) - Esker - C:\PROGRA~1\TUN\COMMON\ESLCBCST.EXE O23 - Service: Esker FTPD (ftpds) - Esker - C:\PROGRA~1\TUN\TCPW\WFTPDSNT.EXE O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Esker LPD (lpds) - Esker - C:\PROGRA~1\TUN\TCPW\WLPDSNT.EXE O23 - Service: Esker NFSD (nfsds) - Esker - C:\PROGRA~1\TUN\TCPW\WNFSDSNT.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PC Tools Auxiliary Service (sdauxservice) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing) O23 - Service: PC Tools Security Service (sdcoreservice) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing) O23 - Service: Esker NFS, Network Provider (TunNfsNP) - Unknown owner - C:\WINDOWS\system32\nfscsrv.exe -- End of file - 8076 bytes
  2. HopeLess
    Help me PLEASE!!!!! My computer is going bananas. Every minute or so i getting pop-up windows from web sites i have not opened, or alarms from Avast telling me that my computer is infected with worms, trojans etc etc. I have been scanning through things on the web and i noticed that everyone has posted a Highjack this report. Please see below and take me through this....i am no IT expert or even novice for that matter. I'm just a regular someone who has been rendered hopeless by these problems. Please Help. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:28:39 AM, on 1/8/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\nfscsrv.exe C:\PROGRA~1\TUN\COMMON\ESLCBCST.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\winscenter.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\Program Files\TUN\tcpw\walld32.exe C:\Program Files\TUN\TCPW\wportm32.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\TUN\contain\EskCntr.exe C:\WINDOWS\explorer.exe C:\WINDOWS\9129837.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\DOCUME~1\blopez\LOCALS~1\Temp\system.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://*.windowsupdate.com O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = national.com O17 - HKLM\Software\..\Telephony: DomainName = national.com O17 - HKLM\System\CCS\Services\Tcpip\..\{FB4F4534-EAC6-4015-926B-013AA460046E}: NameServer = 10.101.1.2,12.127.16.67 O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = national.com O17 - HKLM\System\CS4\Services\Tcpip\Parameters: Domain = national.com O17 - HKLM\System\CS5\Services\Tcpip\Parameters: Domain = national.com O17 - HKLM\System\CS6\Services\Tcpip\Parameters: Domain = national.com O20 - AppInit_DLLs: yypawh.dll O21 - SSODL: ieModule - {FF2A707D-FE50-4EB6-BA52-2FD7111BF5D0} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll O21 - SSODL: InternetConnection - {C4490069-4043-4377-8B8E-C87162C9F7D7} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\hfiyknaexd.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Esker License Control (EskerLicenseControl) - Esker - C:\PROGRA~1\TUN\COMMON\ESLCBCST.EXE O23 - Service: Esker FTPD (ftpds) - Esker - C:\PROGRA~1\TUN\TCPW\WFTPDSNT.EXE O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Esker LPD (lpds) - Esker - C:\PROGRA~1\TUN\TCPW\WLPDSNT.EXE O23 - Service: Esker NFSD (nfsds) - Esker - C:\PROGRA~1\TUN\TCPW\WNFSDSNT.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PC Tools Auxiliary Service (sdauxservice) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing) O23 - Service: PC Tools Security Service (sdcoreservice) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing) O23 - Service: Esker NFS, Network Provider (TunNfsNP) - Unknown owner - C:\WINDOWS\system32\nfscsrv.exe -- End of file - 8076 bytes
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.