savgbst
2008-10-21, 23:05
OK, looks like some one dowloaded somethign on to our workstation computer. you guys will have to say things in potatoe head, because I'm a computer retard, but I'm all we've got. I downloaded and ran the Hijakthis thing, and heres the log. as soon as i post this im going to reboot in safe mode and sun spybot as per your instructions. sorry to make you deal with thte slow of wit. thanks for help!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:55:00 PM, on 10/21/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\progra~1\opentech\ipAdminSvc.exe
C:\progra~1\opentech\otSiteLinkManager.exe
C:\WINDOWS\system32\ctfmon.exe
c:\progra~1\sitelink\SiteLink.exe
C:\Program Files\Acroprint\Attendance Rx\AttendanceRx.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
c:\progra~1\opentech\otStorageSvr.exe
C:\Program Files\SiteLink\SiteLink.exe
C:\Program Files\Active-Charge\active-charge.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\elkgrove\Desktop\HiJackThis.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:55:00 PM, on 10/21/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\progra~1\opentech\ipAdminSvc.exe
C:\progra~1\opentech\otSiteLinkManager.exe
C:\WINDOWS\system32\ctfmon.exe
c:\progra~1\sitelink\SiteLink.exe
C:\Program Files\Acroprint\Attendance Rx\AttendanceRx.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
c:\progra~1\opentech\otStorageSvr.exe
C:\Program Files\SiteLink\SiteLink.exe
C:\Program Files\Active-Charge\active-charge.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\elkgrove\Desktop\HiJackThis.exe