Home > Help > Help - Sophus Says I've Got Mal/Generic-A. Here's My HijackThis Logfile If It Helps

Help - Sophus Says I've Got Mal/Generic-A. Here's My HijackThis Logfile If It Helps

I have been through several rounds of emails with ZA support but they don't know either. With the block in place I had no Event Viewer logon attempts showing up. The Description is Internet. And another: 60.190.113.9. this contact form

The Default setting is either a deny or ask. Check if you have insecure applications with Secunia Software Inspector. Also, you note that you believe you are under a DoS attack. The Action is Allow.

Please post this log in your next reply. My name is Adam and I will be assisting you with getting the malware off of your computer. tomaso, Jan 27, 2017, in forum: Virus & Other Malware Removal Replies: 1 Views: 92 tomaso Jan 27, 2017 New TrojanSpy:win32 virus is on my computer please help!! The previous advice will lock the svchost in and no more funny business will happen again.

Open the Alerts and Log of the ZA. Having 12 chrome windows open and ****ing bloatware Skype isn't affecting speed positively either. In both cases the connections once established very often needs to allow inbound connections from the dns and dhcp server, thus the server right for the svchost. The Description is DNS.

It's just me. The port 135 is now closed off to port scans. Unfortunately, it seems the virus was able to do some damage during the time it took to scan, because a fake virus software window appeared on screen before I could do http://newwikipost.org/topic/BLaT7HJ9hj84NrAOaxYVyLLVWyjT0r8Z/Multiple-Virus-spyware-alerts-from-Sophus.html Join our site today to ask your question.

When I changed it, ZA gave me big warning not to change a system program. I have both Internet and Trusted Zones set to HIGH. Please perform the following scan:Download DDS by sUBs from one of the following links. The Track is Log.

Logged Bambleweeny 57 sub-meson brain Don't Surf in the Nude Blog Print Pages: [1] 2 Go Up « previous next » Avast WEBforum » Other » Viruses and https://www.bleepingcomputer.com/forums/t/224246/think-im-infected-getting-generic-host-process-win32-error-on-startup/ quote:The online problems I'm having are pop ups which say;non responsive script, on yahooshockwave player has stopped workingand something to do with javascript on Hotmail or inbox.com I believe.JavaScript is built But there is something else funny going on, since the port is shown as open. Fine.

Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 weblink Jump to content Build Theme! I have no logon ID, no PPPoE. Join 91131 other members!

Weird. The Action is BLOCK. In the Protocol, select the TCP&UDP and Description is TCP and UDP and both the Destination and Source Ports are Any. navigate here Fourth Rank will be like this: The Rank is 4.

D: is CDROM () . ==== Disabled Device Manager Items ============= . O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Microsoft Office.lnk Along with SpywareInfo, it was one of the first places to offer online malware removal training in its Classroom.

Email: Antivirus Version Last Update Result a-squared 4.0.0.101 2009.05.20 - AhnLab-V3 5.0.0.2 2009.05.19 - AntiVir 7.9.0.168 2009.05.19 - Antiy-AVL 2.0.3.1 2009.05.19 - Authentium 5.1.2.4 2009.05.19 - Avast 4.8.1335.0 2009.05.19 - AVG

Thanks in advance for any help. There are several dozen other IP addresses hitting 135 other than the two asian one I posted so I'm just blocking 135 completely. I've learned a lot as well. GRC reports that the default ZoneAlarm Pro configuration leaves port 135 OPEN!

Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dllO4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startupO4 - HKLM\..\Run: Download Chrome SMF 2.0.13 | SMF © 2015, Simple Machines XHTML RSS WAP2 Page created in 0.055 seconds with 18 queries. The IP address hardly ever changes. http://inc1.net/help/help-hijackthis-log-oxide-com.html I also see message like this that are very concerning.

Update it. 3. This is one: 61.188.38.185. Post the results here. Virus, spyware scans clean, GRC shows all ports stealth although I had to put a rule in ZA Pro to close port 135 first.

Keep replying to my posts until I give you the All Clean message. ;)If you don't reply within five days after my last instructions this topic will be closed. Isn't that what a firewall is supposed to do? Cheers, Oldsod ronsmeyerFebruary 12th, 2008, 04:54 PMOkay, thanks for the help you guys. Probability Psychology Sports Betting Other Gambling Games Internet Poker Internet Poker Winning Poker Network nj.partypoker.com