1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Malware/Fake Antivirus software/Computer running slow...

Discussion in 'Virus & Other Malware Removal' started by greg2020, Apr 15, 2010.

Thread Status:
Not open for further replies.
  1. greg2020

    greg2020 Thread Starter

    Joined:
    Jan 16, 2010
    Messages:
    2
    I was watching some streaming video when I think some very nasty and intensive malware got onto my computer. The worst is this fake shield that popped up in my tray from which a fake virus scanner would spring up. I'm also getting prompts to download and buy various things. Certain browsers aren't working. My taskmanager is full of tons of processes that are clearly fake like iexplarar. I'm nervous about even shutting down my computer because of what I won't have access to. I've run malware ATFCleaner to clear my cache and then ran Malwarebytes Anti-Malware and Spyboy search and destory. Here is my current hijack this log. I've run it a few times but some of the things present won't go away.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:26:04 PM, on 4/14/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\wltrysvc.exe
    C:\WINDOWS\System32\bcmwltry.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\DOCUME~1\CAITLI~1\LOCALS~1\Temp\lsass.exe
    C:\Documents and Settings\Caitlin Feltes\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Caitlin Feltes\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\DOCUME~1\CAITLI~1\LOCALS~1\Temp\taskmgr.exe
    C:\DOCUME~1\CAITLI~1\LOCALS~1\Temp\system.exe
    C:\DOCUME~1\CAITLI~1\LOCALS~1\Temp\winlogon.exe
    C:\DOCUME~1\CAITLI~1\LOCALS~1\Temp\services.exe
    C:\DOCUME~1\CAITLI~1\LOCALS~1\Temp\csrss.exe
    C:\DOCUME~1\CAITLI~1\LOCALS~1\Temp\svchost.exe
    C:\DOCUME~1\CAITLI~1\LOCALS~1\Temp\spoolsv.exe
    C:\Documents and Settings\Caitlin Feltes\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Caitlin Feltes\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Caitlin Feltes\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    O2 - BHO: C:\WINDOWS\system32\gzp8xcc.dll - {A9BA40A1-74F1-52BD-F431-00B15A2C8953} - C:\WINDOWS\system32\gzp8xcc.dll
    O4 - HKLM\..\Run: [Bzihul] rundll32.exe "C:\WINDOWS\eligifop.dll",Startup
    O4 - HKCU\..\Run: [hsf87efjhdsf87f3jfsdi7fhsujfd] C:\DOCUME~1\CAITLI~1\LOCALS~1\Temp\spoolsv.exe
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O22 - SharedTaskScheduler: hasiufhiusdfjdhfudd - {A9BA40A1-74F1-52BD-F431-00B15A2C8953} - C:\WINDOWS\system32\gzp8xcc.dll
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Unknown owner - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe (file missing)
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

    --
    End of file - 3095 bytes
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/917027

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice