Jump to content

Marshall

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi, I am looking for any help possible regarding the following issues: I am getting tons of pop up messages about spybot@mxt being on my computer, I am also getting what i guess are non-trend micro alerts from networm-i.virus@fp, trojan-spy.win32@mx, and sw.x-vir trojan, but those alerts just lead to "bestseller antivirus" pop up ads. Spybot and Trend Micro are showing me new spyware to delete every day. My explorer.exe is often using up the computer even when Im not doing anything. Trend Micro also detects a Trojan in my \local settings\temp folder which i manually delete each time i see it. I also have a "security toolbar" on my internet explorer which i did not install (and i have not added new programs lately) and hijackthis will not let me fix that. Even now I am getting tons of security alerts in my windows toolbar regarding spyware. here is my hijack this log. Any help at all would be greatly appreciated! Please and thank you! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:05:17 PM, on 11/4/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\nvsvc32.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\taskmgr.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PCCMAIN.EXE C:\PROGRA~1\TRENDM~1\INTERN~1\PccHCMS.exe C:\Program Files\Outlook Express\MSIMN.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Installs\HiJackThis2.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.espn.go.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\SZSG.dll (file missing) O2 - BHO: (no name) - {32E40498-D86D-4838-856A-8D6E1E6AC0F4} - C:\WINDOWS\System32\qomkl.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\System32\golnkblx.dll O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll (file missing) O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\System32\golnkblx.dll O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\RunOnce: [spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKLM\..\RunOnce: [spybotDeletingA3171] command /c del "C:\WINDOWS\SYSTEM32\golnkblx.dll_old" O4 - HKLM\..\RunOnce: [spybotDeletingC1719] cmd /c del "C:\WINDOWS\SYSTEM32\golnkblx.dll_old" O4 - HKLM\..\RunOnce: [spybotDeletingA7169] command /c del "C:\WINDOWS\SYSTEM32\golnkblx.dll" O4 - HKLM\..\RunOnce: [spybotDeletingC3593] cmd /c del "C:\WINDOWS\SYSTEM32\golnkblx.dll" O4 - HKCU\..\RunOnce: [spybotDeletingB4539] command /c del "C:\WINDOWS\SYSTEM32\golnkblx.dll_old" O4 - HKCU\..\RunOnce: [spybotDeletingD8093] cmd /c del "C:\WINDOWS\SYSTEM32\golnkblx.dll_old" O4 - HKCU\..\RunOnce: [spybotDeletingB3957] command /c del "C:\WINDOWS\SYSTEM32\golnkblx.dll" O4 - HKCU\..\RunOnce: [spybotDeletingD9687] cmd /c del "C:\WINDOWS\SYSTEM32\golnkblx.dll" O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing) O20 - Winlogon Notify: golnkblx - C:\WINDOWS\SYSTEM32\golnkblx.dll O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe -- End of file - 4728 bytes ~1\tmproxy.exe
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.