Critical system error - virus alert spam? [RESOLVED]

Need a geek? Geeks to Go offers free, quality tech support -- in terms anyone can understand. Volunteers are waiting to help, friendly, technology experts who have knowledge to share, and enjoy helping others. Feel free to browse the site as a guest. However, you must log in to reply to existing topics, or to start a new topic of your own. Other benefits of joining include richer forum features, and removal of all advertising. Learn more in our Welcome Guide Infected? Malware and Spyware Cleaning Guide. What are you waiting for? Click here to join for free today!

> Geeks to Go! » Security » Virus, Spyware and Trojan Removal

Critical system error - virus alert spam? [RESOLVED], OHPE ver.4.12_23/Spyware??

Options

spice_of_life View Member Profile	Apr 30 2006, 03:44 PM Post #1
New Member Posts: 6 OS: WINXP	Hi... Picked something up from the net but cant seem to isolate it. On my taskbar i have an icon that oscilates between a no entry sign and a green disabled person sign. Every few minites or so a blue dialogue box pops up in the lower right hand corner and tells me my computer is infected and there is virus activity present.It prompts me to log on to the net to various antimal software websites which i am reluctant to follow in case of a scam. Also I am get an annoying system message (glashing exclamation mark in the taskbar), saying the PC has been infected with OHPE ver.4.12_23/Spyware/else. Upon clicking it, it opens an ad of some antispy software or [bleep] popup. My webpage has changed to www.theguardservices.com and no matter what i do i cant remove that as my homepage. I have scanned my computer with Microsoft antispyware and also downloaded Panda antivirus just to make sure i dont have any virus...but nothing helped. I am getting tons of popups if i leave my computer on and also my comcast broadband stopped workin...right now im using my wireless connection. I don't know what to do! PLEASE HELP SOON! here is my hijack log.... Logfile of HijackThis v1.99.1 Scan saved at 5:37:24 PM, on 4/30/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe C:\WINDOWS\system32\sdpasvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\dcomcfg.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\WINDOWS\system32\Fmctrl.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Everstrike Software\Folder Crypto Password\fppservice.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE C:\Program Files\AIM\aim.exe C:\Program Files\Messenger\Msmsgs.exe C:\Program Files\Google\Google Talk\googletalk.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exe C:\WINDOWS\system32\BelkinMonitor.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\atmclk.exe C:\Program Files\Internet Explorer\iexplore.exe C:\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer presented by Comcast R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = actsvr.comcastonline.com:8100 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = cdn O2 - BHO: Nothing - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - C:\WINDOWS\system32\hp4EC7.tmp O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O3 - Toolbar: (no name) - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - (no file) O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [FmctrlTray] Fmctrl.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [FCPAgent] C:\Program Files\Everstrike Software\Folder Crypto Password\fppservice.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Antivirus Platinum\Inicio.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\Msmsgs.exe" /background O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Belkin 11Mbps Wireless Desktop Network Card Monitor.lnk = C:\WINDOWS\system32\BelkinMonitor.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing) O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing) O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing) O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1107657806525 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {D0B5B58D-8CB9-4EDB-8BB0-9D34AEF727CF} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...749/mcfscan.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe O23 - Service: SDPAUMS server service (SDPASVC) - Matsushita Electric Industrial Co.,Ltd. - C:\WINDOWS\system32\sdpasvc.exe

Posts in this topic

spice_of_life Critical system error - virus alert spam? [RESOLVED] Apr 30 2006, 03:44 PM

__RiP_ChAiN_ Hello, spice_of_life. Do not buy any products tha... Apr 30 2006, 03:48 PM

spice_of_life SmitFraudFix v2.37 Scan done at 17:52:10.39, Sun ... Apr 30 2006, 03:53 PM

__RiP_ChAiN_ Hello, spice_of_life. You should print out these ... Apr 30 2006, 03:59 PM

spice_of_life SmitFraudFix v2.37 Scan done at 18:31:16.12, Sun ... Apr 30 2006, 04:47 PM

__RiP_ChAiN_ Hello, spice_of_life. Your HijackThis log is now ... Apr 30 2006, 05:50 PM

spice_of_life QUOTE(__RiP_ChAiN_ @ Apr 30 2006, 05:50 P... Apr 30 2006, 06:21 PM

__RiP_ChAiN_ Hello, spice_of_life. Thank you for the kinds wo... Apr 30 2006, 06:27 PM

__RiP_ChAiN_ Since this issue appears to be resolved ... this T... Apr 30 2006, 06:27 PM

« Next Oldest · Virus, Spyware and Trojan Removal · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Topic Title	Replies / Views	Topic Information
Virus, Spyware and Trojan Removal "Virus Alert" [RESOLVED]	6 / 518	24th March 2006 - 10:56 PM sylvesterstein started - last by loophole
Virus, Spyware and Trojan Removal Weird System Error with Ad-aware [RESOLVED]	9 / 1,164	4th April 2006 - 06:45 AM Thrice909 started - last by Rawe
Virus, Spyware and Trojan Removal "critical system error" spyware... zeno [RESOLVED]	4 / 1,160	26th April 2006 - 11:56 PM surfpunk started - last by Daemon
Virus, Spyware and Trojan Removal Critical System Error! (is it bogus?) [RESOLVED]	15 / 1,267	24th October 2006 - 06:49 PM newONpc started - last by Buckeye_Sam