Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Please Help With Red Danger Spyware Background

  • Please log in to reply



    New Member

  • Member
  • Pip
  • 2 posts
My background has been hijacked with the Red Danger Spyware screen. Many of my icon are missing as well. I have ran all the spyware programs and a virus scan. Thanks to anybody who has the time to help me out. Here is my Hijack This Log:

Logfile of HijackThis v1.99.1
Scan saved at 6:20:52 PM, on 3/30/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\New Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Hoover\LOCALS~1\Temp\se.dll/sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Hoover\LOCALS~1\Temp\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {B18CF986-DE82-4149-9DA1-111CD9C330BF} - C:\WINDOWS\System32\amak.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [Quf] C:\WINDOWS\System32\Mnn.exe
O4 - HKLM\..\Run: [Qpk] C:\WINDOWS\System32\Sml.exe
O4 - HKLM\..\Run: [Lso] C:\WINDOWS\System32\Oem.exe
O4 - HKLM\..\Run: [Odo] C:\WINDOWS\System32\Qtp.exe
O4 - HKLM\..\Run: [Nap] C:\WINDOWS\System32\Nhe.exe
O4 - HKLM\..\Run: [Bne] C:\WINDOWS\System32\Dno.exe
O4 - HKLM\..\Run: [Kpd] C:\WINDOWS\System32\Muk.exe
O4 - HKLM\..\Run: [Vrt] C:\WINDOWS\System32\Cts.exe
O4 - HKLM\..\Run: [Gfj] C:\WINDOWS\System32\Ipq.exe
O4 - HKLM\..\Run: [Ons] C:\WINDOWS\System32\Hot.exe
O4 - HKLM\..\Run: [Bck] C:\WINDOWS\System32\Bdl.exe
O4 - HKLM\..\Run: [Ttr] C:\WINDOWS\System32\Etc.exe
O4 - HKLM\..\Run: [Las] C:\WINDOWS\System32\Unu.exe
O4 - HKLM\..\Run: [Tif] C:\WINDOWS\System32\Fbp.exe
O4 - HKLM\..\Run: [Ora] C:\WINDOWS\System32\Sfn.exe
O4 - HKLM\..\Run: [Rnh] C:\WINDOWS\System32\Afs.exe
O4 - HKLM\..\Run: [Dlv] C:\WINDOWS\System32\Tvf.exe
O4 - HKLM\..\Run: [Mnn] C:\WINDOWS\System32\Hvu.exe
O4 - HKLM\..\Run: [Ejn] C:\WINDOWS\System32\Aoj.exe
O4 - HKLM\..\Run: [Rkq] C:\WINDOWS\System32\Mit.exe
O4 - HKLM\..\Run: [Cun] C:\WINDOWS\System32\Oqp.exe
O4 - HKLM\..\Run: [Fcm] C:\WINDOWS\System32\Dcp.exe
O4 - HKLM\..\Run: [Ehb] C:\WINDOWS\System32\Tfp.exe
O4 - HKLM\..\Run: [Umh] C:\WINDOWS\System32\Trq.exe
O4 - HKLM\..\Run: [Sdv] C:\WINDOWS\System32\Bfg.exe
O4 - HKLM\..\Run: [Aji] C:\WINDOWS\System32\Tse.exe
O4 - HKLM\..\Run: [Moo] C:\WINDOWS\System32\Urn.exe
O4 - HKLM\..\Run: [Ccq] C:\WINDOWS\System32\Ovg.exe
O4 - HKLM\..\Run: [Plo] C:\WINDOWS\System32\Kiq.exe
O4 - HKLM\..\Run: [Lmp] C:\WINDOWS\System32\Blt.exe
O4 - HKLM\..\Run: [Aoq] C:\WINDOWS\System32\Bbl.exe
O4 - HKLM\..\Run: [Juh] C:\WINDOWS\System32\Fve.exe
O4 - HKLM\..\Run: [Rkc] C:\WINDOWS\System32\Pcg.exe
O4 - HKLM\..\Run: [addiv32.exe] C:\WINDOWS\addiv32.exe
O4 - HKLM\..\Run: [Mev] C:\WINDOWS\System32\Ipc.exe
O4 - HKLM\..\Run: [Kkr] C:\WINDOWS\System32\Tlc.exe
O4 - HKLM\..\Run: [Vts] C:\WINDOWS\System32\Hgo.exe
O4 - HKLM\..\Run: [Adi] C:\WINDOWS\System32\Nbb.exe
O4 - HKLM\..\Run: [Jbn] C:\WINDOWS\System32\Upg.exe
O4 - HKLM\..\Run: [Nrk] C:\WINDOWS\System32\Gqo.exe
O4 - HKLM\..\Run: [Ibc] C:\WINDOWS\System32\Rbq.exe
O4 - HKLM\..\Run: [Utk] C:\WINDOWS\System32\Tvd.exe
O4 - HKLM\..\Run: [Bbo] C:\WINDOWS\System32\Mqp.exe
O4 - HKLM\..\Run: [Ucv] C:\WINDOWS\System32\Roh.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Edu] C:\WINDOWS\Nfk.exe
O4 - HKLM\..\Run: [Use] C:\WINDOWS\Mgd.exe
O4 - HKLM\..\Run: [Orr] C:\WINDOWS\System32\Frb.exe
O4 - HKLM\..\Run: [Pcg] C:\WINDOWS\Rll.exe
O4 - HKLM\..\Run: [Nnf] C:\WINDOWS\System32\Fqa.exe
O4 - HKLM\..\Run: [Kmp] C:\WINDOWS\System32\Tmr.exe
O4 - HKLM\..\Run: [Ner] C:\WINDOWS\Uoe.exe
O4 - HKLM\..\Run: [Qlt] C:\WINDOWS\System32\Ndr.exe
O4 - HKLM\..\Run: [Efn] C:\WINDOWS\Pjr.exe
O4 - HKLM\..\Run: [Lri] C:\WINDOWS\System32\Tlj.exe
O4 - HKLM\..\Run: [Ask] C:\WINDOWS\Laa.exe
O4 - HKLM\..\Run: [Eqq] C:\WINDOWS\Cks.exe
O4 - HKLM\..\Run: [Ndj] C:\WINDOWS\Gec.exe
O4 - HKLM\..\Run: [Bcd] C:\WINDOWS\Ehr.exe
O4 - HKLM\..\Run: [Tlj] C:\WINDOWS\System32\Ini.exe
O4 - HKLM\..\Run: [Esv] C:\WINDOWS\Tsd.exe
O4 - HKLM\..\Run: [Mvl] C:\WINDOWS\System32\Gqt.exe
O4 - HKLM\..\Run: [Pfe] C:\WINDOWS\Eop.exe
O4 - HKLM\..\Run: [Ncl] C:\WINDOWS\System32\Imj.exe
O4 - HKLM\..\Run: [Npa] C:\WINDOWS\System32\Air.exe
O4 - HKLM\..\Run: [Kie] C:\WINDOWS\System32\Rsg.exe
O4 - HKLM\..\Run: [Fsb] C:\WINDOWS\System32\Lgn.exe
O4 - HKLM\..\Run: [Tkh] C:\WINDOWS\System32\Jbn.exe
O4 - HKLM\..\Run: [Sve] C:\WINDOWS\System32\Qck.exe
O4 - HKLM\..\Run: [Otf] C:\WINDOWS\System32\Vbb.exe
O4 - HKLM\..\Run: [Qmu] C:\WINDOWS\System32\Kkl.exe
O4 - HKLM\..\Run: [Aff] C:\WINDOWS\Rft.exe
O4 - HKLM\..\Run: [Ctl] C:\WINDOWS\System32\Mrh.exe
O4 - HKLM\..\Run: [Haf] C:\WINDOWS\Eea.exe
O4 - HKLM\..\Run: [Uti] C:\WINDOWS\Qqf.exe
O4 - HKLM\..\Run: [Bsb] C:\WINDOWS\System32\Qrn.exe
O4 - HKLM\..\Run: [Hic] C:\WINDOWS\System32\Jgv.exe
O4 - HKLM\..\Run: [Npe] C:\WINDOWS\Cur.exe
O4 - HKLM\..\Run: [Dlo] C:\WINDOWS\Hqe.exe
O4 - HKLM\..\Run: [Oja] C:\WINDOWS\System32\Fbv.exe
O4 - HKLM\..\Run: [Dup] C:\WINDOWS\System32\Qek.exe
O4 - HKLM\..\Run: [Sov] C:\WINDOWS\System32\Fon.exe
O4 - HKLM\..\Run: [Lva] C:\WINDOWS\Uht.exe
O4 - HKLM\..\Run: [Ovu] C:\WINDOWS\Abk.exe
O4 - HKLM\..\Run: [Kqf] C:\WINDOWS\Sbd.exe
O4 - HKLM\..\Run: [Ojp] C:\WINDOWS\Pau.exe
O4 - HKLM\..\Run: [Enf] C:\WINDOWS\System32\Fjj.exe
O4 - HKLM\..\Run: [Age] C:\WINDOWS\Mrh.exe
O4 - HKLM\..\Run: [CleanUp] C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /cleanup
O4 - HKLM\..\Run: [Cul] C:\WINDOWS\Olo.exe
O4 - HKLM\..\Run: [Lhq] C:\WINDOWS\System32\Upg.exe
O4 - HKLM\..\Run: [Gpv] C:\WINDOWS\Lcr.exe
O4 - HKLM\..\Run: [Tpp] C:\WINDOWS\Oft.exe
O4 - HKLM\..\Run: [Tcg] C:\WINDOWS\Bqk.exe
O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\Hoover\LOCALS~1\Temp\se.dll,DllInstall
O4 - HKLM\..\RunOnce: [mszi32.exe] C:\WINDOWS\mszi32.exe
O4 - HKLM\..\RunOnce: [mcupdmgr.exe] c:\PROGRA~1\mcafee.com\agent\mcupdmgr.exe -regserver
O4 - HKCU\..\Run: [Quf] C:\WINDOWS\System32\Mnn.exe
O4 - HKCU\..\Run: [x3yy] C:\WINDOWS\System32\x3yy\jkahmgam.exe
O4 - HKCU\..\Run: [Qpk] C:\WINDOWS\System32\Sml.exe
O4 - HKCU\..\Run: [Lso] C:\WINDOWS\System32\Oem.exe
O4 - HKCU\..\Run: [Odo] C:\WINDOWS\System32\Qtp.exe
O4 - HKCU\..\Run: [Nap] C:\WINDOWS\System32\Nhe.exe
O4 - HKCU\..\Run: [Bne] C:\WINDOWS\System32\Dno.exe
O4 - HKCU\..\Run: [Kpd] C:\WINDOWS\System32\Muk.exe
O4 - HKCU\..\Run: [Vrt] C:\WINDOWS\System32\Cts.exe
O4 - HKCU\..\Run: [Gfj] C:\WINDOWS\System32\Ipq.exe
O4 - HKCU\..\Run: [Ons] C:\WINDOWS\System32\Hot.exe
O4 - HKCU\..\Run: [Bck] C:\WINDOWS\System32\Bdl.exe
O4 - HKCU\..\Run: [Ttr] C:\WINDOWS\System32\Etc.exe
O4 - HKCU\..\Run: [Las] C:\WINDOWS\System32\Unu.exe
O4 - HKCU\..\Run: [Tif] C:\WINDOWS\System32\Fbp.exe
O4 - HKCU\..\Run: [Ora] C:\WINDOWS\System32\Sfn.exe
O4 - HKCU\..\Run: [Rnh] C:\WINDOWS\System32\Afs.exe
O4 - HKCU\..\Run: [Dlv] C:\WINDOWS\System32\Tvf.exe
O4 - HKCU\..\Run: [Mnn] C:\WINDOWS\System32\Hvu.exe
O4 - HKCU\..\Run: [Ejn] C:\WINDOWS\System32\Aoj.exe
O4 - HKCU\..\Run: [Rkq] C:\WINDOWS\System32\Mit.exe
O4 - HKCU\..\Run: [Cun] C:\WINDOWS\System32\Oqp.exe
O4 - HKCU\..\Run: [Fcm] C:\WINDOWS\System32\Dcp.exe
O4 - HKCU\..\Run: [Ehb] C:\WINDOWS\System32\Tfp.exe
O4 - HKCU\..\Run: [Umh] C:\WINDOWS\System32\Trq.exe
O4 - HKCU\..\Run: [Sdv] C:\WINDOWS\System32\Bfg.exe
O4 - HKCU\..\Run: [Aji] C:\WINDOWS\System32\Tse.exe
O4 - HKCU\..\Run: [Moo] C:\WINDOWS\System32\Urn.exe
O4 - HKCU\..\Run: [Ccq] C:\WINDOWS\System32\Ovg.exe
O4 - HKCU\..\Run: [Plo] C:\WINDOWS\System32\Kiq.exe
O4 - HKCU\..\Run: [Lmp] C:\WINDOWS\System32\Blt.exe
O4 - HKCU\..\Run: [Aoq] C:\WINDOWS\System32\Bbl.exe
O4 - HKCU\..\Run: [Juh] C:\WINDOWS\System32\Fve.exe
O4 - HKCU\..\Run: [Rkc] C:\WINDOWS\System32\Pcg.exe
O4 - HKCU\..\Run: [Mev] C:\WINDOWS\System32\Ipc.exe
O4 - HKCU\..\Run: [Kkr] C:\WINDOWS\System32\Tlc.exe
O4 - HKCU\..\Run: [Vts] C:\WINDOWS\System32\Hgo.exe
O4 - HKCU\..\Run: [Adi] C:\WINDOWS\System32\Nbb.exe
O4 - HKCU\..\Run: [Jbn] C:\WINDOWS\System32\Upg.exe
O4 - HKCU\..\Run: [Nrk] C:\WINDOWS\System32\Gqo.exe
O4 - HKCU\..\Run: [Ibc] C:\WINDOWS\System32\Rbq.exe
O4 - HKCU\..\Run: [Utk] C:\WINDOWS\System32\Tvd.exe
O4 - HKCU\..\Run: [Bbo] C:\WINDOWS\System32\Mqp.exe
O4 - HKCU\..\Run: [Ucv] C:\WINDOWS\System32\Roh.exe
O4 - HKCU\..\Run: [Edu] C:\WINDOWS\Nfk.exe
O4 - HKCU\..\Run: [Use] C:\WINDOWS\Mgd.exe
O4 - HKCU\..\Run: [Orr] C:\WINDOWS\System32\Frb.exe
O4 - HKCU\..\Run: [Pcg] C:\WINDOWS\Rll.exe
O4 - HKCU\..\Run: [Nnf] C:\WINDOWS\System32\Fqa.exe
O4 - HKCU\..\Run: [Kmp] C:\WINDOWS\System32\Tmr.exe
O4 - HKCU\..\Run: [Ner] C:\WINDOWS\Uoe.exe
O4 - HKCU\..\Run: [Qlt] C:\WINDOWS\System32\Ndr.exe
O4 - HKCU\..\Run: [Efn] C:\WINDOWS\Pjr.exe
O4 - HKCU\..\Run: [Lri] C:\WINDOWS\System32\Tlj.exe
O4 - HKCU\..\Run: [Ask] C:\WINDOWS\Laa.exe
O4 - HKCU\..\Run: [Eqq] C:\WINDOWS\Cks.exe
O4 - HKCU\..\Run: [Ndj] C:\WINDOWS\Gec.exe
O4 - HKCU\..\Run: [Bcd] C:\WINDOWS\Ehr.exe
O4 - HKCU\..\Run: [Tlj] C:\WINDOWS\System32\Ini.exe
O4 - HKCU\..\Run: [Esv] C:\WINDOWS\Tsd.exe
O4 - HKCU\..\Run: [Mvl] C:\WINDOWS\System32\Gqt.exe
O4 - HKCU\..\Run: [Pfe] C:\WINDOWS\Eop.exe
O4 - HKCU\..\Run: [Ncl] C:\WINDOWS\System32\Imj.exe
O4 - HKCU\..\Run: [Npa] C:\WINDOWS\System32\Air.exe
O4 - HKCU\..\Run: [Kie] C:\WINDOWS\System32\Rsg.exe
O4 - HKCU\..\Run: [Fsb] C:\WINDOWS\System32\Lgn.exe
O4 - HKCU\..\Run: [Tkh] C:\WINDOWS\System32\Jbn.exe
O4 - HKCU\..\Run: [Sve] C:\WINDOWS\System32\Qck.exe
O4 - HKCU\..\Run: [Otf] C:\WINDOWS\System32\Vbb.exe
O4 - HKCU\..\Run: [Qmu] C:\WINDOWS\System32\Kkl.exe
O4 - HKCU\..\Run: [Aff] C:\WINDOWS\Rft.exe
O4 - HKCU\..\Run: [Ctl] C:\WINDOWS\System32\Mrh.exe
O4 - HKCU\..\Run: [Haf] C:\WINDOWS\Eea.exe
O4 - HKCU\..\Run: [Uti] C:\WINDOWS\Qqf.exe
O4 - HKCU\..\Run: [Bsb] C:\WINDOWS\System32\Qrn.exe
O4 - HKCU\..\Run: [Hic] C:\WINDOWS\System32\Jgv.exe
O4 - HKCU\..\Run: [Npe] C:\WINDOWS\Cur.exe
O4 - HKCU\..\Run: [Dlo] C:\WINDOWS\Hqe.exe
O4 - HKCU\..\Run: [Oja] C:\WINDOWS\System32\Fbv.exe
O4 - HKCU\..\Run: [Dup] C:\WINDOWS\System32\Qek.exe
O4 - HKCU\..\Run: [Sov] C:\WINDOWS\System32\Fon.exe
O4 - HKCU\..\Run: [Lva] C:\WINDOWS\Uht.exe
O4 - HKCU\..\Run: [Ovu] C:\WINDOWS\Abk.exe
O4 - HKCU\..\Run: [Kqf] C:\WINDOWS\Sbd.exe
O4 - HKCU\..\Run: [Ojp] C:\WINDOWS\Pau.exe
O4 - HKCU\..\Run: [Enf] C:\WINDOWS\System32\Fjj.exe
O4 - HKCU\..\Run: [Age] C:\WINDOWS\Mrh.exe
O4 - HKCU\..\Run: [Cul] C:\WINDOWS\Olo.exe
O4 - HKCU\..\Run: [Lhq] C:\WINDOWS\System32\Upg.exe
O4 - HKCU\..\Run: [Gpv] C:\WINDOWS\Lcr.exe
O4 - HKCU\..\Run: [Tpp] C:\WINDOWS\Oft.exe
O4 - HKCU\..\Run: [Tcg] C:\WINDOWS\Bqk.exe
O4 - Startup: PowerReg Scheduler V3.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...76/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcaf...,16/mcgdmgr.cab
O18 - Filter: text/html - {ACAE6C9C-A809-4C87-AE44-500DC331867B} - C:\WINDOWS\System32\amak.dll
O18 - Filter: text/plain - {ACAE6C9C-A809-4C87-AE44-500DC331867B} - C:\WINDOWS\System32\amak.dll
O23 - Service: Network Security Service (NSS) ( 11F#`I) - Unknown owner - C:\WINDOWS\ieve.exe (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
  • 0




    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Pretty Please!!!
  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP