Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

!HELP RED DANGER SPYWARE DESKTOP HELP!

Started by Dragon-X , Apr 01 2005 07:19 AM

  • Please log in to reply

#1
Dragon-X
Posted 01 April 2005 - 07:19 AM

Dragon-X

    New Member

  • Member
  • Pip
  • 2 posts
:tazz: My desktop has been changed to a red thing with a square in the centre: DANGER:SPYWARE and 2 links to buy a product....i've seen sum1 who had this to but i cant update WinXP because its not a legal version....i need this mess of my computer please ;)



Logfile of HijackThis v1.99.1
Scan saved at 15:17:35, on 1/04/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Visual TimeAnalyzer\tbaction.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\Opa.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Dragon-X\Mijn documenten\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.begin2sea...sidesearch.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.playtoday.nl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TBAction] C:\Program Files\Visual TimeAnalyzer\tbaction.exe
O4 - HKLM\..\Run: [csrs] C:\WINDOWS\System32\csrs.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Ssg] C:\WINDOWS\Opa.exe
O4 - HKLM\..\Run: [Qkg] C:\WINDOWS\Fuh.exe
O4 - HKLM\..\Run: [Trr] C:\WINDOWS\Adu.exe
O4 - HKLM\..\Run: [Iji] C:\WINDOWS\Ome.exe
O4 - HKLM\..\Run: [Oag] C:\WINDOWS\Jev.exe
O4 - HKLM\..\Run: [Kmd] C:\WINDOWS\System32\Kna.exe
O4 - HKLM\..\Run: [Qta] C:\WINDOWS\System32\Gub.exe
O4 - HKLM\..\Run: [Bqf] C:\WINDOWS\Pci.exe
O4 - HKLM\..\Run: [Mnn] C:\WINDOWS\Icn.exe
O4 - HKLM\..\Run: [Nmh] C:\WINDOWS\Fku.exe
O4 - HKLM\..\Run: [Qvk] C:\WINDOWS\End.exe
O4 - HKLM\..\Run: [Pot] C:\WINDOWS\Lmb.exe
O4 - HKLM\..\Run: [Ibj] C:\WINDOWS\System32\Sqs.exe
O4 - HKLM\..\Run: [Hpb] C:\WINDOWS\Pva.exe
O4 - HKLM\..\Run: [Clg] C:\WINDOWS\System32\Elj.exe
O4 - HKLM\..\Run: [Mdm] C:\WINDOWS\System32\Onn.exe
O4 - HKLM\..\Run: [Ubo] C:\WINDOWS\System32\Aov.exe
O4 - HKLM\..\Run: [Rlu] C:\WINDOWS\System32\Kkk.exe
O4 - HKLM\..\Run: [Uun] C:\WINDOWS\System32\Rps.exe
O4 - HKLM\..\Run: [Cqr] C:\WINDOWS\Joh.exe
O4 - HKLM\..\Run: [Dae] C:\WINDOWS\System32\Lgb.exe
O4 - HKLM\..\Run: [Ppp] C:\WINDOWS\System32\Oaf.exe
O4 - HKLM\..\Run: [Jtq] C:\WINDOWS\System32\Kci.exe
O4 - HKLM\..\Run: [Ois] C:\WINDOWS\Dgo.exe
O4 - HKLM\..\Run: [Nbe] C:\WINDOWS\System32\Rcp.exe
O4 - HKLM\..\Run: [Aij] C:\WINDOWS\System32\Ntj.exe
O4 - HKLM\..\Run: [Dnd] C:\WINDOWS\System32\Iei.exe
O4 - HKLM\..\Run: [Umb] C:\WINDOWS\System32\Hec.exe
O4 - HKLM\..\Run: [Ucs] C:\WINDOWS\Fif.exe
O4 - HKLM\..\Run: [Tsq] C:\WINDOWS\Dms.exe
O4 - HKLM\..\Run: [Hqr] C:\WINDOWS\Vuk.exe
O4 - HKLM\..\Run: [Oci] C:\WINDOWS\System32\Qmb.exe
O4 - HKLM\..\Run: [Jrb] C:\WINDOWS\Rfr.exe
O4 - HKLM\..\Run: [Fkl] C:\WINDOWS\System32\Ltg.exe
O4 - HKLM\..\Run: [Jtb] C:\WINDOWS\System32\Vhb.exe
O4 - HKLM\..\Run: [Qmk] C:\WINDOWS\System32\Irk.exe
O4 - HKLM\..\Run: [Lds] C:\WINDOWS\System32\Lve.exe
O4 - HKLM\..\Run: [Rnc] C:\WINDOWS\System32\Chd.exe
O4 - HKLM\..\Run: [Kvm] C:\WINDOWS\Aca.exe
O4 - HKLM\..\Run: [Sop] C:\WINDOWS\System32\Coc.exe
O4 - HKLM\..\Run: [Pma] C:\WINDOWS\System32\Djf.exe
O4 - HKLM\..\Run: [Oql] C:\WINDOWS\System32\Tej.exe
O4 - HKLM\..\Run: [Lhl] C:\WINDOWS\Oqa.exe
O4 - HKLM\..\Run: [Inu] C:\WINDOWS\Plf.exe
O4 - HKLM\..\Run: [Jgk] C:\WINDOWS\Ctq.exe
O4 - HKLM\..\Run: [Pnj] C:\WINDOWS\System32\Krd.exe
O4 - HKLM\..\Run: [Rmv] C:\WINDOWS\Jdn.exe
O4 - HKLM\..\Run: [Gcq] C:\WINDOWS\Idm.exe
O4 - HKLM\..\Run: [Ffo] C:\WINDOWS\System32\Man.exe
O4 - HKLM\..\Run: [Cro] C:\WINDOWS\Jgn.exe
O4 - HKLM\..\Run: [Njq] C:\WINDOWS\System32\Lvp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Gbs] C:\WINDOWS\Qgm.exe
O4 - HKCU\..\Run: [Big] C:\WINDOWS\System32\Gvv.exe
O4 - HKCU\..\Run: [Ntk] C:\WINDOWS\System32\Rhg.exe
O4 - HKCU\..\Run: [Ctg] C:\WINDOWS\Oja.exe
O4 - HKCU\..\Run: [Cfm] C:\WINDOWS\Hov.exe
O4 - HKCU\..\Run: [Pib] C:\WINDOWS\Toa.exe
O4 - HKCU\..\Run: [Dsv] C:\WINDOWS\Jei.exe
O4 - HKCU\..\Run: [Ama] C:\WINDOWS\Tva.exe
O4 - HKCU\..\Run: [Fiq] C:\WINDOWS\Djg.exe
O4 - HKCU\..\Run: [Fmm] C:\WINDOWS\Paf.exe
O4 - HKCU\..\Run: [Cmm] C:\WINDOWS\Lke.exe
O4 - HKCU\..\Run: [Vpe] C:\WINDOWS\System32\Tba.exe
O4 - HKCU\..\Run: [Jge] C:\WINDOWS\System32\Dov.exe
O4 - HKCU\..\Run: [Qkg] C:\WINDOWS\Fuh.exe
O4 - HKCU\..\Run: [Trr] C:\WINDOWS\Adu.exe
O4 - HKCU\..\Run: [Iji] C:\WINDOWS\Ome.exe
O4 - HKCU\..\Run: [Rap] C:\WINDOWS\Aja.exe
O4 - HKCU\..\Run: [Itl] C:\WINDOWS\Udp.exe
O4 - HKCU\..\Run: [Mln] C:\WINDOWS\Rlf.exe
O4 - HKCU\..\Run: [Hdm] C:\WINDOWS\Eto.exe
O4 - HKCU\..\Run: [Oag] C:\WINDOWS\Jev.exe
O4 - HKCU\..\Run: [Kmd] C:\WINDOWS\System32\Kna.exe
O4 - HKCU\..\Run: [Qta] C:\WINDOWS\System32\Gub.exe
O4 - HKCU\..\Run: [Bqf] C:\WINDOWS\Pci.exe
O4 - HKCU\..\Run: [Mnn] C:\WINDOWS\Icn.exe
O4 - HKCU\..\Run: [Nmh] C:\WINDOWS\Fku.exe
O4 - HKCU\..\Run: [Qvk] C:\WINDOWS\End.exe
O4 - HKCU\..\Run: [Pot] C:\WINDOWS\Lmb.exe
O4 - HKCU\..\Run: [Ibj] C:\WINDOWS\System32\Sqs.exe
O4 - HKCU\..\Run: [Hpb] C:\WINDOWS\Pva.exe
O4 - HKCU\..\Run: [Clg] C:\WINDOWS\System32\Elj.exe
O4 - HKCU\..\Run: [Mdm] C:\WINDOWS\System32\Onn.exe
O4 - HKCU\..\Run: [Ubo] C:\WINDOWS\System32\Aov.exe
O4 - HKCU\..\Run: [Rlu] C:\WINDOWS\System32\Kkk.exe
O4 - HKCU\..\Run: [Uun] C:\WINDOWS\System32\Rps.exe
O4 - HKCU\..\Run: [Cqr] C:\WINDOWS\Joh.exe
O4 - HKCU\..\Run: [Dae] C:\WINDOWS\System32\Lgb.exe
O4 - HKCU\..\Run: [Ppp] C:\WINDOWS\System32\Oaf.exe
O4 - HKCU\..\Run: [Jtq] C:\WINDOWS\System32\Kci.exe
O4 - HKCU\..\Run: [Ois] C:\WINDOWS\Dgo.exe
O4 - HKCU\..\Run: [Nbe] C:\WINDOWS\System32\Rcp.exe
O4 - HKCU\..\Run: [Aij] C:\WINDOWS\System32\Ntj.exe
O4 - HKCU\..\Run: [Dnd] C:\WINDOWS\System32\Iei.exe
O4 - HKCU\..\Run: [Umb] C:\WINDOWS\System32\Hec.exe
O4 - HKCU\..\Run: [Ucs] C:\WINDOWS\Fif.exe
O4 - HKCU\..\Run: [Tsq] C:\WINDOWS\Dms.exe
O4 - HKCU\..\Run: [Hqr] C:\WINDOWS\Vuk.exe
O4 - HKCU\..\Run: [Oci] C:\WINDOWS\System32\Qmb.exe
O4 - HKCU\..\Run: [Jrb] C:\WINDOWS\Rfr.exe
O4 - HKCU\..\Run: [Fkl] C:\WINDOWS\System32\Ltg.exe
O4 - HKCU\..\Run: [Jtb] C:\WINDOWS\System32\Vhb.exe
O4 - HKCU\..\Run: [Qmk] C:\WINDOWS\System32\Irk.exe
O4 - HKCU\..\Run: [Lds] C:\WINDOWS\System32\Lve.exe
O4 - HKCU\..\Run: [Rnc] C:\WINDOWS\System32\Chd.exe
O4 - HKCU\..\Run: [Kvm] C:\WINDOWS\Aca.exe
O4 - HKCU\..\Run: [Sop] C:\WINDOWS\System32\Coc.exe
O4 - HKCU\..\Run: [Pma] C:\WINDOWS\System32\Djf.exe
O4 - HKCU\..\Run: [Oql] C:\WINDOWS\System32\Tej.exe
O4 - HKCU\..\Run: [Lhl] C:\WINDOWS\Oqa.exe
O4 - HKCU\..\Run: [Inu] C:\WINDOWS\Plf.exe
O4 - HKCU\..\Run: [Jgk] C:\WINDOWS\Ctq.exe
O4 - HKCU\..\Run: [Pnj] C:\WINDOWS\System32\Krd.exe
O4 - HKCU\..\Run: [Rmv] C:\WINDOWS\Jdn.exe
O4 - HKCU\..\Run: [Gcq] C:\WINDOWS\Idm.exe
O4 - HKCU\..\Run: [Ffo] C:\WINDOWS\System32\Man.exe
O4 - HKCU\..\Run: [Cro] C:\WINDOWS\Jgn.exe
O4 - HKCU\..\Run: [Njq] C:\WINDOWS\System32\Lvp.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Color Calibration.lnk = C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: MagicTune3.5.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NaturalColorLoad.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'xfire_lsp_10650.dll' missing
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplane...DC_1_0_0_44.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1095948809745
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamesp...nch/alaunch.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O20 - Winlogon Notify: f3dsl - lsd_f3.dll (file missing)
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  • 0

Advertisements

#2
Dragon-X
Posted 01 April 2005 - 07:23 AM

Dragon-X

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
:tazz: ow yeah and my right-click function is disabled and all my icons are gone ;)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP