Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

desktop wall paper hijacked

Started by jatw , May 15 2005 10:26 AM

  • Please log in to reply

#1
jatw
Posted 15 May 2005 - 10:26 AM

jatw

    New Member

  • Member
  • Pip
  • 5 posts
Real quick my wall paper is a solid color and formerly displayed a "Windows has detected Spyware" on it. I cant change my wall paper and every post seems case specific. Please let me know what i need to post in order to resolve this. I have run all programs suggested on the main forum page for hijacks. Any help appreciated. thank you! :tazz:
here is my hijack this stuff as well.
Logfile of HijackThis v1.99.1
Scan saved at 12:43:08 PM, on 5/15/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exeAttached File  Scan_report_20050515.txt.txt   3.66KB   154 downloads
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\Program Files\MSN\MSNCoreFiles\MSN.EXE
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\jim cole\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.startsear...earch.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.startsearches.net/bar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.startsear...earch.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.startsear...earch.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.startsear...earch.php?qq=%1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.startsearches.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
F2 - REG:system.ini: Shell=Explorer.exe, msmsgs.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll (file missing)
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CAILI - Unknown owner - C:\WINDOWS\System32\caili.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe

Edited by jatw, 15 May 2005 - 10:39 AM.

  • 0

Advertisements

#2
jatw
Posted 15 May 2005 - 10:48 AM

jatw

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
anyone?
  • 0

#3
jatw
Posted 15 May 2005 - 11:38 AM

jatw

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Hmmmmmmmmmmmm :tazz:
  • 0

#4
Dr. Zoltar
Posted 15 May 2005 - 02:34 PM

Dr. Zoltar

    New Member

  • Member
  • Pip
  • 4 posts
Don't worry. It may take a day or two for someone to respond with an answer, but someone will respond. I'm having the same problem with a friend's PC. A trojian downloaded a hijacker and now IE won't connect to any sites and the wallpaper feature, along with icons, of the desktop will no longer display.

The people here helped me with another friend's PC and their advice was right on the money.
  • 0

#5
jatw
Posted 15 May 2005 - 03:04 PM

jatw

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
I tried everything....I just reformatted Windows again.....if there is a way to never get this to happen again that would be great.
  • 0

#6
Dr. Zoltar
Posted 15 May 2005 - 04:23 PM

Dr. Zoltar

    New Member

  • Member
  • Pip
  • 4 posts
Did reformatting fix the issue?

I use on my own computer a combination of Ad-Aware, Spybot, Microsoft's Anti-Spyware Program, and Norton's Anti-virus. All of them except Norton are free. It has kept my home PC virus free, but you must update them weekly to be effective.

My two family friend's PCs that have become infected didn't keep their anti-virus programs updated. They also didn't install MS patches when they came out. Not doing either of these is an invitation for hackers to take over your PC. They rely on people not installing hot fixes or patches to do damage. And our media does a great job informing them when a flaw in the OS has been found. :tazz:

Also, I have found that most trojans come from either adult sites or crackz sites. Just be careful where you click.
  • 0

#7
jatw
Posted 16 May 2005 - 07:43 PM

jatw

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
lol yes this came from an adult site but it was from an email......unfortunetly the trojan virus crept up before I could shut it down, actually i played video games for a while,.....however, the assumtion is true, unfortunetly. However, yes reformating did fix the problem I, unfortunetly, did reformat and downloaded all my old programs so everything is fine. I did buy, before i got this virus, macafee and a firewall....just disapointing that this didnt do anything to help. I do thank you for atleast submitting a reply and will certainly delete any future email that i deem notorious! Good luck everyone hope you dont have to do what I did and will continue to be a memeber here. to check out any new info!!!!!
  • 0
Back to Windows XP, 2000, 2003, NT · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Windows XP, 2000, 2003, NT

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP