Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Infected


  • Please log in to reply

#1
misscoco

misscoco

    Member

  • Member
  • PipPip
  • 39 posts
Here is my Hi-Jack This Log


Logfile of HijackThis v1.99.1
Scan saved at 11:44, on 06-12-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\psimsvc.exe
C:\WINDOWS\system32\PROMon.exe
C:\WINDOWS\GWMDMMSG.exe
C:\WINDOWS\GWMDMpi.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Wireless LAN\WlanUtil.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
O2 - BHO: BhoApp Class - {0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2} - C:\Program Files\WinBudget\bin\matrix.dll
O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [GWMDMpi] C:\WINDOWS\GWMDMpi.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: IEEE 802.11g USB Wireless LAN Utility.lnk = C:\Program Files\Wireless LAN\WlanUtil.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll (file missing)
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1160690526031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1160690505921
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf...856/mcfscan.cab
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: PictureTaker - LANovation - C:\WINDOWS\System32\PCTKRNT.SYS
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Internet Security 2007\psimsvc.exe

Thanx!!!
  • 0

Advertisements


#2
MFDnSC

MFDnSC

    Banned

  • Banned
  • PipPipPipPip
  • 1,137 posts
What makes you think you are infected


Download AVG Anti-Spyware from http://www.ewido.net/en/download/ and save that file to your desktop. Note: This is NOT the Anti Virus from AVG.

When the trial period expires it becomes feature-limited freeware but is still worth keeping as a good on-demand scanner.
1. Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double click it to launch the set up program.
2. Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
3. On the main screen select the icon "Update" then select the "Update now" link.
o Next select the "Start Update" button. The update will start and a progress bar will show the updates being installed.
4. Once the update has completed, select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
5. Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
6. Under "Reports"
o Select "Automatically generate report after every scan"
o Un-Select "Only if threats were found"
Close AVG Anti-Spyware. Do Not run a scan just yet, we will run it in safe mode.
1. Reboot your computer into Safe Mode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode then hit enter.

IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning as it may interfere with the scanning process:
2. Launch AVG Anti-Spyware by double clicking the icon on your desktop.
3. Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
4. AVG will now begin the scanning process. Please be patient as this may take a little time.
Once the scan is complete, do the following:
5. If you have any infections you will be prompted. Then select "Apply all actions."
6. Next select the "Reports" icon at the top.
7. Select the "Save report as" button in the lower lef- hand of the screen and save it to a text file on your system (make sure to remember where you saved that file. This is important).
8. Close AVG Anti-Spyware and reboot your system back into Normal Mode.
Post the log from AVG and a new HiJack log
  • 0

#3
misscoco

misscoco

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
The connection to update keeps failing and as far as why I think my computer is infected my signal for the internet keeps going out and when I actually get on the internet Ikeep get these send erro report messages and then it closes. Also I did a scan with Panda Security 2007 and it keeps telling me I have spyware.
  • 0

#4
MFDnSC

MFDnSC

    Banned

  • Banned
  • PipPipPipPip
  • 1,137 posts
What is Panda telling you - Run AVG
  • 0

#5
misscoco

misscoco

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
It cinnected and here is the log.



---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 20:17 06-12-11

+ Scan result:



C:\System Volume Information\_restore{8BD23D28-1E97-4D62-9721-1ED5A8C840B2}\RP181\A0022978.exe -> Downloader.Agent.awf : Cleaned.
C:\System Volume Information\_restore{8BD23D28-1E97-4D62-9721-1ED5A8C840B2}\RP181\A0022979.exe -> Downloader.Agent.awf : Cleaned.
C:\System Volume Information\_restore{8BD23D28-1E97-4D62-9721-1ED5A8C840B2}\RP181\A0022980.exe -> Downloader.Agent.awf : Cleaned.
C:\System Volume Information\_restore{8BD23D28-1E97-4D62-9721-1ED5A8C840B2}\RP181\A0022981.exe -> Downloader.Agent.awf : Cleaned.
C:\System Volume Information\_restore{8BD23D28-1E97-4D62-9721-1ED5A8C840B2}\RP181\A0022982.EXE -> Downloader.Agent.awf : Cleaned.
C:\System Volume Information\_restore{8BD23D28-1E97-4D62-9721-1ED5A8C840B2}\RP181\A0022983.exe -> Downloader.Agent.awf : Cleaned.
C:\System Volume Information\_restore{8BD23D28-1E97-4D62-9721-1ED5A8C840B2}\RP181\A0022984.dll -> Logger.BZub.ec : Cleaned.
C:\Documents and Settings\Courtnie\Cookies\[email protected][1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Courtnie\Cookies\[email protected][2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Courtnie\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Courtnie\Cookies\[email protected][1].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\Courtnie\Cookies\[email protected][2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Courtnie\Cookies\[email protected][1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Courtnie\Cookies\[email protected][2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Courtnie\Cookies\[email protected][1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Courtnie\Cookies\[email protected][2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Courtnie\Cookies\[email protected][1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Courtnie\Cookies\[email protected][1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Courtnie\Cookies\[email protected][2].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Courtnie\Cookies\[email protected][2].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Courtnie\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned.


::Report end


and here is The High-Jack This Log

Logfile of HijackThis v1.99.1
Scan saved at 20:24, on 06-12-11
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\PROMon.exe
C:\WINDOWS\GWMDMMSG.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Wireless LAN\WlanUtil.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\psimsvc.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
O2 - BHO: BhoApp Class - {0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2} - C:\Program Files\WinBudget\bin\matrix.dll
O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: IEEE 802.11g USB Wireless LAN Utility.lnk = C:\Program Files\Wireless LAN\WlanUtil.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll (file missing)
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1160690526031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1160690505921
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf...856/mcfscan.cab
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: PictureTaker - LANovation - C:\WINDOWS\System32\PCTKRNT.SYS
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Internet Security 2007\psimsvc.exe
  • 0

#6
MFDnSC

MFDnSC

    Banned

  • Banned
  • PipPipPipPip
  • 1,137 posts
You did not say what Panda found

Turn off restore points, boot, turn them back on – here’s how

http://service1.syma...src=sec_doc_nam
  • 0

#7
misscoco

misscoco

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Panda found Spyware in my system and it said it disinfected it but I haven't seen any improvement.
  • 0

#8
MFDnSC

MFDnSC

    Banned

  • Banned
  • PipPipPipPip
  • 1,137 posts
Where did it find it and what did it find - don't keep me in the dark give me information!
  • 0

#9
misscoco

misscoco

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
It found spyware in C:\ Documents and Settings\ Courtnie\. There are different sources of spyware such as Tribalfusion,Trafficplace,Reliable Stats,Casale Media etc. It found them and said that it disinfected some and deleted a few files.
  • 0

#10
MFDnSC

MFDnSC

    Banned

  • Banned
  • PipPipPipPip
  • 1,137 posts
That is not the full path nor a detailed list

if they are cookies

IE - Block Third party cookies
1. Click on the Tools button on the Internet Explorer tool bar.
2. Highlight and click on Internet options at the bottom of the Tools menu.
3. Select the Privacy Tab of the Internet Options menu.
4. Select the Advanced... button at the bottom of the screen.
5. Select override automatic cookie handling button.
6. To block third party cookies select block under "Third-party cookies".
7. Select "always allow session cookies".
8. Click on the OK button at the bottom of the screen.
===========================
  • 0

Advertisements


#11
misscoco

misscoco

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
I can not copy and paste or save the report Panda is giving me.
  • 0

#12
MFDnSC

MFDnSC

    Banned

  • Banned
  • PipPipPipPip
  • 1,137 posts
If they are here

C:\Documents and Settings\Courtnie\Cookies

Then do what I posted but first go to in IE - Tools options - General - delete files


DownLoad EasyCleaner http://www.majorgeek...ownload414.html

Use the clear files and Unnecessary files buttons – I do not recommend
using the Duplicates files button
as many dupes are there on purpose.

Not all files will delete – that is normal.

In the unnecessary button I check the top 4 entries
  • 0

#13
misscoco

misscoco

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Name Size Type Modified Attr File version Product version
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla10.tmp 0 TMP File 06-11-17 08:52:54 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla11.tmp 0 TMP File 06-11-17 09:05:26 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla12.tmp 0 TMP File 06-11-17 09:05:30 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla13.tmp 0 TMP File 06-11-17 09:11:14 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla14.tmp 0 TMP File 06-11-17 09:12:42 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla15.tmp 0 TMP File 06-11-17 09:14:54 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla16.tmp 0 TMP File 06-11-10 20:14:14 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla17.tmp 0 TMP File 06-11-10 20:15:22 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla18.tmp 0 TMP File 06-11-17 09:14:56 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla19.tmp 0 TMP File 06-11-17 09:17:32 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla1A.tmp 0 TMP File 06-11-17 09:22:24 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla1B.tmp 0 TMP File 06-11-17 09:24:38 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla1C.tmp 0 TMP File 06-11-17 09:26:40 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla1D.tmp 0 TMP File 06-11-17 09:28:52 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla1E.tmp 0 TMP File 06-11-17 09:29:40 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla1F.tmp 0 TMP File 06-11-17 09:31:56 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla20.tmp 0 TMP File 06-11-17 09:33:42 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla3.tmp 0 TMP File 06-11-15 15:07:46 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla3F.tmp 0 TMP File 06-11-18 20:39:48 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla5.tmp 0 TMP File 06-12-12 10:18:28 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla7.tmp 0 TMP File 06-12-06 09:13:30 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla8.tmp 0 TMP File 06-12-06 09:18:16 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\fla9.tmp 0 TMP File 06-12-06 09:23:38 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\flaD.tmp 0 TMP File 06-11-17 08:49:08 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\flaE.tmp 0 TMP File 06-11-17 08:51:06 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\flaF.tmp 0 TMP File 06-11-17 08:52:40 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\ypt26.tmp 0 TMP File 06-11-17 14:54:10 A
C:\Program Files\Yahoo!\Messenger\Cache\TdtfPv0hlA3sI3fEpy7ziw--.ProfileMap.dat.tmp 0 TMP File 06-11-28 21:55:40 A
C:\Program Files\Yahoo!\Messenger\Cache\YNEzxxm_Kc84kbcLtsBDWA--.ProfileMap.dat.tmp 0 TMP File 06-12-13 09:27:54 A
C:\WINDOWS\tdprms.tmp 40 TMP File 06-05-15 15:20:52 A
C:\Program Files\Gateway\HPA\SRCDID.TMP 95 TMP File 06-10-02 13:22:00 A
C:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\brndlog.bak 113 BAK File 06-05-11 17:52:28 A
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.bak 113 BAK File 06-05-11 17:52:28 A
C:\Documents and Settings\Courtnie\Application Data\Microsoft\Internet Explorer\brndlog.bak 141 BAK File 06-05-11 17:52:40 A
C:\Documents and Settings\All Users\Application Data\McAfee.com\Agent\Cache\McSubDB.Bak 477 BAK File 06-05-11 18:56:08 A
C:\Documents and Settings\Courtnie\Recent\~$ackboard Academic Suite.lnk 638 Shortcut 06-12-07 19:26:50 A
C:\Documents and Settings\Courtnie\Application Data\Microsoft\Office\Recent\~$ackboard Academic Suite.LNK 825 Shortcut 06-12-07 19:26:46 A
C:\Documents and Settings\Courtnie\.limewire\fileurns.bak 909 BAK File 06-05-11 19:48:46 A
C:\WINDOWS\imsins.BAK 1374 BAK File 06-12-04 08:14:04 A
C:\WINDOWS\security\logs\scecomp.old 1458 OLD File 06-10-31 21:51:02 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\TMP3D.tmp 2224 TMP File 06-11-18 19:11:50 A
C:\WINDOWS\system32\CONFIG.TMP 2577 TMP File 01-08-30 04:30:00
C:\Documents and Settings\Courtnie\Incomplete\downloads.bak 4832 BAK File 06-12-12 21:23:18 A
C:\WINDOWS\REGLOCS.OLD 8192 OLD File 06-05-11 17:55:30 A
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk 8192 Recovered File Fragments 06-12-13 09:33:02 A
C:\WINDOWS\system32\CatRoot2\edb.chk 8192 Recovered File Fragments 06-12-12 19:21:32 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~WRS0000.tmp 15942 TMP File 06-12-09 11:02:20 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DF1DC4.tmp 16384 TMP File 06-12-11 14:06:58 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DF317D.tmp 16384 TMP File 06-12-08 09:44:20 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DF4C6B.tmp 16384 TMP File 06-11-07 18:38:20 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DF66E9.tmp 16384 TMP File 06-11-02 07:47:02 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DF781C.tmp 16384 TMP File 06-11-02 19:36:24 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DF958A.tmp 16384 TMP File 06-12-06 09:20:30 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DF95C8.tmp 16384 TMP File 06-12-08 11:54:20 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DF9772.tmp 16384 TMP File 06-12-04 08:21:54 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DF9A8D.tmp 16384 TMP File 06-11-10 20:03:00 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DFA233.tmp 16384 TMP File 06-11-28 08:20:14 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DFAC40.tmp 16384 TMP File 06-11-15 09:00:36 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DFC68C.tmp 16384 TMP File 06-12-12 19:20:04 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DFCE3A.tmp 16384 TMP File 06-12-03 20:39:40 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DFCF30.tmp 16384 TMP File 06-11-18 18:17:14 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DFD6A3.tmp 16384 TMP File 06-11-05 09:37:02 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DFE657.tmp 16384 TMP File 06-11-15 09:58:08 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DFF1FE.tmp 16384 TMP File 06-12-03 20:50:14 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~DFFA44.tmp 16384 TMP File 06-11-17 18:44:54 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~WRF0000.tmp 16384 TMP File 06-12-07 19:15:04 A
C:\WINDOWS\inf\mplayer2.bak 18755 BAK File 01-08-30 04:30:00 A
C:\WINDOWS\001220_.tmp 19274 TMP File 02-06-14 19:46:14 A
C:\WINDOWS\003560_.tmp 19528 TMP File 04-07-17 12:40:22 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~WRD0000.doc 27214 Microsoft Word Document 06-12-07 19:27:00 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~WRD0001.doc 30309 Microsoft Word Document 06-12-07 19:23:56 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~WRS0003.tmp 31380 TMP File 06-12-12 11:51:30 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~WRS0001.tmp 33280 TMP File 06-12-07 19:27:48 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\~WRS0002.tmp 56832 TMP File 06-12-07 19:26:18 A
C:\WINDOWS\msagent\SET40.tmp 57344 TMP File 06-10-12 08:02:52 A 2.00.0.3424 2.00.0.3424
C:\WINDOWS\system32\dllcache\SET44.tmp 57344 TMP File 06-10-12 08:02:52 A 2.00.0.3424 2.00.0.3424
C:\WINDOWS\Minidump\Mini070706-01.dmp 65536 DMP File 06-07-07 14:48:32 A
C:\WINDOWS\Minidump\Mini080206-01.dmp 65536 DMP File 06-08-02 21:58:28 A
C:\Program Files\WinBudget\bin\crap.1165527952.old 70424 OLD File 06-12-07 15:45:52 A
C:\WINDOWS\system32\SET42.tmp 115200 TMP File 06-10-16 04:21:48 5.1.2600.3016 (xpsp_sp2_gdr.061016-0148) 5.1.2600.3016
C:\WINDOWS\PCHEALTH\HELPCTR\Config\Cache\Personal_32_1033.dat.bak 142860 BAK File 06-10-16 07:48:22 A
C:\Documents and Settings\Courtnie\Local Settings\Temp\101D6D.dmp 186066 DMP File 06-11-01 21:16:06 A
C:\WINDOWS\system32\SET4D.tmp 332288 TMP File 06-08-17 06:28:28 A 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106) 5.1.2600.2976
C:\WINDOWS\system32\SET7.tmp 474112 TMP File 06-09-14 02:39:54 A 6.00.2900.2995 (xpsp_sp2_gdr.060913-0010) 6.00.2900.2995
C:\WINDOWS\system32\SET6.tmp 613888 TMP File 06-09-14 02:39:56 A 6.00.2900.2995 (xpsp_sp2_gdr.060913-0010) 6.00.2900.2995
C:\WINDOWS\system32\SET5.tmp 658944 TMP File 06-09-14 02:39:56 A 6.00.2900.2995 (xpsp_sp2_gdr.060913-0010) 6.00.2900.2995
C:\WINDOWS\system32\SETC.tmp 3054592 TMP File 06-09-14 02:39:52 A 6.00.2900.2995 (xpsp_sp2_gdr.060913-0010) 6.00.2900.2995
C:\WINDOWS\{00000002-00000000-00000001-00001102-00000004-00581102}.BAK 3207333 BAK File 06-09-06 18:55:46 A
C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\MshConf\sc12.bin.tmp 12760039 TMP File 06-10-31 21:56:36 A
  • 0

#14
MFDnSC

MFDnSC

    Banned

  • Banned
  • PipPipPipPip
  • 1,137 posts
DownLoad EasyCleaner http://www.majorgeek...ownload414.html

Use the clear files and Unnecessary files buttons – I do not recommend
using the Duplicates files button
as many dupes are there on purpose.

Not all files will delete – that is normal.

In the unnecessary button I check the top 4 entries
===============

Posat a new hijack log
  • 0

#15
misscoco

misscoco

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Logfile of HijackThis v1.99.1
Scan saved at 16:07, on 06-12-13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\psimsvc.exe
C:\WINDOWS\system32\PROMon.exe
C:\WINDOWS\GWMDMMSG.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Wireless LAN\WlanUtil.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\ToniArts\EasyCleaner\EasyClea.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
O2 - BHO: BhoApp Class - {0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2} - C:\Program Files\WinBudget\bin\matrix.dll
O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: IEEE 802.11g USB Wireless LAN Utility.lnk = C:\Program Files\Wireless LAN\WlanUtil.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll (file missing)
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1160690526031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1160690505921
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf...856/mcfscan.cab
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: PictureTaker - LANovation - C:\WINDOWS\System32\PCTKRNT.SYS
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Internet Security 2007\psimsvc.exe
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP