infected with m658cap8

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

vaumatt

Thread Starter
Joined
Sep 19, 2007
Messages
2
StartupList report, 3/28/2008, 6:51:32 PM
StartupList version: 1.52.2
Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet

Security\pavsrv51.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet

Security\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet

Security\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Maxtor\Utils\SyncServices.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet

Security\PsCtrls.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet

Security\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet

Security\AntiSpam\pskmssvc.exe
c:\program files\panda software\panda platinum 2005 internet

security\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Platinum 2005 Internet

Security\psimsvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TightVNC\WinVNC.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet

Security\APVXDWIN.EXE
C:\Program Files\Compaq\EAB\EABSERVR.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\advanced system optimizer\memtuneup.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\Belkin\Cardbus F5D701F\Wireless

Utility\Belkinwcui.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\PrintKey2000\Printkey2000.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet

Security\SRVLOAD.EXE
C:\Program Files\Panda Software\Panda Platinum 2005 Internet

Security\WebProxy.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet

Security\PavBckPT.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
Belkin Wireless G Notebook Card Client Utility.lnk = ?
hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital

Imaging\bin\hpotdd01.exe
Printkey2000.lnk = C:\Program Files\PrintKey2000\Printkey2000.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

SCANINICIO = "C:\Program Files\Panda Software\Panda Platinum 2005

Internet Security\Inicio.exe"
APVXDWIN = "C:\Program Files\Panda Software\Panda Platinum 2005

Internet Security\APVXDWIN.EXE" /s
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe
eabconfg.cpl = C:\Program Files\Compaq\EAB\EABSERVR.EXE /Start
Adobe Reader Speed Launcher = "C:\Program Files\Adobe\Reader

8.0\Reader\Reader_sl.exe"
QuickTime Task = "C:\Program Files\QuickTime\QTTask.exe" -atboottime
WinVNC = "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
SunJavaUpdateSched = "C:\Program

Files\Java\jre1.6.0_05\bin\jusched.exe"

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

PANDA ANTISPAM SERVER SERVICE = "C:\Program Files\Panda Software\Panda

Platinum 2005 Internet Security\PasSrv.exe"

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
Systweak Memory Optimizer = c:\program files\advanced system

optimizer\memtuneup.exe
SpybotSD TeaTimer = C:\Program Files\Spybot - Search &

Destroy\TeaTimer.exe
RoboForm = "C:\Program Files\Siber Systems\AI

RoboForm\RoboTaskBarIcon.exe"
PC Suite Tray = "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe"

-onlytray

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll -

{53707962-6F74-2D53-2644-206D7942484F}
(no name) - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll -

{724d43a9-0d85-11d4-9908-00400523e39a}
(no name) - C:\Program Files\Microsoft

Office\Office12\GrooveShellExtensions.dll -

{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
(no name) - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll -

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - (no file) - {7E853D72-626A-48EC-A868-BA8D5E23E045}
(no name) - C:\Program Files\Common Files\Microsoft Shared\Windows

Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
(no name) - C:\Program Files\Windows Live Toolbar\msntb.dll -

{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}

--------------------------------------------------

Enumerating Task Scheduler jobs:

AppleSoftwareUpdate.job
Basic clean-up.job
Check Updates for Windows Live Toolbar.job
FRU Task #Hewlett-Packard#hp officejet 6100 series#1191707269.job

--------------------------------------------------

Enumerating Download Program Files:

[vzTCPConfig]
CODEBASE =

http://www2.verizon.net/help/dsl_settings/include/vzTCPConfig.CAB
OSD = C:\WINDOWS\Downloaded Program Files\OSD22.OSD

[Support.com Configuration Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\tgctlcm.dll
CODEBASE =

https://activatemydsl.verizon.net/sdcCommon/download/DSL/tgctlcm.cab

[Windows Genuine Advantage Validation Tool]
InProcServer32 = C:\WINDOWS\system32\LegitCheckControl.DLL
CODEBASE = http://go.microsoft.com/fwlink/?linkid=39204

[YInstStarter Class]
InProcServer32 = C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll
CODEBASE = C:\Program Files\Yahoo!\Common\yinsthelper.dll

[PictureItLauncher Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\DigWebX2.dll
CODEBASE =

http://photos.msn.com/resources/neutral/controls/DigWebX2.cab

[WUWebControl Class]
InProcServer32 = C:\WINDOWS\system32\wuweb.dll
CODEBASE =

http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/

wuweb_site.cab?1173587992130

[ExentInf Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\ExentCtl.ocx

[NanoInstaller Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\NanoInst.dll
CODEBASE = http://www.nanoscan.com/cabs/nanoinst.cab

[ActiveScan Installer Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll
CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\Program Files\Panda Software\Panda

Platinum 2005 Internet Security\Downloads\ProtInfo\Prevent.sig


--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll
WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll

--------------------------------------------------
End of report, 9,522 bytes
Report generated in 0.100 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of

platform
/history - to list version history only
PLease help get rid of this annoyance
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top