Strange Behaviour
-
Strange Behaviour
Hi all,
i have a strange problem (for me) for a couple of days now. The one is i cant stop panda services even as admin but i guess i can rid of it by uninstalling it manually. The other is that when i minimize a window it minimizes in the desktop and not in the taskbar. (like old windows did..). In addition some times during shutdown pop ups a Centinel VxD cant terminate window. I ve checked with Ad aware, spybot s&d, trend micro online scan. Also the hijack logfile looks ok to me. But i have no much experience on analyzing such logs..
Any suggestions?
thanks in advance,
Cheers
// Here is the hijack this log
// -----------------------------
Logfile of HijackThis v1.99.1
Scan saved at 3:49:13 μμ, on 27/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\WebProxy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\MAFWTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\DynDNS Updater\DynDNS.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Downz\hijackthis\HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [MAFWTaskbarApp] C:\WINDOWS\System32\MAFWTray.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [DynDNS Updater] "C:\Program Files\DynDNS Updater\DynDNS.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: + &Download Express: download this file - C:\Program Files\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O15 - Trusted Zone: http://*.windowsupdate.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1154283504328
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1156079030218
O17 - HKLM\System\CCS\Services\Tcpip\..\{3220F67F-FBD6-4BAA-A442-69A575F69EF6}: NameServer = 195.170.0.2,195.170.2.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: GFI LANguard N.S.S. Scheduled Scans Service (lnss_sscans) - GFI Software Ltd. - C:\Program Files\GFI\LANguard Network Security Scanner 3\sscansvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software - c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PsImSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
-
i fresh installed windows (sp1) and when i installed sp2 then this (the minimize thing) started again.
What the $@(?
-
Welcome,
I don't really know what to tell you but we can do some scans and see if something turns up but may not be a malware problem. Log looks ok.
Download and install
Ewido anti-spyware
4.0 (uninstall any previous version first).- Click the Download BUTTON. On the next page click the
Download now BUTTON. - Save and then install (Run) from the save location.
- Open/Run ewido anti-spyware
- Wait a few moments and Ewido should Auto update itself (note date of last
update). If it doesn't update, click the update ICON at top of
screen:
- Click on the Update now LINK at the top of the window
- Click on the Start update button
- Wait for the update to download and install
- This is very important to get the LATEST
updates
- Click on the Status ICON
- Under "Your computers Security"
Click change status on Resident shield to inactive
(ONLY consider activation of that feature once you are
clean)
- Click on the Scanner ICON at the top of the window
- Click on the Settings tab then select Recommended Actions
and choose Quarantine
Close ALL open Windows / Programs / Folders. Please start
Ewido, and run a full scan:
- Click on the default Status ICON and select
the Scan now LINK.
OR
- Click on the Scanner ICON . Select the Scan
TAB.
- Select Complete System Scan. Ewido will now begin to scan your
system.
- If Ewido finds anything it will list them in the Preview WINDOW:
- Make sure that Set all elements to: shows
Quarantine, if not click on the link and choose
Quarantine from the popup menu. - Select Apply all actions at the bottom of the window (and the
items found will be quarantined - and recoverable, if any items are needed
back).
- When the scan has completed, click on the Save Scan Report button
and save the scan to your Desktop where it can be easily found. - Copy and paste the EWIDO scan results into your next
post. - Close Ewido.
Download Silent runners.Vbs post the log it creates please
http://www.silentrunners.org/sr_scriptuse.html click yes to the suplimentry searchs
Wait until there is a All Done message !!, Then open and post the log next to it.
Your antivirus script protection might interfear or alert, please allow it to run after a bit box will say done.
-
First of all, tnx for your reply. I dont think its a malware issue, because it does the same thing after a fresh install with nothing but the drivers. (and only after the SP2 installation).
I dunno.. 
-
I would take it to a local shop and let them worry with it.
Newbie
