Hello,

my computer has gone berserk since last weekend. Popups keep coming out in IE (recently in Mozilla too, which is the browser I always use).
At times a window saying that the page I'm offline and I can't access IE (I'm not trying to do so, I don't use IE), then if I click keep disconnected a pop up comes out, or more and more windows start coming up (47, 48 and growing- have to restart the computer for it to stop).

I have an antivirus: Panda Global Protection 2008, I've downloaded AdAware, but neither seem able to solve the problem.

I had to reinstall my antivirus a few days ago because it became disactivaded (along with Windows Security) and there was no way of reactiviting (windows security is still not working.)


I've run the Hijackthis scan... I hope someone can help me, please. Thanks:)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:29:39, on 21/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Panda Security\Panda Global Protection 2009\TPSrv.exe
C:\ARCHIVOS DE PROGRAMA\PANDA SECURITY\PANDA GLOBAL PROTECTION 2009\WebProxy.exe
C:\Archivos de programa\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\gearsec.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Archivos de programa\Panda Security\Panda Global Protection 2009\PsCtrls.exe
C:\Archivos de programa\Panda Security\Panda Global Protection 2009\PavFnSvr.exe
C:\Archivos de programa\Archivos comunes\Panda Security\PavShld\pavprsrv.exe
C:\Archivos de programa\Panda Security\Panda Global Protection 2009\PsImSvc.exe
C:\Archivos de programa\Panda Security\Panda Global Protection 2009\PskSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Archivos de programa\Panda Security\Panda Global Protection 2009\pavsrv51.exe
C:\Archivos de programa\Panda Security\Panda Global Protection 2009\AVENGINE.EXE
C:\WINDOWS\Explorer.EXE
c:\archivos de programa\panda security\panda global protection 2009\firewall\PSHOST.EXE
C:\Archivos de programa\Panda Security\Panda Global Protection 2009\ApvxdWin.exe
C:\Archivos de programa\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Archivos de programa\iTunes\iTunesHelper.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Archivos de programa\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Archivos de programa\Telefonica\Kit ADSL USB\DSLMON.exe
C:\Archivos de programa\iPod\bin\iPodService.exe
C:\Archivos de programa\FinePixViewerS\QuickDCF2.exe
C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\Archivos de programa\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
C:\Archivos de programa\Panda Security\Panda Global Protection 2009\SRVLOAD.EXE
C:\Archivos de programa\Panda Security\Panda Global Protection 2009\PavBckPT.exe
C:\Archivos de programa\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
C:\Archivos de programa\WinRAR\WinRAR.exe
C:\DOCUME~1\PROPIE~1\CONFIG~1\Temp\Rar$EX87.578\Hi jackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP United States - Computers, Laptops, Servers, Printers and more (http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HP United States - Computers, Laptops, Servers, Printers and more (http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = HP United States - Computers, Laptops, Servers, Printers and more (http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = HP United States - Computers, Laptops, Servers, Printers and more (http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP United States - Computers, Laptops, Servers, Printers and more (http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop)
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O4 - HKLM\.. \Run: [SunJavaUpdateSched] C:\Archivos de programa\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\.. \Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\.. \Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\.. \Run: [iTunesHelper] C:\Archivos de programa\iTunes\iTunesHelper.exe
O4 - HKLM\.. \Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\.. \Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\.. \Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\.. \Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\.. \Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\.. \Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\.. \Run: [UpdateManager] "c:\Archivos de programa\Archivos comunes\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\.. \Run: [AgenteADSL_15] C:\Archivos de programa\Telefonica\KitAIM\AimExDll.exe AimGestA.dll 4
O4 - HKLM\.. \Run: [HP Software Update] C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\.. \Run: [Adobe Reader Speed Launcher] "C:\Archivos de programa\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\.. \Run: [APVXDWIN] "C:\Archivos de programa\Panda Security\Panda Global Protection 2009\APVXDWIN.EXE" /s
O4 - HKLM\.. \Run: [SCANINICIO] "C:\Archivos de programa\Panda Security\Panda Global Protection 2009\Inicio.exe"
O4 - HKLM\.. \Run: [742a6c25] rundll32.exe "C:\WINDOWS\system32\odyolsmw.dll",b
O4 - HKCU\.. \Run: [FreeRAM XP] "C:\Archivos de programa\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKUS\S-1-5-19\.. \Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\.. \Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Servicio de red')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Consola KIT ADSL.lnk = C:\Archivos de programa\Telefonica\Kit ADSL USB\DSLMON.exe
O4 - Global Startup: Exif Launcher S.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O4 - Global Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:\Archivos de programa\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Portafolios de HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Archivos de programa\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Selección inteligente de HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Archivos de programa\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\.. \{04D951B1-D41D-49B3-A93F-9EEC069FE061}: NameServer = 80.58.61.250 80.58.61.254
O17 - HKLM\System\CS1\Services\Tcpip\.. \{04D951B1-D41D-49B3-A93F-9EEC069FE061}: NameServer = 80.58.61.250 80.58.61.254
O20 - AppInit_DLLs: spxtna.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Archivos de programa\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Servicio de seguridad Gear (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: Servicio del iPod (iPodService) - Apple Computer, Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Archivos de programa\Panda Security\Panda Global Protection 2009\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Archivos de programa\Panda Security\Panda Global Protection 2009\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Archivos de programa\Archivos comunes\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Archivos de programa\Panda Security\Panda Global Protection 2009\pavsrv51.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\archivos de programa\panda security\panda global protection 2009\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Archivos de programa\Panda Security\Panda Global Protection 2009\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Archivos de programa\Panda Security\Panda Global Protection 2009\PskSvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Archivos de programa\Panda Security\Panda Global Protection 2009\TPSrv.exe

I see that you didn't install the Windows Service Pak 3 yet. Don't know if that would help out your problem or not. There seems to be several of the Windows updates that you haven't installed either. There were a lot of security updates recently on Windows.

Using Internet Explorer, go to:

http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym

Click the GO button, then under Virus Detection, click Start. You might be told that you need to download and install ActiveX Controls for the scan to work, answer Yes.

Write down exactly anything it finds, then go to: : (http://www.symantec.com/search/) and do a search for what was found. Symantec usually has a removal tool and/or directions for removing manually. Make sure that you follow the instructions for removal, step by step, especially the part regarding disabling System Restore.

As twinkiedooter mentioned, you really should download SP3.

I have had this happen, so I switched from norton ,which kept allowing viruses through to avast pro and I have had no problems since, if you don't want to pay the free version of avast does a good job

Cheers
John

i have had this happen, so i switched from norton ,which kept allowing viruses through to avast pro and i have had no problems since, if you dont want to pay the free version of avast does a good job

cheers
john

Sorry to hear you had a problem with Norton AntiVirus, by any chance was the automatic LiveUpdate disabled, either by mistake or a virus? Did you run a scan once a week?

Try installing Spybot from:

Spybot - Search & Destroy - Free software downloads and reviews - CNET Download.com (http://www.download.com/Spybot-Search-amp-Destroy/3000-8022_4-10122137.html)

Check for updates before running any scan. As a free program, it will not automatically update itself.

AVG na d AVAST are the two top free anti-virus programs available. Like any other AV program, they need to be kept up to date and rn a scan once a week.