PC reboots its self - Sticky Followed

ceemo · 08-12-2009, 03:07 AM

DDS (Ver_09-07-30.01) - NTFSx86
Run by HOME at 9:40:40.42 on 12/08/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_11
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.44.1033.18.1534.546 [GMT 1:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

G:\Windows\system32\wininit.exe
G:\Windows\system32\lsm.exe
G:\Windows\system32\svchost.exe -k DcomLaunch
G:\Windows\system32\svchost.exe -k rpcss
G:\Windows\System32\svchost.exe -k secsvcs
G:\Windows\system32\svchost.exe -k NetworkService
G:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe
G:\Program Files\Panda Security\Panda Internet Security 2009\TPSrv.exe
G:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
G:\PROGRAM FILES\PANDA SECURITY\PANDA INTERNET SECURITY 2009\WebProxy.exe
G:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
G:\Windows\system32\svchost.exe -k netsvcs
G:\Windows\system32\SLsvc.exe
G:\Windows\system32\svchost.exe -k LocalService
G:\Windows\System32\spoolsv.exe
G:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
G:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
G:\Program Files\Bonjour\mDNSResponder.exe
G:\Windows\system32\svchost -k Panda
G:\Program Files\Kontiki\KService.exe
G:\Program Files\CDBurnerXP\NMSAccessU.exe
G:\Windows\system32\taskeng.exe
G:\Program Files\Panda Security\Panda Internet Security 2009\PsCtrls.exe
G:\Program Files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe
G:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
G:\Program Files\Panda Security\Panda Internet Security 2009\pavsrvx86.exe
G:\Program Files\Panda Security\Panda Internet Security 2009\AVENGINE.EXE
G:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
G:\Program Files\Panda Security\Panda Internet Security 2009\PsImSvc.exe
G:\Windows\system32\svchost.exe -k imgsvc
G:\Windows\System32\svchost.exe -k WerSvcGroup
G:\Windows\system32\SearchIndexer.exe
g:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE
G:\Windows\system32\taskeng.exe
G:\Windows\system32\Dwm.exe
G:\Windows\Explorer.EXE
G:\Program Files\Windows Defender\MSASCui.exe
G:\Program Files\Panda Security\Panda Internet Security 2009\ApVxdWin.exe
G:\Program Files\Java\jre6\bin\jusched.exe
G:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
G:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
G:\Program Files\Kontiki\KHost.exe
G:\Program Files\iTunes\iTunesHelper.exe
G:\Program Files\Windows Sidebar\sidebar.exe
G:\Program Files\Windows Live\Messenger\msnmsgr.exe
G:\Windows\ehome\ehtray.exe
G:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
G:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
G:\Program Files\Giganews Accelerator\GiganewsAccelerator.exe
G:\Program Files\myiHome\app\myiHome-server.exe
G:\Program Files\Windows Media Player\wmpnscfg.exe
G:\Program Files\Windows Media Player\wmpnetwk.exe
G:\Windows\ehome\ehmsas.exe
G:\Windows\system32\wbem\wmiprvse.exe
G:\Program Files\iPod\bin\iPodService.exe
G:\Program Files\Panda Security\Panda Internet Security 2009\SRVLOAD.EXE
G:\Program Files\Windows Live\Contacts\wlcomm.exe
G:\Program Files\Panda Security\Panda Internet Security 2009\PavBckPT.exe
G:\Program Files\PC Connectivity Solution\ServiceLayer.exe
G:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
G:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
G:\Windows\servicing\TrustedInstaller.exe
G:\Windows\system32\wuauclt.exe
G:\Program Files\Mozilla Firefox\firefox.exe
G:\Windows\system32\SearchProtocolHost.exe
G:\Windows\system32\SearchFilterHost.exe
G:\Users\HOME\Downloads\dds(2).scr
G:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: IsoBuster Toolbar: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - g:\program files\isobuster\tbIsoB.dll
mURLSearchHooks: IsoBuster Toolbar: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - g:\program files\isobuster\tbIsoB.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - g:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IsoBuster Toolbar: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - g:\program files\isobuster\tbIsoB.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - g:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - g:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - g:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - g:\program files\java\jre6\bin\jp2ssv.dll
TB: IsoBuster Toolbar: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - g:\program files\isobuster\tbIsoB.dll
uRun: [Sidebar] g:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [MsnMsgr] "g:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [ehTray.exe] g:\windows\ehome\ehTray.exe
uRun: [ISUSPM] "g:\programdata\macrovision\flexnet connect\6\ISUSPM.exe" -scheduler
uRun: [PC Suite Tray] "g:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
uRun: [kdx] g:\program files\kontiki\KHost.exe -all
uRun: [WMPNSCFG] g:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [APVXDWIN] "g:\program files\panda security\panda internet security 2009\APVXDWIN.EXE" /s
mRun: [SCANINICIO] "g:\program files\panda security\panda internet security 2009\Inicio.exe"
mRun: [SunJavaUpdateSched] "g:\program files\java\jre6\bin\jusched.exe"
mRun: [NeroFilterCheck] g:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [GrooveMonitor] "g:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [AppleSyncNotifier] g:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [Adobe Reader Speed Launcher] "g:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [4oD] "g:\program files\kontiki\KHost.exe" -all
mRun: [QuickTime Task] "g:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "g:\program files\itunes\iTunesHelper.exe"
mRunOnce: [AFixOldWscUnreg] g:\windows\temp\psppk2\HFSetup4.exe
StartupFolder: g:\progra~2\micros~1\windows\startm~1\programs\startup\gigane~1.lnk - g:\program files\giganews accelerator\GiganewsAccelerator.exe
StartupFolder: g:\progra~2\micros~1\windows\startm~1\programs\startup\myihom~1.lnk - g:\program files\myihome\app\myiHome-server.exe
StartupFolder: g:\progra~2\micros~1\windows\startm~1\programs\startup\neusto~1.lnk - g:\program files\neuston media centre\app\Neuston-server.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - g:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - g:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - g:\progra~1\mi1933~1\office12\REFIEBAR.DLL
DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} - hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - g:\program files\microsoft office\office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - g:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - g:\users\home\appdata\roaming\mozilla\firefox\profiles\id7cfcw4.default\
FF - component: g:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll
FF - HiddenExtension: Java Console: No Registry Reference - g:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - g:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R0 pavboot;Panda boot driver;g:\windows\system32\drivers\pavboot.sys [2008-11-24 28544]
R1 APPFLT;App Filter Plugin;g:\windows\system32\drivers\APPFLT.SYS [2008-11-24 73728]
R1 DSAFLT;DSA Filter Plugin;g:\windows\system32\drivers\dsaflt.sys [2008-11-24 52992]
R1 FNETMON;NetMon Filter Plugin;g:\windows\system32\drivers\fnetmon.sys [2008-11-24 22072]
R1 IDSFLT;Ids Filter Plugin;g:\windows\system32\drivers\idsflt.sys [2008-11-24 193792]
R1 NETFLTDI;Panda Net Driver [TDI Layer];g:\windows\system32\drivers\NETFLTDI.SYS [2008-11-24 158848]
R1 ShldDrv;Panda File Shield Driver;g:\windows\system32\drivers\ShlDrv51.sys [2008-11-24 41144]
R1 WNMFLT;Wifi Monitor Filter Plugin;g:\windows\system32\drivers\wnmflt.sys [2008-11-24 46720]
R2 AmFSM;AmFSM;g:\windows\system32\drivers\amm8660.sys [2008-11-24 49208]
R2 ComFiltr;Panda Anti-Dialer;g:\windows\system32\drivers\COMFiltr.sys [2008-11-24 13880]
R2 Gwmsrv;Panda Goodware Cache Manager;g:\windows\system32\svchost -k panda --> g:\windows\system32\svchost -k Panda [?]
R2 PavProc;Panda Process Protection Driver;g:\windows\system32\drivers\PavProc.sys [2008-11-24 179640]
R2 PskSvcRetail;Panda PSK service;g:\program files\panda security\panda internet security 2009\psksvc.exe [2008-11-24 28928]
R3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34;g:\windows\system32\drivers\neti1634.sys [2008-11-24 197888]
S3 getPlus(R) Helper;getPlus(R) Helper;g:\program files\nos\bin\getPlus_HelperSvc.exe [2008-12-1 33752]

============== File Associations ===============

JSEFile=g:\progra~1\pandas~1\pandai~1\PAVSCRIP.EXE "%1" %*
VBEFile=g:\progra~1\pandas~1\pandai~1\PAVSCRIP.EXE "%1" %*
VBSFile=g:\progra~1\pandas~1\pandai~1\PAVSCRIP.EXE "%1" %*

=============== Created Last 30 ================

2009-07-18 19:56 <DIR> --d----- g:\users\home\appdata\roaming\Ringtone Expressions
2009-07-18 19:54 <DIR> --d----- g:\program files\Ringtone Expressions
2009-07-18 17:01 <DIR> --d----- g:\program files\Blaze Media Pro
2009-07-18 17:00 <DIR> -cd-h--- g:\programdata\{5AC06A7F-E1C7-46A4-BA28-5A4B25F3BB23}
2009-07-18 17:00 <DIR> -cd-h--- g:\progra~2\{5AC06A7F-E1C7-46A4-BA28-5A4B25F3BB23}
2009-07-18 07:55 <DIR> --d----- g:\program files\iPod
2009-07-18 07:55 <DIR> --d----- g:\program files\iTunes

==================== Find3M ====================

2009-08-12 09:35 1,132 a------- g:\windows\system32\drivers\APPFLTR.CFG.bck
2009-08-12 09:35 1,132 a------- g:\windows\system32\drivers\APPFLTR.CFG
2009-08-10 19:04 299,292 a------- g:\windows\system32\drivers\APPFCONT.DAT.bck
2009-08-10 19:04 299,292 a------- g:\windows\system32\drivers\APPFCONT.DAT
2009-07-18 07:51 86,016 a------- g:\windows\inf\infstrng.dat
2009-07-18 07:51 86,016 a------- g:\windows\inf\infstor.dat
2009-07-18 07:51 51,200 a------- g:\windows\inf\infpub.dat
2009-07-09 12:16 2,060,288 a------- g:\windows\system32\usbaaplrc.dll
2009-07-09 12:16 39,424 a------- g:\windows\system32\drivers\usbaapl.sys
2008-11-24 19:00 665,600 a------- g:\windows\inf\drvindex.dat
2008-01-21 03:41 174 a--sh--- g:\program files\desktop.ini
2006-11-02 13:40 287,440 a------- g:\windows\inf\perflib\0409\perfi.dat
2006-11-02 13:40 287,440 a------- g:\windows\inf\perflib\0409\perfh.dat
2006-11-02 13:40 30,674 a------- g:\windows\inf\perflib\0409\perfd.dat
2006-11-02 13:40 30,674 a------- g:\windows\inf\perflib\0409\perfc.dat
2006-11-02 10:20 287,440 a------- g:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:20 287,440 a------- g:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:20 30,674 a------- g:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:20 30,674 a------- g:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 9:42:11.13 ===============

ceemo · 08-14-2009, 07:38 AM

Is anyone able to have a look at this?

08-14-2009, 07:38 AM	#2 (permalink)
ceemo Registered User Join Date: Nov 2004 Posts: 87 OS: XP	Re: PC reboots its self - Sticky Followed Is anyone able to have a look at this?