To pardon but not ingles much. This translated by google. The question is that I have in beginning this: HK_LM:Run PCDrProfiler and nobody can say to me that it is.
To pardon but not ingles much. This translated by google. The question is that I have in beginning this: HK_LM:Run PCDrProfiler and nobody can say to me that it is.
Hello srxo1978.
Where are you seeing HK_LM:Run PCDrProfiler; in Spybot-S&D after a scan?
What is your operating system please and which security programs do you have installed.
Please open Spybot>Help>About
Let us know the version and latest detection update.
Cheers.
Microsoft MVP Reconnect 2018-
Windows Insider MVP 2016-2018
Microsoft Consumer Security MVP 2006-2016
Hello. This in beginning of system, the option that teneis in advanced. HK_LM:Run PCDrProfiler
the version of the program yours is the 1,4 and it completes update is of the 02/12/2005
Hi.
We should see a log so that we can try to get to the bottom of this.What is your operating system please and which security programs do you have installed.
Please go here and follow instructions.
Before you post a log
Start a topic here:
Malware Forum
Microsoft MVP Reconnect 2018-
Windows Insider MVP 2016-2018
Microsoft Consumer Security MVP 2006-2016
Hi
System operating system is XP home
Security Programs is Bitdefender Internet Security
Lavasoft Adware
Spybot
It is a capture of which I say, in case it serves to you.
Logfile of HijackThis v1.99.1
Scan saved at 0:24:19, on 07/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Archivos comunes\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Archivos comunes\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\archiv~1\softwin\bitdef~1\bdswitch.exe
C:\Archivos de programa\Softwin\BitDefender9\bdoesrv.exe
C:\archiv~1\softwin\bitdef~1\bdnagent.exe
C:\HP\KBD\KBD.EXE
C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe
C:\Archivos de programa\Jazztel\Jazztel ADSL USB\dslmon.exe
C:\emule\emule.exe
C:\Archivos de programa\Archivos comunes\Softwin\BitDefender Update Service\livesrv.exe
C:\Archivos de programa\Archivos comunes\Softwin\BitDefender Scan Server\bdss.exe
C:\Archivos de programa\Softwin\BitDefender9\vsserv.exe
c:\archiv~1\softwin\bitdef~1\bdmcon.exe
C:\ARCHIVOS DE PROGRAMA\MOZILLA THUNDERBIRD\THUNDERBIRD.EXE
C:\ARCHIV~1\MOZILL~2\FIREFOX.EXE
C:\Documents and Settings\HP_Propietario\Escritorio\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://70.86.190.202/~spsnews/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\archiv~1\softwin\bitdef~1\bdswitch.exe"
O4 - HKLM\..\Run: [BDMCon] c:\archiv~1\softwin\bitdef~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Archivos de programa\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "c:\archiv~1\softwin\bitdef~1\bdnagent.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Descargar con Free Download Manager - file://C:\Archivos de programa\Free Download Manager\dllink.htm
O8 - Extra context menu item: Descargar seleccionados con Free Download Manager - file://C:\Archivos de programa\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Descargar sitio web con Free Download Manager - file://C:\Archivos de programa\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Descargar todo con Free Download Manager - file://C:\Archivos de programa\Free Download Manager\dlall.htm
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Ayuda para la conexión - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Ayuda para la conexión - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{4887B444-E5AA-4449-B314-ED2C13E1710F}: NameServer = 62.14.63.145,62.14.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{8E2E31D4-B803-405F-A1E4-EF59E8873279}: NameServer = 62.14.63.145 62.14.2.1
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Archivos de programa\Archivos comunes\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Archivos de programa\Archivos comunes\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Archivos de programa\Archivos comunes\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Archivos de programa\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Archivos de programa\Archivos comunes\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Disable it in spybot startups looks like you know how to do that
I really don't think it is any thing you need.
Please download Ewido Security Suite it is a trial version of the program.You will need to update ewido to the latest definition files.
- Install ewido security suite
- Launch ewido, there should be an icon on your desktop double-click it.
- The program will now go to the main screen
The update will start and a progress bar will show the updates being installed.
- On the left hand side of the main screen click update
- Then click on Start Update
If you are having problems with the updater, you can use this link to manually update Ewido.
Ewido manual updates
Once the updates are installed do the following:Now close ewido security suite.
- Click on scanner
- Click on Complete System Scan and the scan will begin.
- NOTE: During some scans with ewido it is finding cases of false positives.**
- You will need to step through the process of cleaning files one-by-one.
- If ewido detects a file you KNOW to be legitimate, select none as the action.
- DO NOT select "Perform action on all infections"
- If you are unsure of any entry found select none for now.
- Once the scan has completed, there will be a button located on the bottom of the screen named Save report
- Click Save report.
- Save the report .txt file to your desktop.
**(Ewido for example has been flagging parts of AVG Anti-Virus, pcAnywhere and the game "Risk") Post a log from the scan please.
Hello Sight I leave log you that to I throw Complete Scan. By the way conoceis program PC doctor? I believe that it is of, since I have contacted with HP and dirian (What not me an assured) that he is of PC doctor
---------------------------------------------------------
ewido security suite - Report de exploración
---------------------------------------------------------
+ Creado en: 9:19:31, 07/12/2005
+ Report-Checksum: 576356C9
+ Scan result:
:mozilla.95:C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\4ivz5k5y.default\cookies.txt -> Spyware.Cookie.Statcounter : Limpio con backup
:mozilla.96:C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\4ivz5k5y.default\cookies.txt -> Spyware.Cookie.Statcounter : Limpio con backup
:mozilla.98:C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\4ivz5k5y.default\cookies.txt -> Spyware.Cookie.Masterstats : Limpio con backup
:mozilla.99:C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\4ivz5k5y.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpio con backup
:mozilla.100:C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\4ivz5k5y.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpio con backup
:mozilla.101:C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\4ivz5k5y.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpio con backup
:mozilla.102:C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\4ivz5k5y.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpio con backup
::Fin Report
What language do you speek ?
Hi
SPanishWhat language do you speek ?
Hello.
I have pmed a helper who speaks Spanish and asked him please to take a look at your topic and assist you.
Microsoft MVP Reconnect 2018-
Windows Insider MVP 2016-2018
Microsoft Consumer Security MVP 2006-2016