Panda Activescan has located malware on my PC

Start by deleting the below:
C:\WINDOWS\navpmc

And since Panda is not giving any useful information on where it is finding Definmedia, we can only guess where it is:

Copy the bold text below to notepad. Save it as fixDefin.reg to your desktop (yes overwrite the previous one). Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Let me know how things look now.

 

The log from Panda is still not helpful since it gives us no information on what it is finding or where.

Try going to the below link and running the Free Spyware Scan.

http://www.pestpatrol.com/prescan.htm

Try to save a log of what it finds and post it back here. Make sure to click Expand All .You save a log by highlighting the items in the scan windows and copying and pasting them into a notepad window. Save it to a file and attach it here.

Perhaps it will pickup some more details.

 

Well it did not find anything related to Delfin but it found some other items. And at least it provides information on where.

Do you or did you have Bearshare and eMule installed? Do you still use them?

If the below file exists on your PC, delete it:
c:\program files\video1\dialers\hot_tarts_au\hot_tarts_au.exe

 

First look in Add/Remove programs for Bearshare and eMule and uninstall them if found.



Copy the bold text below to notepad. Save it as fixGM.reg to your desktop (yes overwrite the previous one). Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Yes you can delete the previous fixDefin.reg patch you saved to your Desktop. It looks like we will not be able to fix that last item Panda is finding, but I would not worry about it. It is more than likely a harmless entry left dangling around.

 

Download the Registry Search Tool

Unzip to your Desktop and double click on regsrch.vbs
(if you have script protection, please allow this to run)

In the dialog that opens enter the following:

hot_tarts_au

Press 'OK'

The search will run for a while then alert you when it is finished. Press 'OK' and copy the contents of the WordPad window and post in this thread.

 

Copy the bold text below to notepad. Save it as fixMe.reg to your desktop (yes overwrite the previous one). Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Now rerun RegSrch to make sure no matches are found.

You can then delete fixGM.reg and fixMe.reg from your Desktop.

 

Don't know! It seems something on your PC is some how set for another language (Spanish I assume).

Basically you are clean other than the delfin item that we cannot do anything about. And as I said before it is not going to hurt you. You will just have to ignore it. Perhaps some other scanning tool would find it but that may not be worth the time or effort.

If you are not having any other malware problems, you should work thru the below link:

How to Protect yourself from malware!

 

You're welcome!

 

The last 5 things in your Panda log are from things you downloaded! Not problems!

The cookie....who cares! You had it before too.

DelfinMedia was in your registry before but we could not fix it since Panda says nothing about where it is.

The only new item in Panda of question is NaviPromo which it also gives no info about.

What have you been downloading and from where? Don't say nothing and from no where because you PestPatrol log shows signs of a P2P program being used too.

 

All software that MG's offers for download has been tested to make sure that it does not contain any bundled malware. How you use the software is not controlled by MGs. Just like Microsoft gives you Windows and Internet Explorer which in themsleves are free from malware, it is how they are used, where people surf, what they click on etc, that can lead to problems. So while MGs does have some P2P programs and torrent type download programs, the various sites that you can connect to in order to download have nothing to do with MGs or the program for that matter. Some sites can be reasonably safe while others could be full of garbage and things that you download may not even be what you expect. Just last week a friend of mine complained to me how many days he spent downloading over 4 Gb of data for a movie to find out that it was not what it was advertised to be. I just laughed at him bcause we had previously had security discussions about stuff like this.

As far as Azureus not working......I cannot help you since I do not use it. But you do need to configure it to use certain ports and they have to be permitted to pass thru your firewall. In the Software Forum you may be able to get help for that.

You can delete all the files manuallyy since you do not need them and you can delete the registry key too. Grokster often appears when software related to Kazaa has been installed.

 

Yes that is the registry key that needs to be deleted. If you are not comfortable with poking around in the registry, here is a simple patch :

Copy the bold text below to notepad. Save it as fixMe.reg to your desktop (yes overwrite the previous one). Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

 

You're log is clean! I assume we are finished?