1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

help with results from panda scan

Discussion in 'Windows XP' started by taurus35, Sep 27, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. taurus35

    taurus35 Thread Starter

    Joined:
    Aug 15, 2007
    Messages:
    14
    I did my scan and came up with this i have no idea what to do next Can you please help? Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearchWB\bar\1.bin\W6WBTEMP.DLL
    Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearchWB\bar\1.bin\W6BAR.DLL
    Potentially unwanted tool:Application/MyWay Not disinfected C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.atdmt.com/]
    Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.advertising.com/]
    Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.doubleclick.net/]
    Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.statse.webtrendslive.com/]
    Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.www.myaffiliateprogram.com/]
    Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.zedo.com/]
    Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.tribalfusion.com/]
    Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.perf.overture.com/]
    Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.overture.com/]
    Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.clickbank.net/]
    Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.com.com/]
    Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.2o7.net/]
    Spyware:Cookie/7search Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.7search.com/]
    Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.adrevolver.com/]
    Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.bluestreak.com/]
    Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.ads.pointroll.com/]
    Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.phg.hitbox.com/]
    Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.questionmarket.com/]
    Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.ad.yieldmanager.com/]
    Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Len Steinle\Application Data\Mozilla\Firefox\Profiles\5vijmdkt.default\cookies.txt[.mediaplex.com/]
    Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][2].txt
    Spyware:Cookie/7search Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][2].txt
    Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][2].txt
    Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][3].txt
    Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][1].txt
    Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][2].txt
    Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][3].txt
    Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][1].txt
    Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][1].txt
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][1].txt
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][3].txt
    Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][1].txt
    Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][1].txt
    Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][1].txt
    Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][2].txt
    Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][3].txt
    Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][2].txt
    Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][1].txt
    Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][3].txt
    Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][1].txt
    Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][1].txt
    Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][1].txt
    Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][2].txt
    Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][1].txt
    Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][2].txt
    Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Len Steinle\Cookies\len [email protected][2].txt
    Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[.doubleclick.net/]
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[.atdmt.com/]
    Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[.advertising.com/]
    Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[.ads.pointroll.com/]
    Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[ad.yieldmanager.com/]
    Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[.mediaplex.com/]
    Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[.statcounter.com/]
    Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[.com.com/]
    Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[.2o7.net/]
    Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[.atwola.com/]
    Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[.2o7.net/]
    Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[.questionmarket.com/]
    Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[.overture.com/]
    Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[.perf.overture.com/]
    Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[.overture.com/]
    Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[.zedo.com/]
    Spyware:Cookie/NewMedia Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[.anm.co.uk/]
    Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Terri McCulloch\Application Data\Mozilla\Firefox\Profiles\5t30noud.default\cookies.txt[.adrevolver.com/]
    Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Terri McCulloch\Cookies\terri [email protected][1].txt
    Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Terri McCulloch\Cookies\terri [email protected][2].txt
    Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Terri McCulloch\Cookies\terri [email protected][1].txt
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Terri McCulloch\Cookies\terri [email protected][2].txt
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Terri McCulloch\Cookies\terri [email protected][3].txt
    Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Terri McCulloch\Cookies\terri [email protected][1].txt
    Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Terri McCulloch\Cookies\terri [email protected][1].txt
    Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Terri McCulloch\Cookies\terri [email protected][2].txt
    Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Terri McCulloch\Cookies\terri [email protected][3].txt
    Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Terri McCulloch\Cookies\terri [email protected][1].txt
    Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Terri McCulloch\Cookies\terri [email protected][2].txt
    Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearchWB\bar\1.bin\NPMYSRWB.DLL
    Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearchWB\bar\1.bin\W6PLUGIN.DLL
     
  2. stantley

    stantley

    Joined:
    May 22, 2005
    Messages:
    7,091
    Go to this site http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php?page=download.

    Click on 'Download HijackThis Installer'.

    *Save HJTInstall.exe to your desktop, or to the location where you normally download.
    *Doubleclick on HJTInstall.exe.
    *Click on Install.
    *By default it will install to C:\Program Files\Trend Micro\HijackThis.
    *Once installed, it will launch Hijackthis.
    *Click on the 'Do a system scan and save a logfile button'. It will scan and the log will open in notepad.
    *Click Save to save the log file.
    *Click on 'Edit > Select All' then click on 'Edit > Copy' (or Ctrl-C) to copy the entire contents of the log.
    *Come back to this thread and Paste (or Ctrl-V) the log in your next reply.

    *DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
     
  3. taurus35

    taurus35 Thread Starter

    Joined:
    Aug 15, 2007
    Messages:
    14
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:34:47 AM, on 9/27/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
    C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\Program Files\Dell\Media Experience\PCMService.exe
    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe
    C:\Program Files\Dell Photo AIO Printer 942\memcard.exe
    C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe
    C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    C:\Program Files\Dell Support\DSAgnt.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\AIM6\aim6.exe
    C:\Program Files\AWS\WeatherBug\Weather.exe
    C:\Program Files\AIM6\aolsoftware.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com/search/de_srchlft.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
    O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: My Web Search Bar BHO - {8EAB99C1-F9EC-4b64-A4BA-D9BCAE8779C2} - C:\Program Files\MyWebSearchWB\bar\1.bin\W6BAR.DLL
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
    O3 - Toolbar: WeatherBug Browser Bar - powered by MyWebSearch - {8EAB99C9-F9EC-4b64-A4BA-D9BCAE8779C2} - C:\Program Files\MyWebSearchWB\bar\1.bin\W6BAR.DLL
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
    O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r
    O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [QAGENT] C:\Program Files\QUICKENW\QAGENT.EXE
    O4 - HKLM\..\Run: [Dell Photo AIO Printer 942] "C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe"
    O4 - HKLM\..\Run: [DellMCM] "C:\Program Files\Dell Photo AIO Printer 942\memcard.exe"
    O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
    O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-21-3181531977-1623402734-3692280638-1006\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup (User 'Len Steinle')
    O4 - HKUS\S-1-5-21-3181531977-1623402734-3692280638-1006\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User 'Len Steinle')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework/control/en-US/activex/TmHcmsX.CAB
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://liveops.webex.com/client/T23L/webex/ieatgpc.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{DD9AA729-DF4B-450A-A9EC-B01C0907A0E5}: NameServer = 24.225.5.2 24.225.0.1
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: dlbu_device - Dell - C:\WINDOWS\system32\dlbucoms.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

    --
    End of file - 10613 bytes
     
  4. taurus35

    taurus35 Thread Starter

    Joined:
    Aug 15, 2007
    Messages:
    14
    So is this good or bad?If it's bad what do I do now?
     
  5. stantley

    stantley

    Joined:
    May 22, 2005
    Messages:
    7,091
    There are a few things that should be cleaned up. A malware expert (someone with a gold shield next to their name) will help out from here on out. It might take a little before they get to you (they're pretty busy) so keep checking back.
     
  6. taurus35

    taurus35 Thread Starter

    Joined:
    Aug 15, 2007
    Messages:
    14
    BUMP,Can you help me??? My computer runs froggy sometimes and I think this maybe the cause!!! Thank You in advance :)
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/629957

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice