Parsed logs from users, sent by RegFreeze
You can view your log here, or get the information about malware entries, marked in parsed logs.
Scan your PC for FREE!
Log from p...de@tele2.fr, Aug 23, 2006 11:13:32
Lines, marked with red background, contains the bad entries and should be fixed.
Sponsored links
| ||
|
Platform: Microsoft Windows XP Personal Service Pack 2 (Build 2600)
MSIE: Internet Explorer 6.0.2900.2180
Running processes:
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RegFreeze\regfreeze.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\PROGRA~1\Grisoft\AVG7\avgw.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2.fr/startpage/adsl/fr/
IE: HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,(default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,provider = gogl
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE: HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
Toolbar: (no name) - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - (no file)
Toolbar: (no name) - {9404901D-06DA-4B23-A0EE-3EA4F64EC9B3} - (no file)
Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
Toolbar: (no name) - {FE54FA40-D68C-11D2-98FA-00C0F0318AFE} - (no file)
Extra button: CmdMapping - (no file)
Extra button: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
MSIE: Internet Explorer 6.0.2900.2180
Running processes:
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RegFreeze\regfreeze.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\PROGRA~1\Grisoft\AVG7\avgw.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2.fr/startpage/adsl/fr/
IE: HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,(default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,provider = gogl
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE: HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
Toolbar: (no name) - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - (no file)
Toolbar: (no name) - {9404901D-06DA-4B23-A0EE-3EA4F64EC9B3} - (no file)
Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
Toolbar: (no name) - {FE54FA40-D68C-11D2-98FA-00C0F0318AFE} - (no file)
Extra button: CmdMapping - (no file)
Extra button: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNfox000
Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
Resume of bad entries:
Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNfox000
Sponsored links
| ||
|