Parsed logs from users, sent by RegFreeze
You can view your log here, or get the information about malware entries, marked in parsed logs.
Scan your PC for FREE!
Log from C...se@t-online.de, Aug 23, 2006 11:22:40
Lines, marked with red background, contains the bad entries and should be fixed.
Sponsored links
| ||
|
Platform: Microsoft Windows XP Personal (Build 2600)
MSIE: Internet Explorer 6.0.2600.0000
Running processes:
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\Explorer.EXE
C:\WINDOWS.0\system32\spoolsv.exe
C:\WINDOWS.0\System32\khooker.exe
C:\Programme\HP\HP Software Update\HPWuSchd2.exe
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\T-Online\ISDNSP~1\Tomcat.exe
C:\WINDOWS.0\System32\ctfmon.exe
C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE
C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programme\FRITZ!\IWatch.exe
C:\Programme\RegFreeze\regfreeze.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\Programme\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Programme\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS.0\System32\tcpsvcs.exe
C:\WINDOWS.0\system32\slserv.exe
C:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS.0\System32\snmp.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS.0\System32\svchost.exe
C:\Programme\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\PROGRA~1\T-Online\T-ONLI~1\Notifier\Notifier.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\sc_watch.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\kernel.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\sc_watch.exe
C:\Programme\RegFreeze\regfreeze.exe
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS.0\System32\blank.htm
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsoft.com/search/lobby/search.asp
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.t-online.de/
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,(default) = http://home.microsoft.com/access/autosearch.asp?p=%s
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.t-online.de
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE: HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\programme\adobe\Reader\ActiveX\AcroIEHelper.ocx
Extra button: CmdMapping - (no file)
HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS.0\System32\ctfmon.exe
HKCU\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE /nosplash
HKLM\..\Run: [SiS KHooker] C:\WINDOWS.0\System32\khooker.exe
HKLM\..\Run: [SiSUSBRG] C:\WINDOWS.0\sisUSBrg.exe
HKLM\..\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe
HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
HKLM\..\Run: [ISDN SpeedManager] "C:\PROGRA~1\T-Online\ISDNSP~1\Tomcat.exe"
Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
URLSearchHook: Microsoft Url Sucheingriff - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
MSIE: Internet Explorer 6.0.2600.0000
Running processes:
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\Explorer.EXE
C:\WINDOWS.0\system32\spoolsv.exe
C:\WINDOWS.0\System32\khooker.exe
C:\Programme\HP\HP Software Update\HPWuSchd2.exe
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\T-Online\ISDNSP~1\Tomcat.exe
C:\WINDOWS.0\System32\ctfmon.exe
C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE
C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programme\FRITZ!\IWatch.exe
C:\Programme\RegFreeze\regfreeze.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\Programme\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Programme\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS.0\System32\tcpsvcs.exe
C:\WINDOWS.0\system32\slserv.exe
C:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS.0\System32\snmp.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS.0\System32\svchost.exe
C:\Programme\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\PROGRA~1\T-Online\T-ONLI~1\Notifier\Notifier.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\sc_watch.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\kernel.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\sc_watch.exe
C:\Programme\RegFreeze\regfreeze.exe
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS.0\System32\blank.htm
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsoft.com/search/lobby/search.asp
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.t-online.de/
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,(default) = http://home.microsoft.com/access/autosearch.asp?p=%s
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.t-online.de
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE: HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
BHO: (no name) - {00DBDAC8-4691-4797-8E6A-7C6AB89BC441} - C:\WINDOWS.0\system32\qomli.dll
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\programme\adobe\Reader\ActiveX\AcroIEHelper.ocx
BHO: (no name) - {12FC9A49-CFE0-49AA-BE9E-8F4EEAFC9443} - (no file)
Extra button: CmdMapping - (no file)
HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS.0\System32\ctfmon.exe
HKCU\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE /nosplash
HKLM\..\Run: [SiS KHooker] C:\WINDOWS.0\System32\khooker.exe
HKLM\..\Run: [SiSUSBRG] C:\WINDOWS.0\sisUSBrg.exe
HKLM\..\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe
HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
HKLM\..\Run: [ISDN SpeedManager] "C:\PROGRA~1\T-Online\ISDNSP~1\Tomcat.exe"
Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
URLSearchHook: Microsoft Url Sucheingriff - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
Resume of bad entries:
BHO: (no name) - {00DBDAC8-4691-4797-8E6A-7C6AB89BC441} - C:\WINDOWS.0\system32\qomli.dll
BHO: (no name) - {12FC9A49-CFE0-49AA-BE9E-8F4EEAFC9443} - (no file)
BHO: (no name) - {12FC9A49-CFE0-49AA-BE9E-8F4EEAFC9443} - (no file)
Sponsored links
| ||
|