Parsed logs from users, sent by RegFreeze
You can view your log here, or get the information about malware entries, marked in parsed logs.
Scan your PC for FREE!
Log from b...74@hotmail.com, Aug 23, 2006 13:21:44
Lines, marked with red background, contains the bad entries and should be fixed.
Sponsored links
| ||
|
Platform: Microsoft Windows XP Personal Service Pack 2 (Build 2600)
MSIE: Internet Explorer 6.0.2900.2180
Running processes:
\SystemRoot\System32\smss.exe
\??\F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
F:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
F:\Program Files\Norton Internet Security\ISSVC.exe
F:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
F:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
F:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
F:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
F:\WINDOWS\System32\PAStiSvc.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
\??\F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\MessengerPlus! 3\MsgPlus.exe
F:\WINDOWS\system32\VTTimer.exe
F:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
F:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
F:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
F:\Program Files\Internet Explorer\iexplore.exe
f:\progra~1\intern~1\iexplore.exe
F:\Program Files\eChanblard\emule.exe
F:\Program Files\RamBoost XP\rambxpfr.exe
F:\Program Files\Messenger\msmsgs.exe
F:\Program Files\MSN Messenger\msnmsgr.exe
F:\Program Files\RegFreeze\regfreeze.exe
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = F:\WINDOWS\system32\blank.htm
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE: HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE: HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,(default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,provider = MSN
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE: HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: (no name) - {9E21B22B-44F2-2C21-6B83-B238E0F8003A} - (no file)
BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - F:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - F:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
Extra button: CmdMapping - (no file)
Extra button: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\WINDOWS\system32\msjava.dll
Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
HKCU\..\Run: [MessengerPlus3] "F:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
HKCU\..\Run: [user sign] F:\DOCUME~1\Xavier\APPLIC~1\ABOUTM~1\Wipebitsreadme.exe
HKCU\..\Run: [eMuleAutoStart] F:\Program Files\eChanblard\emule.exe -AutoStart
HKCU\..\Run: [RamBoostXp] F:\Program Files\RamBoost XP\rambxpfr.exe
HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background
HKCU\..\Run: [msnmsgr] "F:\Program Files\MSN Messenger\msnmsgr.exe" /background
HKLM\..\Run: [StandardInstall]
HKLM\..\Run: [MessengerPlus3] "F:\Program Files\MessengerPlus! 3\MsgPlus.exe"
HKLM\..\Run: [AudioDeck] "F:\Program Files\VIAudioi\SBADeck\ADeck.exe" 1
HKLM\..\Run: [RaidTool] F:\Program Files\VIA\RAID\raid_tool.exe
HKLM\..\Run: [VTTimer] VTTimer.exe
HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
HKLM\..\Run: [TkBellExe] "F:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
HKLM\..\Run: [WinampAgent] "F:\Program Files\Winamp\winampa.exe"
HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
HKLM\..\Run: [sixthfourgramwma] F:\Documents and Settings\All Users\Application Data\fragglobalsixthfour\Blah Error.exe
HKLM\..\Run: [ccApp] "F:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
HKLM\..\Run: [Symantec NetDriver Monitor] F:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
HKLM\..\Run: [LiveMonitor] F:\Program Files\MSI\Live Update 3\LMonitor.exe
HKLM\..\Run: [LiveMonitor] F:\Program Files\MSI\Live Update 3\LMonitor.exe
Extra context menu item: &MSN Search - res://F:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://F:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?7b188792e1b0419badbd9511364fd2b2
Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://F:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?7b188792e1b0419badbd9511364fd2b2
Extra context menu item: Télécharger avec &BitSpirit - F:\Program Files\BitSpirit\bsurl.htm
URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
MSIE: Internet Explorer 6.0.2900.2180
Running processes:
\SystemRoot\System32\smss.exe
\??\F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
F:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
F:\Program Files\Norton Internet Security\ISSVC.exe
F:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
F:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
F:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
F:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
F:\WINDOWS\System32\PAStiSvc.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
\??\F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\MessengerPlus! 3\MsgPlus.exe
F:\WINDOWS\system32\VTTimer.exe
F:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
F:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
F:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
F:\Program Files\Internet Explorer\iexplore.exe
f:\progra~1\intern~1\iexplore.exe
F:\Program Files\eChanblard\emule.exe
F:\Program Files\RamBoost XP\rambxpfr.exe
F:\Program Files\Messenger\msmsgs.exe
F:\Program Files\MSN Messenger\msnmsgr.exe
F:\Program Files\RegFreeze\regfreeze.exe
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = F:\WINDOWS\system32\blank.htm
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE: HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE: HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,(default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,provider = MSN
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE: HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: (no name) - {9E21B22B-44F2-2C21-6B83-B238E0F8003A} - (no file)
BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - F:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - F:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
Extra button: CmdMapping - (no file)
Extra button: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\WINDOWS\system32\msjava.dll
Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
HKCU\..\Run: [MessengerPlus3] "F:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
HKCU\..\Run: [user sign] F:\DOCUME~1\Xavier\APPLIC~1\ABOUTM~1\Wipebitsreadme.exe
HKCU\..\Run: [eMuleAutoStart] F:\Program Files\eChanblard\emule.exe -AutoStart
HKCU\..\Run: [RamBoostXp] F:\Program Files\RamBoost XP\rambxpfr.exe
HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background
HKCU\..\Run: [msnmsgr] "F:\Program Files\MSN Messenger\msnmsgr.exe" /background
HKLM\..\Run: [StandardInstall]
HKLM\..\Run: [MessengerPlus3] "F:\Program Files\MessengerPlus! 3\MsgPlus.exe"
HKLM\..\Run: [AudioDeck] "F:\Program Files\VIAudioi\SBADeck\ADeck.exe" 1
HKLM\..\Run: [RaidTool] F:\Program Files\VIA\RAID\raid_tool.exe
HKLM\..\Run: [VTTimer] VTTimer.exe
HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
HKLM\..\Run: [TkBellExe] "F:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
HKLM\..\Run: [WinampAgent] "F:\Program Files\Winamp\winampa.exe"
HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
HKLM\..\Run: [sixthfourgramwma] F:\Documents and Settings\All Users\Application Data\fragglobalsixthfour\Blah Error.exe
HKLM\..\Run: [ccApp] "F:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
HKLM\..\Run: [Symantec NetDriver Monitor] F:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
HKLM\..\Run: [LiveMonitor] F:\Program Files\MSI\Live Update 3\LMonitor.exe
HKLM\..\Run: [LiveMonitor] F:\Program Files\MSI\Live Update 3\LMonitor.exe
Extra context menu item: &MSN Search - res://F:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://F:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?7b188792e1b0419badbd9511364fd2b2
Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://F:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?7b188792e1b0419badbd9511364fd2b2
Extra context menu item: Télécharger avec &BitSpirit - F:\Program Files\BitSpirit\bsurl.htm
URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
Resume of bad entries:
No bad entries found.
Sponsored links
| ||
|