Parsed logs from users, sent by RegFreeze
You can view your log here, or get the information about malware entries, marked in parsed logs.
Scan your PC for FREE!
Log from g...am@arguscg.com, Aug 23, 2006 14:20:00
Lines, marked with red background, contains the bad entries and should be fixed.
Sponsored links
| ||
|
Platform: (Build 3790)
MSIE: Internet Explorer 6.0.3790.0
Running processes:
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dell\OpenManage\OMSA\bin\dcevt32.exe
C:\Program Files\Dell\OpenManage\OMSA\bin\dcstor32.exe
C:\PROGRA~1\SAV\DefWatch.exe
C:\WINDOWS\system32\Dfssvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Expertcity\GoToMyPC\g2svc.exe
C:\Program Files\Expertcity\GoToMyPC\g2comm.exe
C:\Program Files\Expertcity\GoToMyPC\g2pre.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\cba\pds.exe
C:\WINDOWS\System32\ismserv.exe
C:\Program Files\Dell\OpenManage\Array Manager\mr2kserv.exe
C:\Program Files\Expertcity\GoToMyPC\g2tray.exe
C:\PROGRA~1\MICROS~1\MS6723~1\binn\sqlservr.exe
C:\PROGRA~1\Symantec\SYMANT~1\NSCTOP.EXE
C:\WINDOWS\system32\ntfrs.exe
e:\program files\pvsw\BIN\W3SQLMGR.EXE
e:\program files\pvsw\BIN\NTBTRV.EXE
C:\Program Files\Dell\OpenManage\iws\bin\win32\omaws32.exe
C:\WINDOWS\System32\snmp.exe
e:\program files\pvsw\BIN\NTDBSMGR.EXE
C:\WINDOWS\System32\tssdis.exe
C:\Program Files\Microsoft Virtual Server\vmh.exe
C:\Program Files\Dell\OpenManage\Array Manager\VxSvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\ams_ii\hndlrsvc.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\ams_ii\iao.exe
C:\WINDOWS\system32\cba\xfr.exe
C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
C:\Program Files\Microsoft Virtual Server\vssrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Dell\OPENMA~1\oldiags\vendor\pcdoctor\bin\diagorb.exe
C:\WINDOWS\System32\svchost.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.711.1664\GoogleToolbarNotifier.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
E:\Program Files\RegFreeze\regfreeze.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,provider = gogl
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE: HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
Toolbar: &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
Extra button: CmdMapping - (no file)
Extra button: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
Extra button: Search and Remove Spyware - {CDB280E8-BE43-4128-8A5A-3FCD094E2D88} - e:\Program Files\RegFreeze\rfsearchhandler.dll
HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.711.1664\GoogleToolbarNotifier.exe
Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
Protocol filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
MSIE: Internet Explorer 6.0.3790.0
Running processes:
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dell\OpenManage\OMSA\bin\dcevt32.exe
C:\Program Files\Dell\OpenManage\OMSA\bin\dcstor32.exe
C:\PROGRA~1\SAV\DefWatch.exe
C:\WINDOWS\system32\Dfssvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Expertcity\GoToMyPC\g2svc.exe
C:\Program Files\Expertcity\GoToMyPC\g2comm.exe
C:\Program Files\Expertcity\GoToMyPC\g2pre.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\cba\pds.exe
C:\WINDOWS\System32\ismserv.exe
C:\Program Files\Dell\OpenManage\Array Manager\mr2kserv.exe
C:\Program Files\Expertcity\GoToMyPC\g2tray.exe
C:\PROGRA~1\MICROS~1\MS6723~1\binn\sqlservr.exe
C:\PROGRA~1\Symantec\SYMANT~1\NSCTOP.EXE
C:\WINDOWS\system32\ntfrs.exe
e:\program files\pvsw\BIN\W3SQLMGR.EXE
e:\program files\pvsw\BIN\NTBTRV.EXE
C:\Program Files\Dell\OpenManage\iws\bin\win32\omaws32.exe
C:\WINDOWS\System32\snmp.exe
e:\program files\pvsw\BIN\NTDBSMGR.EXE
C:\WINDOWS\System32\tssdis.exe
C:\Program Files\Microsoft Virtual Server\vmh.exe
C:\Program Files\Dell\OpenManage\Array Manager\VxSvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\ams_ii\hndlrsvc.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\ams_ii\iao.exe
C:\WINDOWS\system32\cba\xfr.exe
C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
C:\Program Files\Microsoft Virtual Server\vssrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Dell\OPENMA~1\oldiags\vendor\pcdoctor\bin\diagorb.exe
C:\WINDOWS\System32\svchost.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\cren.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.711.1664\GoogleToolbarNotifier.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
E:\Program Files\RegFreeze\regfreeze.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,provider = gogl
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE: HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: Class - {4700F4B2-EB75-07EF-2853-5B264BD6E7DB} - C:\WINDOWS\system32\mssz32.dll
Toolbar: &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
Extra button: CmdMapping - (no file)
Extra button: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
Extra button: Search and Remove Spyware - {CDB280E8-BE43-4128-8A5A-3FCD094E2D88} - e:\Program Files\RegFreeze\rfsearchhandler.dll
HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.711.1664\GoogleToolbarNotifier.exe
HKLM\..\RunOnce: [sdkof.exe] C:\WINDOWS\system32\sdkof.exe
HKLM\..\RunOnce: [iesf.exe] C:\WINDOWS\system32\iesf.exe
HKLM\..\RunOnce: [appvb.exe] C:\WINDOWS\system32\appvb.exe
HKLM\..\RunOnce: [sdkej.exe] C:\WINDOWS\system32\sdkej.exe
Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
Protocol filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
Resume of bad entries:
C:\WINDOWS\cren.exe
BHO: Class - {4700F4B2-EB75-07EF-2853-5B264BD6E7DB} - C:\WINDOWS\system32\mssz32.dll
HKLM\..\RunOnce: [sdkof.exe] C:\WINDOWS\system32\sdkof.exe
HKLM\..\RunOnce: [iesf.exe] C:\WINDOWS\system32\iesf.exe
HKLM\..\RunOnce: [appvb.exe] C:\WINDOWS\system32\appvb.exe
HKLM\..\RunOnce: [sdkej.exe] C:\WINDOWS\system32\sdkej.exe
BHO: Class - {4700F4B2-EB75-07EF-2853-5B264BD6E7DB} - C:\WINDOWS\system32\mssz32.dll
HKLM\..\RunOnce: [sdkof.exe] C:\WINDOWS\system32\sdkof.exe
HKLM\..\RunOnce: [iesf.exe] C:\WINDOWS\system32\iesf.exe
HKLM\..\RunOnce: [appvb.exe] C:\WINDOWS\system32\appvb.exe
HKLM\..\RunOnce: [sdkej.exe] C:\WINDOWS\system32\sdkej.exe
Sponsored links
| ||
|