Parsed logs from users, sent by RegFreeze
You can view your log here, or get the information about malware entries, marked in parsed logs.
Scan your PC for FREE!
Log from e.rurtalbahn.de, Aug 24, 2006 04:25:26
Lines, marked with red background, contains the bad entries and should be fixed.
Sponsored links
| ||
|
Platform: Microsoft Windows XP Professional Service Pack 2 (Build 2600)
MSIE: Internet Explorer 6.0.2900.2180
Running processes:
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Belkin\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\wwSecure.exe
C:\David\APPS\DVGRAB\CODE\DVGRAB.EXE
C:\David\APPS\POSTMAN\CODE\POSTMAN.EXE
C:\David\CODE\SL.EXE
C:\David\tld\code\CAPI\tld.exe
C:\WINDOWS\System32\alg.exe
C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Programme\Picasa2\PicasaMediaDetector.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE
C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Programme\CASIO\Photo Loader\Plauto.exe
C:\lotus\organize\easyclip6.exe
C:\Programme\RegFreeze\regfreeze.exe
c:\Programme\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\TOBITI~1\DVREMIND.EXE
C:\Programme\Webroot\Washer\wwDisp.exe
C:\Programme\Gemeinsame Dateien\Mobipocket Shared\webcomp.exe
C:\Programme\Microsoft Office\Office10\OUTLOOK.EXE
C:\WINDOWS\explorer.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Microsoft ActiveSync\WCESMgr.exe
C:\Programme\Webroot\Spy Sweeper\SpySweeper.exe
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,provider = gogl
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE: HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
Toolbar: ICQ Toolbar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
Toolbar: RealGuide - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
Extra button: CmdMapping - (no file)
Extra button: Klicke hier um das Projekt xp-AntiSpy zu unterstützen - {019DBFBC-5D30-45BF-A1C6-E963AB20A4F2} - (no file)
Extra button: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - (no file)
Extra button: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - (no file)
Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - (no file)
Extra button: RealGuide - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE"
HKCU\..\Run: [Shell] "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\ibm00001.exe"
HKCU\..\Run: [updateMgr] C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_7 -reboot 1
HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
HKLM\..\Run: [MMTray] C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
HKLM\..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe
HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~2\TRAYAP~1.EXE
HKLM\..\Run: [DataLayer] C:\PROGRA~1\GEMEIN~1\PCSuite\DATALA~1\DATALA~1.EXE
HKLM\..\Run: [DataLayer] C:\PROGRA~1\GEMEIN~1\PCSuite\DATALA~1\DATALA~1.EXE
Extra context menu item: Senden an &Bluetooth - C:\Programme\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
MSIE: Internet Explorer 6.0.2900.2180
Running processes:
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Belkin\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\wwSecure.exe
C:\David\APPS\DVGRAB\CODE\DVGRAB.EXE
C:\David\APPS\POSTMAN\CODE\POSTMAN.EXE
C:\David\CODE\SL.EXE
C:\David\tld\code\CAPI\tld.exe
C:\WINDOWS\System32\alg.exe
C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Programme\Picasa2\PicasaMediaDetector.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE
C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Programme\CASIO\Photo Loader\Plauto.exe
C:\lotus\organize\easyclip6.exe
C:\Programme\RegFreeze\regfreeze.exe
c:\Programme\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\TOBITI~1\DVREMIND.EXE
C:\Programme\Webroot\Washer\wwDisp.exe
C:\Programme\Gemeinsame Dateien\Mobipocket Shared\webcomp.exe
C:\Programme\Microsoft Office\Office10\OUTLOOK.EXE
C:\WINDOWS\explorer.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Microsoft ActiveSync\WCESMgr.exe
C:\Programme\Webroot\Spy Sweeper\SpySweeper.exe
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,provider = gogl
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE: HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
Toolbar: ICQ Toolbar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
Toolbar: RealGuide - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
Extra button: CmdMapping - (no file)
Extra button: Klicke hier um das Projekt xp-AntiSpy zu unterstützen - {019DBFBC-5D30-45BF-A1C6-E963AB20A4F2} - (no file)
Extra button: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - (no file)
Extra button: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - (no file)
Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - (no file)
Extra button: RealGuide - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE"
HKCU\..\Run: [Shell] "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\ibm00001.exe"
HKCU\..\Run: [updateMgr] C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_7 -reboot 1
HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
HKLM\..\Run: [MMTray] C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
HKLM\..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe
HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~2\TRAYAP~1.EXE
HKLM\..\Run: [DataLayer] C:\PROGRA~1\GEMEIN~1\PCSuite\DATALA~1\DATALA~1.EXE
HKLM\..\Run: [DataLayer] C:\PROGRA~1\GEMEIN~1\PCSuite\DATALA~1\DATALA~1.EXE
Extra context menu item: Senden an &Bluetooth - C:\Programme\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
Resume of bad entries:
No bad entries found.
Sponsored links
| ||
|