Parsed logs from users, sent by RegFreeze
You can view your log here, or get the information about malware entries, marked in parsed logs.
Scan your PC for FREE!
Log from d...so@glattnet.ch, Aug 24, 2006 14:35:58
Lines, marked with red background, contains the bad entries and should be fixed.
Sponsored links
| ||
|
Platform: Microsoft Windows XP Personal Service Pack 2 (Build 2600)
MSIE: Internet Explorer 6.0.2900.2180
Running processes:
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Logi_MwX.Exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\cidaemon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programme\Grisoft\AVG Free\avgcc.exe
C:\Programme\RegFreeze\regfreeze.exe
C:\Programme\SPYWAREfighter\spfprc.exe
C:\Programme\SPYWAREfighter\Spywarefighter.exe
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://de.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://de.search.yahoo.com
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.my.yahoo.com/
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,(default) = http://de.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://de.search.yahoo.com
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,provider = yaho
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE: HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
Toolbar: &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
Toolbar: &Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesde.dll
Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
Extra button: CmdMapping - (no file)
Extra button: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesde.dll
Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
HKCU\..\Run: [IncrediMail] C:\Programme\IncrediMail\bin\IncMail.exe /c
HKCU\..\Run: [eMuleAutoStart] C:\Programme\eMule\emule.exe -AutoStart
HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
HKLM\..\Run: [spywarefighterguard] C:\Programme\SPYWAREfighter\spfprc.exe
HKLM\..\Run: []
Extra context menu item: &Add animation to IncrediMail Style Box -
Extra context menu item: &Google-Suche - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html
Extra context menu item: &Ins Deutsche übersetzen - res://C:\Programme\Google\GoogleToolbar1.dll/cmwordtrans.html
Extra context menu item: Im Cache gespeicherte Seite - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html
Extra context menu item: Verweisseiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
Extra context menu item: Ähnliche Seiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
URLSearchHook: Microsoft Url Sucheingriff - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
MSIE: Internet Explorer 6.0.2900.2180
Running processes:
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Logi_MwX.Exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\cidaemon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programme\Grisoft\AVG Free\avgcc.exe
C:\Programme\RegFreeze\regfreeze.exe
C:\Programme\SPYWAREfighter\spfprc.exe
C:\Programme\SPYWAREfighter\Spywarefighter.exe
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://de.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://de.search.yahoo.com
IE: HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.my.yahoo.com/
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,(default) = http://de.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://de.search.yahoo.com
IE: HKCU\Software\Microsoft\Internet Explorer\SearchUrl,provider = yaho
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE: HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE: HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE: HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
Toolbar: &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
Toolbar: &Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesde.dll
Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
Extra button: CmdMapping - (no file)
Extra button: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesde.dll
Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
HKCU\..\Run: [IncrediMail] C:\Programme\IncrediMail\bin\IncMail.exe /c
HKCU\..\Run: [eMuleAutoStart] C:\Programme\eMule\emule.exe -AutoStart
HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
HKLM\..\Run: [spywarefighterguard] C:\Programme\SPYWAREfighter\spfprc.exe
HKLM\..\Run: []
Extra context menu item: &Add animation to IncrediMail Style Box -
Extra context menu item: &Google-Suche - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html
Extra context menu item: &Ins Deutsche übersetzen - res://C:\Programme\Google\GoogleToolbar1.dll/cmwordtrans.html
Extra context menu item: Im Cache gespeicherte Seite - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html
Extra context menu item: Verweisseiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
Extra context menu item: Ähnliche Seiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
URLSearchHook: Microsoft Url Sucheingriff - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
Resume of bad entries:
No bad entries found.
Sponsored links
| ||
|