Bazooka Adware and Spyware Scanner Log 1200

****************************************
Bazooka Scanner v1.13.02
http://www.kephyr.com/spywarescanner/
http://www.kephyr.com/spywarescanner/library/
Log created 13:02:15.
OS: Windows NT 5.1
Database version: 2.310000
Database format version: 1.020000
Database date: 20040824
Current date: 2004-08-30 13:02


****************************************
Result when scanning:

No potentially unwanted software found.
****************************************
Auto start entries:
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
C:\Program Files\Easy\TV Capture\RemoteCtl.exe
C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
C:\Program Files\Easy\TV Capture\RemoteCtl.exe
C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk
C:\Documents and Settings\steve guy\Start Menu\Programs\Startup\desktop.ini
C:\Documents and Settings\steve guy\Start Menu\Programs\Startup\PowerReg Scheduler.exe
C:\Documents and Settings\steve guy\Start Menu\Programs\Startup\desktop.ini
C:\Documents and Settings\steve guy\Start Menu\Programs\Startup\PowerReg Scheduler.exe

Go here to analyse the startup entries and the associated files:
http://www.kephyr.com/filedb/index.php

****************************************
Run entries:
SUPASTATUS C:\Program Files\Internet Explorer\Connection Wizard\status.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SUPASTATUS

pccguide.exe "C:\Program Files\Trend Micro\Internet Security\pccguide.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\pccguide.exe

PCClient.exe "C:\Program Files\Trend Micro\Internet Security\PCClient.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\PCClient.exe

TM Outbreak Agent "C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe" /run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\TM Outbreak Agent

AOLDialer C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\AOLDialer

GSICONEXE gsicon.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\GSICONEXE

DSLAGENTEXE dslagent.exe USB
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\DSLAGENTEXE

QuickTime Task "C:\Program Files\QuickTime\qttask.exe" -atboottime
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\QuickTime Task

CloneDVDElbyDelay "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\CloneDVDElbyDelay

ATIPTA C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ATIPTA

RoxioEngineUtility "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\RoxioEngineUtility

RoxioDragToDisc "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\RoxioDragToDisc

RoxioAudioCentral "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\RoxioAudioCentral

CloneCDTray C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\CloneCDTray

ElbyCheckElbyCDFL "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ElbyCheckElbyCDFL

RealTray C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\RealTray

NeroCheck C:\WINDOWS\system32\NeroCheck.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\NeroCheck

SoundMan SOUNDMAN.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SoundMan

NvCplDaemon RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\NvCplDaemon

nwiz nwiz.exe /install
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\nwiz

AOL Spyware Protection "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\AOL Spyware Protection

$MagicMedia C:\Program Files\MMedia\MMedia.exe startupMM
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\$MagicMedia

Morpheus "C:\Program Files\StreamCast\Morpheus\Morpheus.exe" -min
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Morpheus

warez "C:\Program Files\Warez P2P Client\warez.exe" -h
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\warez


Go here to analyse the run entries and the associated files:
http://www.kephyr.com/filedb/index.php

****************************************
Browser helper objects:

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} not set C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}


****************************************
Toolbars:

{8E718888-423F-11D2-876E-00A0C9082467} C:\WINDOWS\System32\msdxm.ocx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8E718888-423F-11D2-876E-00A0C9082467}

{4982D40A-C53B-4615-B15B-B5B5E98D167C} C:\Program Files\AOL Toolbar\toolbar.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4982D40A-C53B-4615-B15B-B5B5E98D167C}

{01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINDOWS\System32\browseui.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383}

{0E5CBF21-D15F-11D0-8301-00AA005B4383} C:\WINDOWS\system32\SHELL32.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}

{4982D40A-C53B-4615-B15B-B5B5E98D167C} C:\Program Files\AOL Toolbar\toolbar.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4982D40A-C53B-4615-B15B-B5B5E98D167C}

{4D5C8C25-D075-11d0-B416-00C04FB90376} C:\WINDOWS\System32\shdocvw.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}

{9455301C-CF6B-11D3-A266-00C04F689C50} C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{9455301C-CF6B-11D3-A266-00C04F689C50}

{FE54FA40-D68C-11d2-98FA-00C0F0318AFE} C:\WINDOWS\System32\Shdocvw.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE54FA40-D68C-11d2-98FA-00C0F0318AFE}

{32683183-48a0-441b-a342-7c2a440a9478} C:\WINDOWS\System32\browseui.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}

{EFA24E64-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\System32\shdocvw.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}


****************************************
All processes:

[System Process]
System
SMSS.EXE
CSRSS.EXE
WINLOGON.EXE
SERVICES.EXE
LSASS.EXE
ATI2EVXX.EXE
SVCHOST.EXE
SVCHOST.EXE
SVCHOST.EXE
SVCHOST.EXE
SPOOLSV.EXE
ATI2EVXX.EXE
EXPLORER.EXE
AOLacsd.exe
CDAC11BA.EXE
SLSERV.EXE
SVCHOST.EXE
WANMPSVC.EXE
AOLDial.exe
GSICON.EXE
DSLAGENT.EXE
QTTASK.EXE
ATIPTAXX.EXE
DrgToDsc.exe
RxMon.exe
CloneCDTray.exe
REALPLAY.EXE
SOUNDMAN.EXE
AOLSP Scheduler.exe
Playlist.exe
RemoteCtl.exe
wmiprvse.exe
wuauclt.exe
waol.exe
shellmon.exe
aoltpspd.exe
TMPROXY.EXE
PCCPFW.EXE
Tmntsrv.exe
PCClient.exe
PCCGUIDE.EXE
spywarescanner.exe
TMOAgent.exe

Go here to analyse the running processes:
http://www.kephyr.com/filedb/index.php

****************************************
Internet Explorer Settings:

Default_Page_URL http://www.timecomputers.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL

Default_Search_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL

Local Page C:\WINDOWS\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page

Search Page http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page

Start Page http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page

SearchAssistant http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant

CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch

http://
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix\

www http://
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\www

provider
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\provider

Local Page C:\WINDOWS\System32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page

Search Bar http://minisearch.startnow.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar

Search Page http://minisearch.startnow.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page

Start Page http://www.timecomputers.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page


****************************************




Related links

Bazooka - Free scan for spyware, adware, trojan horses, keyloggers, etc. Detects more than 500 potentially unwanted applications. Freeware!

The File Database - Search the file database for more information. Free!

PopUp Blocker Test - Find out if your pop-up killer can handle all pop-ups. Free!

Kephyr Labs - Find out what is going on at Kephyr. Try products in an early stage of development.



FreeFixer
Read more about FreeFixer, Kephyr's latest spyware removal tool.
Home & Products |  Legal |  Privacy |  Search

© Kephyr, 2003-2012. HtmlTidy, HTML 4.01, CSS andy@kephyr.com