Bazooka Adware and Spyware Scanner Log 127

****************************************
Bazooka Adware and Spyware Scanner v1.13.01
http://www.kephyr.com/spywarescanner/
http://www.kephyr.com/spywarescanner/library/
Log created 02:22:42.
OS: Windows 98
Database version: 1.870000
Database format version: 1.020000
Database date: 20040310
Current date: 2004-03-12 02:22


****************************************
Result when scanning:

CoolWebSearch.cpan 464.000.000 %WinDir%\hh.htt
C:\WINDOWS\hh.htt
http://www.kephyr.com/spywarescanner/library/coolwebsearch.cpan/index.phtml

CoolWebSearch.soundmx 039.000.000 Soundmx
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Soundmx
http://www.kephyr.com/spywarescanner/library/coolwebsearch.soundmx/index.phtml

HuntBar 166.166.001 {D6DFF6D8-B94B-4720-B730-1C38C7065C3B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D6DFF6D8-B94B-4720-B730-1C38C7065C3B}
http://www.kephyr.com/spywarescanner/library/huntbar/index.phtml

MS Media Player GUID 404.888.000
HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
http://www.kephyr.com/spywarescanner/library/msmediaplayerguid/index.phtml

TrackBack adware 934.000.000 TB_setup
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\TB_setup
http://www.kephyr.com/spywarescanner/library/trackback/index.phtml

****************************************
Auto start entries:
C:\Program Files\ScannerU\AM32.exe
C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
C:\Program Files\Common Files\efax\Dllcmd32.exe /R /K C:\PROGRA~1\COMMON~1\EFAX\HsPfcW32.dll,JSPFCWSetHooking,1,0,0,0
C:\Program Files\Microsoft Office\Office\OSA.EXE -b
C:\WINDOWS\Start Menu\Programs\StartUp\eFax.com Tray Menu.lnk
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\MSSQL7\Binn\sqlmangr.exe /n
C:\Program Files\Real\RealDownload\REALDOWNLOAD.EXE -hidden
C:\Palm\HOTSYNC.EXE
C:\WINDOWS\Start Menu\Programs\StartUp\PowerReg Scheduler V3.exe
C:\Program Files\Verizon Online\SupportCenter\bin\matcli.exe -boot

Go here to analyse the startup entries and the associated files:
http://www.kephyr.com/filedb/index.php

****************************************
Run entries:
ScanRegistry C:\WINDOWS\scanregw.exe /autorun
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ScanRegistry

TaskMonitor C:\WINDOWS\taskmon.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\TaskMonitor

PCHealth C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\PCHealth

SystemTray SysTray.Exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SystemTray

LoadPowerProfile Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\LoadPowerProfile

S3TRAY S3tray.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\S3TRAY

XircWinModem4 ltcm000c.exe 9
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\XircWinModem4

EM_EXEC C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\EM_EXEC

YAMAHA DS-XG Launcher C:\WINDOWS\dslaunch.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\YAMAHA DS-XG Launcher

Promon.exe Promon.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Promon.exe

TDspOff Tdspoff.exe B
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\TDspOff

Tpwrtray TPWRTRAY.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Tpwrtray

Pinger C:\TOSHIBA\IVP\ISM\pinger.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Pinger

TWarnMsg TWarnMsg.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\TWarnMsg

TFncky TFncky.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\TFncky

TgAddServer "C:\Program Files\tioga\Client\bin\tgfix.exe" /fds "http://vtsupport.answerteam.com/global"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\TgAddServer

Tgcmd "C:\Program Files\tioga\Client\bin\tgcmd.exe" /nosystray
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Tgcmd

tgsetsite "C:\Program Files\tioga\Client\bin\tgfix.exe" /i /f "C:\Program Files\tioga\client\bin\toshibasup.dna"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\tgsetsite

RealTray C:\Program Files\Real\RealPlayer\realplay.exe SYSTEMBOOTHIDEPLAYER
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\RealTray

LoadQM loadqm.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\LoadQM

Iomega Startup Options C:\Program Files\Iomega\Common\ImgStart.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Iomega Startup Options

Iomega Drive Icons C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Iomega Drive Icons

RealJukeboxSystray "C:\PROGRAM FILES\REAL\REALJUKEBOX\tsystray.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\RealJukeboxSystray

InstantAccess C:\Program Files\ScannerU\TBRIDGE\BIN\InstantAccess.exe /h
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\InstantAccess

RegisterDropHandler C:\Program Files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\RegisterDropHandler

AUCBPNP C:\WINDOWS\SYSTEM\aucbpnp.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\AUCBPNP

Drag'n'Drop_Autolaunch "C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Drag'n'Drop_Autolaunch

Motive SmartBridge C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Motive SmartBridge

IPInSightLAN 01 "C:\PROGRAM FILES\VERIZON ONLINE\VISUAL IP INSIGHT\IPClient.exe" -l
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\IPInSightLAN 01

IPInSightMonitor 01 "C:\PROGRAM FILES\VERIZON ONLINE\VISUAL IP INSIGHT\IPMon32.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\IPInSightMonitor 01

Soundmx \soundmx.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Soundmx

Symantec Core LC C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Symantec Core LC

ccApp "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ccApp

NAV CfgWiz C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\NAV CfgWiz

TB_setup C:\WINDOWS\TEMP\TB_SETUP.EXE /dcheck
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\TB_setup

LoadPowerProfile Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\LoadPowerProfile

SchedulingAgent mstask.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\SchedulingAgent

SSDPSRV C:\WINDOWS\SYSTEM\ssdpsrv.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\SSDPSRV

*StateMgr C:\WINDOWS\System\Restore\StateMgr.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\*StateMgr

THotkey C:\WINDOWS\SYSTEM\THotkey.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\THotkey

Encompass_ENCMONTR C:\Program Files\Easy Internet\ENCMONTR.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\Encompass_ENCMONTR

RegisterDropHandler C:\Program Files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\RegisterDropHandler

Machine Debug Manager C:\WINDOWS\SYSTEM\MDM.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\Machine Debug Manager

StillImageMonitor C:\WINDOWS\SYSTEM\STIMON.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\StillImageMonitor

ScriptBlocking "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\ScriptBlocking

ccEvtMgr "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\ccEvtMgr

ccSetMgr "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\ccSetMgr

Taskbar Display Controls RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Taskbar Display Controls

Yahoo! Pager C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Yahoo! Pager

MsnMsgr "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\MsnMsgr


Go here to analyse the run entries and the associated files:
http://www.kephyr.com/filedb/index.php

****************************************
Browser helper objects:

{EBCDDA60-2A68-11D3-8A43-0060083CFB9C} C:\WINDOWS\SYSTEM\NZDD.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EBCDDA60-2A68-11D3-8A43-0060083CFB9C}

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

{13F537F0-AF09-11d6-9029-0002B31F9E59} Yahoo! Companion BHO C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_3.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13F537F0-AF09-11d6-9029-0002B31F9E59}

{D6DFF6D8-B94B-4720-B730-1C38C7065C3B} C:\PROGRA~1\COMMON~1\BTLINK\BTLINK.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D6DFF6D8-B94B-4720-B730-1C38C7065C3B}

{BDF3E430-B101-42AD-A544-FADC6B084872} NAV Helper C:\Program Files\Norton AntiVirus\NavShExt.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}


****************************************
Toolbars:

{8E718888-423F-11D2-876E-00A0C9082467} C:\WINDOWS\SYSTEM\MSDXM.OCX
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8E718888-423F-11D2-876E-00A0C9082467}

{EF99BD32-C1FB-11D2-892F-0090271D4F88} C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_3.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} C:\Program Files\Norton AntiVirus\NavShExt.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}

{01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINDOWS\SYSTEM\BROWSEUI.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383}

{0E5CBF21-D15F-11D0-8301-00AA005B4383} C:\WINDOWS\SYSTEM\BROWSEUI.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}

{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} C:\Program Files\Norton AntiVirus\NavShExt.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}

{01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINDOWS\SYSTEM\BROWSEUI.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383}

{0E5CBF21-D15F-11D0-8301-00AA005B4383} C:\WINDOWS\SYSTEM\BROWSEUI.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}

{EF99BD32-C1FB-11D2-892F-0090271D4F88} C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_3.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

{4D5C8C25-D075-11d0-B416-00C04FB90376} C:\WINDOWS\SYSTEM\SHDOCVW.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}

{EFA24E64-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\SYSTEM\BROWSEUI.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}

{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} C:\WINDOWS\SYSTEM\SHELL32.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}

{EFA24E61-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\SYSTEM\SHDOCVW.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{EFA24E61-B078-11D0-89E4-00C04FC9E26E}

{EFA24E62-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\SYSTEM\SHDOCVW.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{EFA24E62-B078-11D0-89E4-00C04FC9E26E}


****************************************
All processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\THOTKEY.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\S3TRAY.EXE
C:\WINDOWS\SYSTEM\LTCM000C.EXE
C:\PROGRAM FILES\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\DSLAUNCH.EXE
C:\WINDOWS\SYSTEM\PROMON.EXE
C:\WINDOWS\SYSTEM\TPWRTRAY.EXE
C:\TOSHIBA\IVP\ISM\PINGER.EXE
C:\WINDOWS\SYSTEM\TWARNMSG.EXE
C:\WINDOWS\SYSTEM\TFNCKY.EXE
C:\PROGRAM FILES\TIOGA\CLIENT\BIN\TGCMD.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\IOMEGA\DRIVEICONS\IMGICON.EXE
C:\PROGRAM FILES\REAL\REALJUKEBOX\TSYSTRAY.EXE
C:\WINDOWS\SYSTEM\AUCBPNP.EXE
C:\PROGRAM FILES\IOMEGA HOTBURN PRO\AUTOLAUNCH.EXE
C:\PROGRAM FILES\VERIZON ONLINE\SUPPORTCENTER\SMARTBRIDGE\MOTIVESB.EXE
C:\PROGRAM FILES\VERIZON ONLINE\VISUAL IP INSIGHT\IPCLIENT.EXE
C:\PROGRAM FILES\VERIZON ONLINE\VISUAL IP INSIGHT\IPMON32.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\COMMON FILES\EFAX\DLLCMD32.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\PROGRAM FILES\COMMON FILES\EFAX\HOTTRAY.EXE
C:\MSSQL7\BINN\SQLMANGR.EXE
C:\PALM\HOTSYNC.EXE
C:\PROGRAM FILES\VERIZON ONLINE\SUPPORTCENTER\BIN\MPBTN.EXE
C:\PROGRAM FILES\YAHOO!\MESSENGER\YMSGR_TRAY.EXE
C:\PROGRAM FILES\BAZOOKA SPYWARE SCANNER\SPYWARESCANNER.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

Go here to analyse the running processes:
http://www.kephyr.com/filedb/index.php

****************************************
Internet Explorer Settings:

Search http://%69%6e%2e%77%65%62%63%6f%75%6e%74%65%72%2e%63%63/%2d%2d/?%63%78%6c%6f%77
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search

Default_Page_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL

Default_Search_URL http://%69%6e%2e%77%65%62%63%6f%75%6e%74%65%72%2e%63%63/%2d%2d/?%63%78%6c%6f%77
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL

Local Page C:\WINDOWS\SYSTEM\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page

Search Page http://%69%6e%2e%77%65%62%63%6f%75%6e%74%65%72%2e%63%63/%2d%2d/?%63%78%6c%6f%77
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page

Start Page http://%69%6e%2e%77%65%62%63%6f%75%6e%74%65%72%2e%63%63/%2d/?%63%78%6c%6f%77 about:blank
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page


HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\

SearchAssistant http://www.websearch.com/ie.aspx?tb_id=%tb_id
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant

CustomizeSearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch

http://
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix\

www http://
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\www

User Stylesheet C:\WINDOWS\hh.htt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Styles\User Stylesheet

Search http://%69%6e%2e%77%65%62%63%6f%75%6e%74%65%72%2e%63%63/%2d%2d/?%63%78%6c%6f%77
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search

Default_Page_URL http://%69%6e%2e%77%65%62%63%6f%75%6e%74%65%72%2e%63%63/%2d/?%63%78%6c%6f%77
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL

Default_Search_URL http://%69%6e%2e%77%65%62%63%6f%75%6e%74%65%72%2e%63%63/%2d%2d/?%63%78%6c%6f%77
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL

Local Page C:\WINDOWS\SYSTEM\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page

Search Bar http://www.websearch.com/ie.aspx?tb_id=%tb_id
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar

Search Page http://%69%6e%2e%77%65%62%63%6f%75%6e%74%65%72%2e%63%63/%2d%2d/?%63%78%6c%6f%77
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page

Start Page http://www.yahoo.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page

Use Search Asst no
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use Search Asst


HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\

SearchAssistant http://%69%6e%2e%77%65%62%63%6f%75%6e%74%65%72%2e%63%63/%2d%2d%2d/?%63%78%6c%6f%77
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant

CustomizeSearch http://%69%6e%2e%77%65%62%63%6f%75%6e%74%65%72%2e%63%63/%2d%2d/?%63%78%6c%6f%77
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\CustomizeSearch

User Stylesheet C:\WINDOWS\Web\tips.ini
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Styles\User Stylesheet


****************************************




Related links

Bazooka - Free scan for spyware, adware, trojan horses, keyloggers, etc. Detects more than 500 potentially unwanted applications. Freeware!

The File Database - Search the file database for more information. Free!

PopUp Blocker Test - Find out if your pop-up killer can handle all pop-ups. Free!

Kephyr Labs - Find out what is going on at Kephyr. Try products in an early stage of development.


FreeFixer
Read more about FreeFixer, Kephyr's latest spyware removal tool.
Home & Products |  Legal |  Privacy |  Search

© Kephyr, 2003-2012. HtmlTidy, HTML 4.01, CSS andy@kephyr.com