**************************************** Bazooka Adware and Spyware Scanner v1.13.01 http://www.kephyr.com/spywarescanner/ http://www.kephyr.com/spywarescanner/library/ Log created 09:10:31. OS: Windows NT 5.0 Database version: 2.020000 Database format version: 1.020000 Database date: 20040514 Current date: 2004-05-17 09:10 **************************************** Result when scanning: No potentially unwanted software found. **************************************** Auto start entries: **************************************** Run entries: Synchronization Manager mobsync.exe /logon HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Synchronization Manager AtiPTA atiptaxx.exe HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\AtiPTA SynTPLpr C:\Program Files\Synaptics\SynTP\SynTPLpr.exe HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SynTPLpr SynTPEnh C:\Program Files\Synaptics\SynTP\SynTPEnh.exe HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SynTPEnh pccguide.exe "C:\Program Files\Trend Micro\PC-cillin 2003\pccguide.exe" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\pccguide.exe PCCClient.exe "C:\Program Files\Trend Micro\PC-cillin 2003\PCCClient.exe" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\PCCClient.exe Pop3trap.exe "C:\Program Files\Trend Micro\PC-cillin 2003\Pop3trap.exe" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Pop3trap.exe Palm MulitUser Config C:\Program Files\Palm\Configtool.exe HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Palm MulitUser Config QuickTime Task "C:\Program Files\QuickTime\qttask.exe" -atboottime HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\QuickTime Task PopUpStopperFreeEdition "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\PopUpStopperFreeEdition Go here to analyse the run entries and the associated files: http://www.kephyr.com/filedb/index.php **************************************** Browser helper objects: **************************************** Toolbars: {8E718888-423F-11D2-876E-00A0C9082467} C:\WINNT\System32\msdxm.ocx HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8E718888-423F-11D2-876E-00A0C9082467} {01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINNT\System32\browseui.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383} {01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINNT\System32\browseui.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383} {0E5CBF21-D15F-11D0-8301-00AA005B4383} C:\WINNT\System32\browseui.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383} {A509E94A-9B0B-E653-28E3-DD58DED7FE48} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{A509E94A-9B0B-E653-28E3-DD58DED7FE48}\InprocServer32 System error message: The system cannot find the file specified. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{A509E94A-9B0B-E653-28E3-DD58DED7FE48} {4D5C8C25-D075-11d0-B416-00C04FB90376} C:\WINNT\System32\shdocvw.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376} {02E31288-6F16-4376-9383-F1C776C5BD47} shdocvw.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{02E31288-6F16-4376-9383-F1C776C5BD47} {C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} C:\WINNT\system32\shell32.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} {EFA24E64-B078-11D0-89E4-00C04FC9E26E} C:\WINNT\System32\shdocvw.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E} **************************************** All processes: [System Process] System SMSS.EXE CSRSS.EXE WINLOGON.EXE SERVICES.EXE LSASS.EXE svchost.exe LEXBCES.EXE spoolsv.exe LEXPPS.EXE ati2evxx.exe svchost.exe regsvc.exe mstask.exe Tmntsrv.exe WinMgmt.exe svchost.exe tmproxy.exe PCCPFW.exe rundll32.exe explorer.exe atiptaxx.exe SynTPLpr.exe SynTPEnh.exe pccguide.exe PCCClient.exe Pop3trap.exe qttask.exe PSFree.exe MSIMN.EXE IEXPLORE.EXE spywarescanner. Go here to analyse the running processes: http://www.kephyr.com/filedb/index.php **************************************** Internet Explorer Settings: Default_Page_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL Default_Search_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL Local Page C:\WINNT\system32\blank.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page Search Bar http://allaboutsearching.com/searchbar.html HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar Search Page http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page Start Page http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page SearchAssistant http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch http:// HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix\ www http:// HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\www provider HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\provider Local Page C:\WINNT\System32\blank.htm HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page Search Bar about:blank HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar Search Page http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page Start Page http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page Use Search Asst no HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use Search Asst SearchAssistant http://allaboutsearching.com/searchbar.html HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant ****************************************
