Bazooka Adware and Spyware Scanner Log 47

****************************************
Bazooka Adware and Spyware Scanner v1.12
Log created 18:22:29.
OS: Windows NT 5.1
Database version: 1.690000
Database format version: 1.020000
Database date: 20040205
Current date: 2004-02-06 18:22

****************************************
Auto start entries:
C:\PROGRA~1\DATEMA~1\DATEMA~1.EXE
C:\DOCUME~1\ALLUSE~1\Menu Start\Programma's\Opstarten\DESKTOP.INI
C:\Program Files\Common Files\GMT\GMT.exe /startup
C:\DOCUME~1\Francois\MIJNDO~1\DESKTO~1\8876480\Program\LDMConf.exe /start
C:\PROGRA~1\PRECIS~1\PRECIS~1.EXE
C:\PROGRA~1\DATEMA~1\DATEMA~1.EXE
C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\DESKTOP.INI
C:\Program Files\Common Files\GMT\GMT.exe /startup
C:\DOCUME~1\Francois\MIJNDO~1\DESKTO~1\8876480\Program\LDMConf.exe /start
C:\PROGRA~1\PRECIS~1\PRECIS~1.EXE
C:\Documents and Settings\Francois\Menu Start\Programma's\Opstarten\DESKTOP.INI
C:\Documents and Settings\Francois\Menu Start\Programma's\Opstarten\DESKTOP.INI

****************************************
Run entries:
AdaptecDirectCD "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
WinampAgent "C:\Program Files\Winamp3\winampa.exe"
ccApp "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
NeroCheck C:\WINDOWS\system32\NeroCheck.exe
QuickTime Task "C:\Program Files\QuickTime\qttask.exe" -atboottime
zBrowser Launcher C:\Documents and Settings\Francois\Mijn documenten\iTouch\iTouch.exe
MMTray C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
easywww c:\windows\easywww2.exe
redirect C:\WINDOWS\redirect6.exe
HoHBBLOCKar C:\Program Files\HoHBBLOCKar\bin\4.4.0.0\Hbinst.exe /Upgrade
mmtask C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
CTFMON.EXE C:\WINDOWS\System32\ctfmon.exe
LDM C:\Documents and Settings\Francois\Mijn documenten\\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

****************************************
Browser helper objects:

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} not set C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
{BDF3E430-B101-42AD-A544-FADC6B084872} NAV Helper C:\Program Files\Norton AntiVirus\NavShExt.dll

****************************************
Toolbars:

{8E718888-423F-11D2-876E-00A0C9082467} C:\WINDOWS\System32\msdxm.ocx
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} C:\Program Files\Norton AntiVirus\NavShExt.dll
{CC90CDA0-74A0-45b4-80EF-D89CA8C249B8} C:\Program Files\DashBar\DashBar15.dll
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} C:\Program Files\Norton AntiVirus\NavShExt.dll
{B195B3B3-8A05-11D3-97A4-0004ACA6948E} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{B195B3B3-8A05-11D3-97A4-0004ACA6948E}\InprocServer32

System error message: Het systeem kan het opgegeven bestand niet vinden.

{01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINDOWS\System32\browseui.dll
{0E5CBF21-D15F-11D0-8301-00AA005B4383} C:\WINDOWS\system32\SHELL32.dll
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} C:\Program Files\Norton AntiVirus\NavShExt.dll
{5F1ABCDB-A875-46C1-8345-B72A4567E486} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{5F1ABCDB-A875-46C1-8345-B72A4567E486}\InprocServer32

System error message: Het systeem kan het opgegeven bestand niet vinden.

{07B18EA9-A523-4961-B6BB-170DE4475CCA} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32

System error message: Het systeem kan het opgegeven bestand niet vinden.

{4D5C8C25-D075-11d0-B416-00C04FB90376} C:\WINDOWS\System32\shdocvw.dll
{30D02401-6A81-11D0-8274-00C04FD5AE38} C:\WINDOWS\System32\browseui.dll
{32683183-48a0-441b-a342-7c2a440a9478} C:\WINDOWS\System32\browseui.dll
{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} C:\WINDOWS\system32\SHELL32.dll
{EFA24E61-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\System32\shdocvw.dll
{EFA24E62-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\System32\shdocvw.dll
{FF6B2FD5-093C-4D4F-BB98-5641130A9DE6} C:\Program Files\HoHBBLOCKar\bin\4.4.0.0\HbHostIE.dll

****************************************
All processes:

0 [System Process]
4 System
392 SMSS.EXE
544 CSRSS.EXE
640 WINLOGON.EXE
684 SERVICES.EXE
696 LSASS.EXE
860 SVCHOST.EXE
960 SVCHOST.EXE
1132 SVCHOST.EXE
1156 SVCHOST.EXE
1380 EXPLORER.EXE
1396 ccSetMgr.exe
1460 ccEvtMgr.exe
1600 Directcd.exe
1608 winampa.exe
1616 ccApp.exe
1640 qttask.exe
1660 iTouch.exe
1668 mm_tray.exe
1676 redirect6.exe
1692 mmtask.exe
1708 CTFMON.EXE
1728 backWeb-8876480.exe
1848 DateManager.exe
1852 SPOOLSV.EXE
168 PrecisionTime.exe
204 ALG.EXE
240 navapsvc.exe
1344 msmsgs.exe
2900 wuauclt.exe
3300 spywarescanner.exe

****************************************
Result when scanning:

Backdoor.MSConfig45 388.888.000 HoHBBLOCKar
Bargain Buddy 102.997.949 %ProgramsDir%\Bargain Buddy\
Comet Cursor 836.000.003 %ProgramsDir%\COMET\BIN\CSBHO.DLL
DateManager 837.900.000 %ProgramsDir%\Date Manager\
EasyWWW 133.440.000 easywww
Gator 112.997.000 GMT.exe
HoHBBLOCKar 177.778.977 HoHBBLOCKar
HoHBBLOCKar 177.778.978 {B195B3B3-8A05-11D3-97A4-0004ACA6948E}
HoHBBLOCKar.hostie 178.700.000 {FF6B2FD5-093C-4D4F-BB98-5641130A9DE6}
HTASploit.winmain 342.999.400 HoHBBLOCKar
Httper 931.000.000
Instant Access Dialer 847.000.001 %ProgramsDir%\Instant Access\
Instant Access Dialer.B 848.000.000 ia.dll
Instant Access Dialer.C 849.000.001 ia.dll
PrecisionTime 838.900.000 %ProgramsDir%\PrecisionTime\
SystemSoap Pro 957.500.001 %ProgramsDir%\System Soap Pro\
WebSearch Toolbar.b 477.900.000 {07B18EA9-A523-4961-B6BB-170DE4475CCA}

***************************************