Bazooka Adware and Spyware Scanner Log 1230

****************************************
Bazooka Scanner v1.13.02
http://www.kephyr.com/spywarescanner/
http://www.kephyr.com/spywarescanner/library/
Log created 13:23:10.
OS: Windows NT 4.0
Database version: 2.320000
Database format version: 1.020000
Database date: 20040902
Current date: 2003-09-08 13:23


****************************************
Result when scanning:

No potentially unwanted software found.
****************************************
Auto start entries:
C:\Program Files\Microsoft Office\Office\OSA9.EXE -b -l
D:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft Office\Office\OSA9.EXE -b -l
D:\Program Files\WinZip\WZQKPICK.EXE

Go here to analyse the startup entries and the associated files:
http://www.kephyr.com/filedb/index.php

****************************************
Run entries:
SystemTray SysTray.Exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SystemTray

MGA QuickDesk "C:\Program Files\MGA NT PowerDesk\QDesk\MGAQDESK.EXE"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\MGA QuickDesk

COMSMDEXE comsmd.exe -on
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\COMSMDEXE

BrowserWebCheck loadwc.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\BrowserWebCheck

SchedulingAgent mstinit.exe /logon
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SchedulingAgent

WinampAgent "d:\Program Files\Winamp\Winampa.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\WinampAgent

websx C:\Program Files\websx\int310764.exe -auto
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\websx

SMSERIAL sm56hlpr.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SMSERIAL

vptray D:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\vptray

DELDIR0.EXE "C:\TEMP\DELDIR0.EXE" "C:\Program Files\McAfee\McAfee Shared Components\Central"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\DELDIR0.EXE


Go here to analyse the run entries and the associated files:
http://www.kephyr.com/filedb/index.php

****************************************
Browser helper objects:

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} not set d:\program files\adobe\Reader\ActiveX\AcroIEHelper.ocx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

{378DB7C0-1514-11D8-980B-00105ABD0E81} not set C:\WINNT\System32\mfrc42.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{378DB7C0-1514-11D8-980B-00105ABD0E81}

{7A396B91-DD3C-11D7-983B-001008965864} not set C:\WINNT\System32\bgf.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7A396B91-DD3C-11D7-983B-001008965864}


****************************************
Toolbars:

{01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINNT\System32\browseui.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383}

{014DA6C9-189F-421A-88CD-07CFE51CFF10} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10}\InprocServer32

System error message: The system cannot find the file specified.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{014DA6C9-189F-421A-88CD-07CFE51CFF10}

{2481A070-1514-11D8-980B-00105ABD0E81} Error when reading a registry key, the value doesn't exist. Entry: HKEY_CLASSES_ROOT\CLSID\{2481A070-1514-11D8-980B-00105ABD0E81}\InprocServer32\

System error message: The system cannot find the file specified.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{2481A070-1514-11D8-980B-00105ABD0E81}

{4D5C8C25-D075-11d0-B416-00C04FB90376} C:\WINNT\System32\shdocvw.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}

{32683183-48a0-441b-a342-7c2a440a9478} C:\WINNT\System32\browseui.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}

{EFA24E61-B078-11D0-89E4-00C04FC9E26E} C:\WINNT\System32\shdocvw.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{EFA24E61-B078-11D0-89E4-00C04FC9E26E}


****************************************
All processes:


Go here to analyse the running processes:
http://www.kephyr.com/filedb/index.php

****************************************
Internet Explorer Settings:

Default_Page_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL

Default_Search_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL

Search Bar file://C:\TEMP\sp.html
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar

Search Page file://C:\TEMP\sp.html
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page

Start Page about:blank
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page

Use Search Asst no
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Use Search Asst

SearchAssistant file://C:\TEMP\sp.html
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant

CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch

http://
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix\

www http://
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\www

provider
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\provider

Local Page C:\WINNT\System32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page

Search Bar file://C:\TEMP\sp.html
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar

Search Page file://C:\TEMP\sp.html
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page

Start Page about:blank
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page

Use Search Asst no
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use Search Asst

SearchAssistant file://C:\TEMP\sp.html
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant

User Stylesheet
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Styles\User Stylesheet


****************************************




Related links

Bazooka - Free scan for spyware, adware, trojan horses, keyloggers, etc. Detects more than 500 potentially unwanted applications. Freeware!

The File Database - Search the file database for more information. Free!

PopUp Blocker Test - Find out if your pop-up killer can handle all pop-ups. Free!

Kephyr Labs - Find out what is going on at Kephyr. Try products in an early stage of development.


FreeFixer
Read more about FreeFixer, Kephyr's latest spyware removal tool.
Home & Products |  Legal |  Privacy |  Search

© Kephyr, 2003-2012. HtmlTidy, HTML 4.01, CSS andy@kephyr.com