Bazooka Adware and Spyware Scanner Log 209

****************************************
Bazooka Adware and Spyware Scanner v1.13.01
http://www.kephyr.com/spywarescanner/
http://www.kephyr.com/spywarescanner/library/
Log created 01:31:42.
OS: Windows NT 5.1
Database version: 1.930000
Database format version: 1.020000
Database date: 20040326
Current date: 2004-04-02 01:31


****************************************
Result when scanning:

A Better Internet 777.777.000 bi.dll
http://www.kephyr.com/spywarescanner/library/abetterinternet/index.phtml

Acceleration Soft 737.700.000 %ProgramsDir%\Common Files\eAcceleration\
C:\Program Files\Common Files\eAcceleration\
http://www.kephyr.com/spywarescanner/library/accelerationsoft/index.phtml

Comet Cursor 836.000.001 {FE6BC4EF-5676-484B-88AE-883323913256}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{FE6BC4EF-5676-484B-88AE-883323913256}
http://www.kephyr.com/spywarescanner/library/cometcursor/index.phtml

CommonName 452.457.949 %ProgramsDir%\CommonName\
C:\Program Files\CommonName\
http://www.kephyr.com/spywarescanner/library/commonname/index.phtml

CommonName.cnbabe 132.400.000 {00000000-0000-0000-0000-000000000000}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000000-0000-0000-0000-000000000000}
http://www.kephyr.com/spywarescanner/library/commonname.cnbabe/index.phtml

Cydoor 399.000.000 %SystemDir%\AdCache\
C:\WINDOWS\System32\\AdCache\
http://www.kephyr.com/spywarescanner/library/cydoor/index.phtml

Cydoor 399.000.001 Cd_clint.dll
http://www.kephyr.com/spywarescanner/library/cydoor/index.phtml

eXact Search Bar.B 618.299.127 {224530A0-C9CB-4AEE-9C0F-54AC1B533211}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{224530A0-C9CB-4AEE-9C0F-54AC1B533211}
http://www.kephyr.com/spywarescanner/library/exactsearchbar.b/index.phtml

eZula 122.927.150 %SystemDir%\ezstub.exe
C:\WINDOWS\System32\\ezstub.exe
http://www.kephyr.com/spywarescanner/library/ezula/index.phtml

Gator 112.997.000 GMT.exe
http://www.kephyr.com/spywarescanner/library/gain/index.phtml

Gator 102.098.947 CMESys
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\CMESys
http://www.kephyr.com/spywarescanner/library/gain/index.phtml

Gator 112.198.918 %ProgramsDir%\iMesh\Client\fsg.exe
C:\Program Files\iMesh\Client\fsg.exe
http://www.kephyr.com/spywarescanner/library/gain/index.phtml

HoHBBLOCKar 177.778.978 {B195B3B3-8A05-11D3-97A4-0004ACA6948E}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{B195B3B3-8A05-11D3-97A4-0004ACA6948E}
http://www.kephyr.com/spywarescanner/library/hoHBBLOCKar/index.phtml

HoHBBLOCKar 177.778.978 {B195B3B3-8A05-11D3-97A4-0004ACA6948E}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{B195B3B3-8A05-11D3-97A4-0004ACA6948E}
http://www.kephyr.com/spywarescanner/library/hoHBBLOCKar/index.phtml

KeenValue.updmgr 644.000.000 updmgr
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\updmgr
http://www.kephyr.com/spywarescanner/library/keenvalue.updmgr/index.phtml

KeenValue.updmgr 644.000.001 %ProgramsDir%\Common Files\updmgr\
C:\Program Files\Common Files\updmgr\
http://www.kephyr.com/spywarescanner/library/keenvalue.updmgr/index.phtml

MS Media Player GUID 404.888.000
HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
http://www.kephyr.com/spywarescanner/library/msmediaplayerguid/index.phtml

My Search Bar 777.777.778 c:\Program Files\MyWay\
c:\Program Files\MyWay\
http://www.kephyr.com/spywarescanner/library/mysearchbar/index.phtml

StarDialer 739.000.003
HKEY_LOCAL_MACHINE\SOFTWARE\MainPean Highspeed\Country
http://www.kephyr.com/spywarescanner/library/stardialer/index.phtml

W32.Mydoom 394.750.001 TaskMon
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\TaskMon
http://www.kephyr.com/spywarescanner/library/w32.mydoom/index.phtml

Winpup 340.800.002
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\pup\ren
http://www.kephyr.com/spywarescanner/library/winpup/index.phtml

Wurld Media 937.027.039 {D14641FA-445B-448E-9994-209F7AF15641}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D14641FA-445B-448E-9994-209F7AF15641}
http://www.kephyr.com/spywarescanner/library/wurldmedia/index.phtml

****************************************
Auto start entries:
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
C:\Program Files\Microsoft Office\Office10\OSA.EXE -b -l
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Common Files\GMT\GMT.exe /startup
C:\Program Files\CoffeeCup Software\CoffeeCup Free FTP\ThirtyDayTimer.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
C:\Program Files\Microsoft Office\Office10\OSA.EXE -b -l
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Common Files\GMT\GMT.exe /startup
C:\Program Files\CoffeeCup Software\CoffeeCup Free FTP\ThirtyDayTimer.exe
C:\Documents and Settings\Lulu Yu\Start Menu\Programs\Startup\desktop.ini
C:\Program Files\Webshots\Launcher.exe /t
C:\Documents and Settings\Lulu Yu\Start Menu\Programs\Startup\desktop.ini
C:\Program Files\Webshots\Launcher.exe /t

Go here to analyse the startup entries and the associated files:
http://www.kephyr.com/filedb/index.php

****************************************
Run entries:
SystemTray SysTray.Exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SystemTray

Desksite CMA c:\program files\desksite\bin\cma.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Desksite CMA

TkBellExe C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\TkBellExe

CMESys "C:\Program Files\Common Files\CMEII\CMESys.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\CMESys

IncrediMail C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\IncrediMail

SunJavaUpdateSched C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SunJavaUpdateSched

OWCWebCamDV C:\WINDOWS\system\wcdvtray.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OWCWebCamDV

FinePrint Dispatcher v5 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\FinePrint Dispatcher v5

iTunesHelper C:\Program Files\iTunes\iTunesHelper.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\iTunesHelper

QuickTime Task "C:\Program Files\QuickTime\qttask.exe" -atboottime
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\QuickTime Task

IgfxTray C:\WINDOWS\System32\igfxtray.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\IgfxTray

HotKeysCmds C:\WINDOWS\System32\hkcmd.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\HotKeysCmds

TaskMon C:\WINDOWS\System32\taskmon.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\TaskMon

wcmdmgr C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\wcmdmgr

updmgr C:\Program Files\Common files\updmgr\updmgr.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\updmgr

BlubsterSupport wjview /cp:p "C:\Program Files\BlubsterSupport\System\Code" Main lp: "C:\Program Files\BlubsterSupport"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\BlubsterSupport

SpyHunter C:\Program Files\SpyHunter\SpyHunter.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SpyHunter

txexm C:\WINDOWS\System32\txexm.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\txexm

Yahoo! Pager C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Yahoo! Pager

ares "C:\Program Files\Ares\Ares.exe" -h
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ares

RoboForm "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\RoboForm


Go here to analyse the run entries and the associated files:
http://www.kephyr.com/filedb/index.php

****************************************
Browser helper objects:

{00000000-0000-0000-0000-000000000000} BabeIE C:\PROGRA~1\COMMON~2\Toolbar\cnbabe.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000000-0000-0000-0000-000000000000}

{0428FFC7-1931-45b7-95CB-3CBB919777E1} NavErrRedir Class C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0428FFC7-1931-45b7-95CB-3CBB919777E1}

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} not set C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

{12BA043E-293E-4CE4-A8C7-8460934FE801} IBBHO C:\Program Files\IncrediBar\bin\IBBHO.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{12BA043E-293E-4CE4-A8C7-8460934FE801}

{53707962-6F74-2D53-2644-206D7942484F} not set C:\PROGRA~1\SPYBOT~1\SDHelper.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}

{724d43a9-0d85-11d4-9908-00400523e39a} not set C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}

{9527D42F-D666-11D3-B8DD-00600838CD5F} not set C:\WINDOWS\System32\IETie.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9527D42F-D666-11D3-B8DD-00600838CD5F}

{AA58ED58-01DD-4d91-8333-CF10577473F7} not set c:\windows\googletoolbar1.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}

{D14641FA-445B-448E-9994-209F7AF15641} not set Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{D14641FA-445B-448E-9994-209F7AF15641}\InprocServer32

System error message: The system cannot find the file specified.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D14641FA-445B-448E-9994-209F7AF15641}


****************************************
Toolbars:

{8E718888-423F-11D2-876E-00A0C9082467} C:\WINDOWS\System32\msdxm.ocx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8E718888-423F-11D2-876E-00A0C9082467}

{724d43a0-0d85-11d4-9908-00400523e39a} C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{724d43a0-0d85-11d4-9908-00400523e39a}

{2318C2B1-4965-11d4-9B18-009027A5CD4F} c:\windows\googletoolbar1.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{2318C2B1-4965-11d4-9B18-009027A5CD4F}

{D8073790-84C7-4602-BF77-C6ACBF1612E4} C:\Program Files\IncrediBar\bin\IBTBar.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D8073790-84C7-4602-BF77-C6ACBF1612E4}

{01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINDOWS\System32\browseui.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383}

{0E5CBF21-D15F-11D0-8301-00AA005B4383} C:\WINDOWS\system32\SHELL32.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}

{8E718888-423F-11D2-876E-00A0C9082467} C:\WINDOWS\System32\msdxm.ocx
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{8E718888-423F-11D2-876E-00A0C9082467}

{2318C2B1-4965-11D4-9B18-009027A5CD4F} c:\windows\googletoolbar1.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F}

{724D43A0-0D85-11D4-9908-00400523E39A} C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{724D43A0-0D85-11D4-9908-00400523E39A}

{B195B3B3-8A05-11D3-97A4-0004ACA6948E} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{B195B3B3-8A05-11D3-97A4-0004ACA6948E}\InprocServer32

System error message: The system cannot find the file specified.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{B195B3B3-8A05-11D3-97A4-0004ACA6948E}

{01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINDOWS\System32\browseui.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383}

{0E5CBF21-D15F-11D0-8301-00AA005B4383} C:\WINDOWS\system32\SHELL32.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}

{B195B3B3-8A05-11D3-97A4-0004ACA6948E} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{B195B3B3-8A05-11D3-97A4-0004ACA6948E}\InprocServer32

System error message: The system cannot find the file specified.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{B195B3B3-8A05-11D3-97A4-0004ACA6948E}

{8E718888-423F-11D2-876E-00A0C9082467} C:\WINDOWS\System32\msdxm.ocx
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{8E718888-423F-11D2-876E-00A0C9082467}

{2318C2B1-4965-11D4-9B18-009027A5CD4F} c:\windows\googletoolbar1.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F}

{FE6BC4EF-5676-484B-88AE-883323913256} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{FE6BC4EF-5676-484B-88AE-883323913256}\InprocServer32

System error message: The system cannot find the file specified.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{FE6BC4EF-5676-484B-88AE-883323913256}

{724D43A0-0D85-11D4-9908-00400523E39A} C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{724D43A0-0D85-11D4-9908-00400523E39A}

{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\InprocServer32

System error message: The system cannot find the file specified.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}

{D8073790-84C7-4602-BF77-C6ACBF1612E4} C:\Program Files\IncrediBar\bin\IBTBar.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D8073790-84C7-4602-BF77-C6ACBF1612E4}

{224530A0-C9CB-4AEE-9C0F-54AC1B533211} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{224530A0-C9CB-4AEE-9C0F-54AC1B533211}\InprocServer32

System error message: The system cannot find the file specified.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{224530A0-C9CB-4AEE-9C0F-54AC1B533211}

{4528BBE0-4E08-11D5-AD55-00010333D0AD} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{4528BBE0-4E08-11D5-AD55-00010333D0AD}\InprocServer32

System error message: The system cannot find the file specified.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD}

{4D5C8C25-D075-11d0-B416-00C04FB90376} C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}

{32683183-48a0-441b-a342-7c2a440a9478} C:\WINDOWS\SYSTEM32\BROWSEUI.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}

{4528BBE0-4E08-11D5-AD55-00010333D0AD} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{4528BBE0-4E08-11D5-AD55-00010333D0AD}\InprocServer32

System error message: The system cannot find the file specified.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD}

{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} C:\WINDOWS\system32\SHELL32.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}

{EDC4193F-34AD-4D07-AA87-E3FDB89E3E76} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{EDC4193F-34AD-4D07-AA87-E3FDB89E3E76}\InprocServer32

System error message: The system cannot find the file specified.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{EDC4193F-34AD-4D07-AA87-E3FDB89E3E76}

{EFA24E64-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\System32\shdocvw.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}


****************************************
All processes:

[System Process]
System
SMSS.EXE
CSRSS.EXE
WINLOGON.EXE
SERVICES.EXE
LSASS.EXE
SVCHOST.EXE
SVCHOST.EXE
SVCHOST.EXE
SVCHOST.EXE
EXPLORER.EXE
SPOOLSV.EXE
CMA.EXE
EVNTSVC.EXE
CMESys.exe
JUSCHED.EXE
WCDVTRAY.EXE
FPDISP5A.EXE
iTunesHelper.exe
HKCMD.EXE
CAPM1RSK.EXE
IMApp.exe
UPDMGR.EXE
WCMDMGR.EXE
SpyHunter.exe
RoboTaskBarIcon.exe
GMT.EXE
CAPM1SWK.EXE
eEBSvc.exe
AVGSERV.EXE
CISVC.EXE
txexm.exe
GEARSEC.EXE
SVCHOST.EXE
MsPMSPSv.exe
iPodService.exe
spywarescanner.exe
cidaemon.exe
rundll32.exe

Go here to analyse the running processes:
http://www.kephyr.com/filedb/index.php

****************************************
Internet Explorer Settings:

Default_Page_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL

Default_Search_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL

Local Page C:\WINDOWS\SYSTEM\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page

Search Bar http://srch-us2.hpwis.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar

Search Page http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page

Start Page http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page

SearchAssistant http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant

CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch

http://
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix\

www http://
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\www

http://home.microsoft.com/access/autosearch.asp?p=%s
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\

provider
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\provider

Local Page C:\WINDOWS\System32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page

Search Bar http://home.microsoft.com/search/lobby/search.asp
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar

Search Page http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page

Start Page http://mail.yahoo.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page

Use Search Asst yes
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use Search Asst


****************************************