Bazooka Adware and Spyware Scanner Log 288

****************************************
Bazooka Adware and Spyware Scanner v1.12
Log created 07:10:11.
OS: Windows NT 5.1
Database version: 2.010000
Database format version: 1.020000
Database date: 20040512
Current date: 2004-05-14 07:10

****************************************
Auto start entries:
C:\PROGRA~1\SIERRA~1\IMAGEE~1\IXApplet.exe -s
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DESKTOP.INI
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_SRCV02.EXE
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE -b -l
C:\PROGRA~1\COMMON~1\MICROS~1\WORKSS~1\wkcalrem.exe
C:\PROGRA~1\SIERRA~1\IMAGEE~1\IXApplet.exe -s
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DESKTOP.INI
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_SRCV02.EXE
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE -b -l
C:\PROGRA~1\COMMON~1\MICROS~1\WORKSS~1\wkcalrem.exe
C:\Documents and Settings\Hector Pop\Start Menu\Programs\Startup\DESKTOP.INI
C:\Documents and Settings\Hector Pop\Start Menu\Programs\Startup\DESKTOP.INI

****************************************
Run entries:
Microsoft Works Portfolio C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
Microsoft Works Update Detection C:\Program Files\Microsoft Works\WkDetect.exe
NvCplDaemon RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
AdaptecDirectCD "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
UpdReg C:\WINDOWS\Updreg.exe
AHQInit C:\Program Files\Creative\SBLive\Program\AHQInit.exe
NAV Agent C:\PROGRA~1\NORTON~1\navapw32.exe
WorksFUD C:\Program Files\Microsoft Works\Wkfud.exe
DellTouch C:\WINDOWS\DELLMMKB.EXE
Ink Monitor C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe
TkBellExe C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
IMJPMIG8.1 "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
IMEKRMIG6.1 C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
MSPY2002 C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
PHIME2002ASync C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
QuickTime Task "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSMSGS "C:\Program Files\Messenger\msmsgs.exe" /background
ctfmon.exe C:\WINDOWS\System32\ctfmon.exe

****************************************
Browser helper objects:

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} not set C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
{139D88E5-C372-469D-B4C5-1FE00852AB9B} not set C:\WINDOWS\System32\ofrg.dll
{6085FB5B-C281-4B9C-8E5D-D2792EA30D2F} not set C:\WINDOWS\System32\netpal2.dll
{7DD896A9-7AEB-430F-955B-CD125604FDCB} not set C:\WINDOWS\System32\vern32.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} not set c:\windows\googletoolbar1.dll
{BDF3E430-B101-42AD-A544-FADC6B084872} NAV Helper C:\Program Files\Norton AntiVirus\NavShExt.dll

****************************************
Toolbars:

{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} C:\Program Files\Norton AntiVirus\NavShExt.dll
{8E718888-423F-11D2-876E-00A0C9082467} C:\WINDOWS\System32\msdxm.ocx
{2318C2B1-4965-11d4-9B18-009027A5CD4F} c:\windows\googletoolbar1.dll
{B195B3B3-8A05-11D3-97A4-0004ACA6948E} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{B195B3B3-8A05-11D3-97A4-0004ACA6948E}\InprocServer32

System error message: The system cannot find the file specified.

{2318C2B1-4965-11D4-9B18-009027A5CD4F} c:\windows\googletoolbar1.dll
{01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINDOWS\System32\browseui.dll
{0E5CBF21-D15F-11D0-8301-00AA005B4383} C:\WINDOWS\system32\SHELL32.dll
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} C:\Program Files\Norton AntiVirus\NavShExt.dll
{B195B3B3-8A05-11D3-97A4-0004ACA6948E} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{B195B3B3-8A05-11D3-97A4-0004ACA6948E}\InprocServer32

System error message: The system cannot find the file specified.

{2318C2B1-4965-11D4-9B18-009027A5CD4F} c:\windows\googletoolbar1.dll
{4D5C8C25-D075-11d0-B416-00C04FB90376} C:\WINDOWS\System32\shdocvw.dll
{30D02401-6A81-11D0-8274-00C04FD5AE38} C:\WINDOWS\System32\browseui.dll
{32683183-48a0-441b-a342-7c2a440a9478} C:\WINDOWS\System32\browseui.dll
{BECAFC17-BAF9-11D4-B492-00D0B77F0A6D} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{BECAFC17-BAF9-11D4-B492-00D0B77F0A6D}\InprocServer32

System error message: The system cannot find the file specified.

{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} C:\WINDOWS\system32\SHELL32.dll
{EFA24E61-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\System32\shdocvw.dll
{EFA24E62-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\System32\shdocvw.dll
{EFA24E64-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\System32\shdocvw.dll

****************************************
All processes:

0 [System Process]
4 System
544 smss.exe
620 CSRSS.EXE
644 winlogon.exe
696 SERVICES.EXE
708 lsass.exe
868 SVCHOST.EXE
920 SVCHOST.EXE
1032 SVCHOST.EXE
1096 SVCHOST.EXE
1244 SPOOLSV.EXE
1344 Nhksrv.exe
1360 alg.exe
1372 CTSVCCDA.EXE
1396 SAgent2.exe
1436 NAVAPSVC.EXE
1512 nvsvc32.exe
1652 vpn5000service.exe
1692 MsPMSPSv.exe
428 explorer.exe
1056 Directcd.exe
1084 NAVAPW32.EXE
1116 DellMMKb.exe
1184 evntsvc.exe
1564 qttask.exe
1612 devldr32.exe
1616 msmsgs.exe
1644 ctfmon.exe
216 WkCalRem.exe
304 OSD.exe
768 E_S10IC2.EXE
2648 spywarescanner.exe

****************************************
Result when scanning:

Bargain Buddy 102.997.949 %ProgramsDir%\Bargain Buddy\
Favoriteman 692.118.338 ofrg.dll
Favoriteman 692.118.339 {139D88E5-C372-469D-B4C5-1FE00852AB9B}
HoHBBLOCKar 177.778.978 {B195B3B3-8A05-11D3-97A4-0004ACA6948E}
HoHBBLOCKar 177.778.978 {BECAFC17-BAF9-11D4-B492-00D0B77F0A6D}
NetPal 192.193.199 {6085FB5B-C281-4B9C-8E5D-D2792EA30D2F}
Onflow 199.299.001 %ProgramsDir%\Onflow\

***************************************