Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

OMG Please help


  • Please log in to reply

#1
Maria

Maria

    New Member

  • Member
  • Pip
  • 1 posts
I did a can with spy doctor but it cant remove unless I buy it can i just go and delete all in the list here is my list
Spyware Doctor Activity Report
Generated on 2/12/2005 4:11:17 PM Spyware Doctor Homepage PCTools Homepage Technical Support


Scans (basic information only):

Scan Results:
scan start: 2/12/2005 4:11:21 PM
scan stop: 2/12/2005 4:22:07 PM
scanned items: 82718
found items: 124
found and ignored: 0
tools used: General Scanner, Process Scanner, Hosts scanner, LSP Scanner, Registry Scanner, Cookie Scanner, Browser Defaults, Favorites and ZoneMap Scanner, Browser Scanner, Disk Scanner



Infection Name Location Risk
DelfinProject multiple Elevated
Virtual Bouncer multiple Medium
ClkOptimizer explorer.exe (C:\WINDOWS\system32\ipsaei.dll) Medium
ClkOptimizer mcagent.exe (C:\WINDOWS\system32\ipsaei.dll) Medium
ClkOptimizer mssysmgr.exe (C:\WINDOWS\system32\ipsaei.dll) Medium
CouponAge rundll32.exe (C:\WINDOWS\system32\calsp.dll) Elevated
ClkOptimizer rundll32.exe (C:\WINDOWS\system32\ipsaei.dll) Medium
ClkOptimizer AcroRd32.exe (C:\WINDOWS\system32\ipsaei.dll) Medium
CouponAge iexplore.exe (C:\WINDOWS\system32\calsp.dll) Elevated
ClkOptimizer iexplore.exe (C:\WINDOWS\system32\ipsaei.dll) Medium
Look2Me 69.20.16.183 auto.search.msn.com Elevated
Look2Me 69.20.16.183 search.netscape.com Elevated
Look2Me 69.20.16.183 ieautosearch Elevated
Possible Website Hijack 69.20.16.183 auto.search.msn.com High
Possible Website Hijack 69.20.16.183 search.netscape.com High
Trojan/StartPage-BN 69.20.16.183 auto.search.msn.com Medium
Trojan/StartPage-BN 69.20.16.183 search.netscape.com Medium
Trojan/StartPage-BN 69.20.16.183 ieautosearch Medium
CouponAge C:\WINDOWS\system32\calsp.dll Elevated
AdDestroyer HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AdDestroyer Medium
Begin2Search HKCU\Software\msbb High
DelfinProject HKLM\SOFTWARE\vmss Elevated
Elitum EliteBar (Search Miracle) HKLM\SOFTWARE\ohbbackup Elevated
Elitum EliteBar (Search Miracle) HKLM\SOFTWARE\ohbbackup\EliteSideBar Elevated
Elitum EliteBar (Search Miracle) HKLM\SOFTWARE\ohbbackup\EliteToolBar Elevated
Grokster HKLM\SOFTWARE\Dvx Medium
Huntbar HKCR\PROTOCOLS\Name-Space Handler\res Elevated
IEPlugin HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Recommended Hotfix - 421701D Medium
Virtual Bouncer HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Virtual Bouncer Medium
Virtual Bouncer HKLM\SOFTWARE\Wise Solutions\Wise Installation System\Repair\C:/Program Files/VBouncer/INSTALL.LOG Medium
WebSearch HKCR\PROTOCOLS\Name-Space Handler\res Elevated
WildTangent HKCR\WildTangent.ActiveLauncher Medium
WildTangent HKCR\WildTangent.ActiveLauncher\CLSID Medium
WildTangent HKCR\WildTangent.ActiveLauncher\CurVer Medium
WildTangent HKCR\WildTangent.ActiveLauncher\Insertable Medium
WildTangent HKCR\WildTangent.ActiveLauncher.1 Medium
WildTangent HKCR\WildTangent.ActiveLauncher.1\CLSID Medium
WildTangent HKCR\WildTangent.ActiveLauncher.1\Insertable Medium
WildTangent HKCR\Interface\{1DE680D4-84B7-4239-A887-9482A29DBE14} Medium
WildTangent HKCR\Interface\{1DE680D4-84B7-4239-A887-9482A29DBE14}\ProxyStubClsid Medium
WildTangent HKCR\Interface\{1DE680D4-84B7-4239-A887-9482A29DBE14}\ProxyStubClsid32 Medium
WildTangent HKCR\Interface\{1DE680D4-84B7-4239-A887-9482A29DBE14}\TypeLib Medium
WildTangent HKCR\Interface\{25F53F41-0C37-40FA-AE9F-A260DB2D64CF} Medium
WildTangent HKCR\Interface\{25F53F41-0C37-40FA-AE9F-A260DB2D64CF}\ProxyStubClsid Medium
WildTangent HKCR\Interface\{25F53F41-0C37-40FA-AE9F-A260DB2D64CF}\ProxyStubClsid32 Medium
WildTangent HKCR\Interface\{25F53F41-0C37-40FA-AE9F-A260DB2D64CF}\TypeLib Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E} Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E}\1.0 Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E}\1.0\0 Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E}\1.0\0\win32 Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E}\1.0\FLAGS Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E}\1.0\HELPDIR Medium
WildTangent HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls##wtControlPanel Medium
XXXToolbar HKCU\Software\Policies\Avenue Media Elevated
XXXToolbar HKLM\SOFTWARE\Policies\Avenue Media Elevated
Zango Search Assistant HKCU\Software\Policies\Avenue Media Elevated
Zango Search Assistant HKLM\SOFTWARE\Policies\Avenue Media Elevated
Known Bad Sites C:\WINDOWS\Favorites\amazon.com.url High
Known Bad Sites C:\WINDOWS\Favorites\ebay.com.url High
Known Bad Sites C:\WINDOWS\Favorites\expedia.com.url High
Known Bad Sites C:\WINDOWS\Favorites\links\amazon.com.url High
Known Bad Sites C:\WINDOWS\Favorites\links\ebay.com.url High
Known Bad Sites C:\WINDOWS\Favorites\links\expedia.url High
Possible Website Hijack : aol.com High
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D} Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Control Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\InprocServer32 Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Insertable Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\MiscStatus Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\MiscStatus\1 Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\ProgID Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Programmable Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\ToolboxBitmap32 Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\TypeLib Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Version Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\VersionIndependentProgID Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D} Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Control Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\InprocServer32 Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Insertable Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\MiscStatus Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\MiscStatus\1 Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\ProgID Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Programmable Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\ToolboxBitmap32 Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\TypeLib Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Version Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\VersionIndependentProgID Medium
Virtual Bouncer C:\Documents and Settings\All Users\Application Data\VBouncer\SWsettings.xml Medium
DelfinProject C:\Documents and Settings\All Users\Application Data\vmss\vmss.inf Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinAF.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinBD.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinCO.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinDL.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinED.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinID.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinKY.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinLD.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinLO.ebd Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinSI.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinST.ebd Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinTG.ebd Elevated
DelfinProject C:\keys.ini Elevated
WildTangent C:\Program Files\Java\j2re1.4.2_03\lib\ext\DRM0302java.jar Medium
WildTangent C:\Program Files\Java\j2re1.4.2_03\lib\ext\wildtangent.jar Medium
WildTangent C:\Program Files\Java\j2re1.4.2_03\lib\ext\wtdmmpi.jar Medium
XXXToolbar C:\WINDOWS\INF\conscorr.inf Elevated
Zango Search Assistant C:\WINDOWS\INF\conscorr.inf Elevated
CouponAge C:\WINDOWS\system32\cacore.dll Elevated
CouponAge C:\WINDOWS\system32\carules.dll Elevated
CouponAge C:\WINDOWS\system32\casync.dll Elevated
BrAid/Startium C:\WINDOWS\system32\D0CE0C16B1.DLL High
Jraun C:\WINDOWS\system32\drivers\etc\hosts.bho High
BrAid/Startium C:\WINDOWS\system32\e6f1873b.dll High
Online-Dialler C:\WINDOWS\system32\q6nu0g59e6.dll Elevated
IncrediFind variant C:\WINDOWS\system32\setup_incred_9.exe High
BrAid/Stlb2 C:\WINDOWS\system32\stlb2.xml Medium
DelfinProject C:\WINDOWS\system32\vmss\vmss.exe Elevated
Jraun C:\WINDOWS\temp\SpOrder.dll High
nCASE C:\Documents and Settings\All Users\Documents\AOL Downloads\Old Computer\Favorites\Games\Riviera Gold Casino.url Medium
Wintools C:\Documents and Settings\MariaC\Local Settings\Temp\Temporary Directory 1 for 20041105002459265.zip\Program Files\common files\wintools\rmhgxlmu.wzg Medium
ClkOptimizer C:\WINDOWS\SYSTEM32\ipsaKKei.dll Medium
AdDestroyer C:\WINDOWS\Temp\nsdtmp09.dll Medium
Grokster C:\WINDOWS\Temp\vmstmp\vmstmp.exe Medium


Other Sections:








Copyright © 2005. Distributed by PC Tools Pty Ltd. Legal Notice


:mad:
  • 0

Advertisements


#2
senshisteph

senshisteph

    Member

  • Member
  • PipPip
  • 41 posts
Please Click here!, and follow the recommendations in the guide.

If you're still having trouble, We'll need you to use a free diagnostic tool, Hijack This. Follow the instructions in step five of this guide, and post your log as a new topic in the Hijack This forum. It will get a better response there from the people most qualified to analyze logs.

Most of what Hijack This lists lists will be harmless or even essential, DO NOT delete or modify anything yet! Someone will be along to tell you what steps to take after you post the contents of the scan results.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP