Spyware Doctor Activity Report
Generated on 2/12/2005 4:11:17 PM Spyware Doctor Homepage PCTools Homepage Technical Support
Scans (basic information only):
Scan Results:
scan start: 2/12/2005 4:11:21 PM
scan stop: 2/12/2005 4:22:07 PM
scanned items: 82718
found items: 124
found and ignored: 0
tools used: General Scanner, Process Scanner, Hosts scanner, LSP Scanner, Registry Scanner, Cookie Scanner, Browser Defaults, Favorites and ZoneMap Scanner, Browser Scanner, Disk Scanner
Infection Name Location Risk
DelfinProject multiple Elevated
Virtual Bouncer multiple Medium
ClkOptimizer explorer.exe (C:\WINDOWS\system32\ipsaei.dll) Medium
ClkOptimizer mcagent.exe (C:\WINDOWS\system32\ipsaei.dll) Medium
ClkOptimizer mssysmgr.exe (C:\WINDOWS\system32\ipsaei.dll) Medium
CouponAge rundll32.exe (C:\WINDOWS\system32\calsp.dll) Elevated
ClkOptimizer rundll32.exe (C:\WINDOWS\system32\ipsaei.dll) Medium
ClkOptimizer AcroRd32.exe (C:\WINDOWS\system32\ipsaei.dll) Medium
CouponAge iexplore.exe (C:\WINDOWS\system32\calsp.dll) Elevated
ClkOptimizer iexplore.exe (C:\WINDOWS\system32\ipsaei.dll) Medium
Look2Me 69.20.16.183 auto.search.msn.com Elevated
Look2Me 69.20.16.183 search.netscape.com Elevated
Look2Me 69.20.16.183 ieautosearch Elevated
Possible Website Hijack 69.20.16.183 auto.search.msn.com High
Possible Website Hijack 69.20.16.183 search.netscape.com High
Trojan/StartPage-BN 69.20.16.183 auto.search.msn.com Medium
Trojan/StartPage-BN 69.20.16.183 search.netscape.com Medium
Trojan/StartPage-BN 69.20.16.183 ieautosearch Medium
CouponAge C:\WINDOWS\system32\calsp.dll Elevated
AdDestroyer HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AdDestroyer Medium
Begin2Search HKCU\Software\msbb High
DelfinProject HKLM\SOFTWARE\vmss Elevated
Elitum EliteBar (Search Miracle) HKLM\SOFTWARE\ohbbackup Elevated
Elitum EliteBar (Search Miracle) HKLM\SOFTWARE\ohbbackup\EliteSideBar Elevated
Elitum EliteBar (Search Miracle) HKLM\SOFTWARE\ohbbackup\EliteToolBar Elevated
Grokster HKLM\SOFTWARE\Dvx Medium
Huntbar HKCR\PROTOCOLS\Name-Space Handler\res Elevated
IEPlugin HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Recommended Hotfix - 421701D Medium
Virtual Bouncer HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Virtual Bouncer Medium
Virtual Bouncer HKLM\SOFTWARE\Wise Solutions\Wise Installation System\Repair\C:/Program Files/VBouncer/INSTALL.LOG Medium
WebSearch HKCR\PROTOCOLS\Name-Space Handler\res Elevated
WildTangent HKCR\WildTangent.ActiveLauncher Medium
WildTangent HKCR\WildTangent.ActiveLauncher\CLSID Medium
WildTangent HKCR\WildTangent.ActiveLauncher\CurVer Medium
WildTangent HKCR\WildTangent.ActiveLauncher\Insertable Medium
WildTangent HKCR\WildTangent.ActiveLauncher.1 Medium
WildTangent HKCR\WildTangent.ActiveLauncher.1\CLSID Medium
WildTangent HKCR\WildTangent.ActiveLauncher.1\Insertable Medium
WildTangent HKCR\Interface\{1DE680D4-84B7-4239-A887-9482A29DBE14} Medium
WildTangent HKCR\Interface\{1DE680D4-84B7-4239-A887-9482A29DBE14}\ProxyStubClsid Medium
WildTangent HKCR\Interface\{1DE680D4-84B7-4239-A887-9482A29DBE14}\ProxyStubClsid32 Medium
WildTangent HKCR\Interface\{1DE680D4-84B7-4239-A887-9482A29DBE14}\TypeLib Medium
WildTangent HKCR\Interface\{25F53F41-0C37-40FA-AE9F-A260DB2D64CF} Medium
WildTangent HKCR\Interface\{25F53F41-0C37-40FA-AE9F-A260DB2D64CF}\ProxyStubClsid Medium
WildTangent HKCR\Interface\{25F53F41-0C37-40FA-AE9F-A260DB2D64CF}\ProxyStubClsid32 Medium
WildTangent HKCR\Interface\{25F53F41-0C37-40FA-AE9F-A260DB2D64CF}\TypeLib Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E} Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E}\1.0 Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E}\1.0\0 Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E}\1.0\0\win32 Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E}\1.0\FLAGS Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E}\1.0\HELPDIR Medium
WildTangent HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls##wtControlPanel Medium
XXXToolbar HKCU\Software\Policies\Avenue Media Elevated
XXXToolbar HKLM\SOFTWARE\Policies\Avenue Media Elevated
Zango Search Assistant HKCU\Software\Policies\Avenue Media Elevated
Zango Search Assistant HKLM\SOFTWARE\Policies\Avenue Media Elevated
Known Bad Sites C:\WINDOWS\Favorites\amazon.com.url High
Known Bad Sites C:\WINDOWS\Favorites\ebay.com.url High
Known Bad Sites C:\WINDOWS\Favorites\expedia.com.url High
Known Bad Sites C:\WINDOWS\Favorites\links\amazon.com.url High
Known Bad Sites C:\WINDOWS\Favorites\links\ebay.com.url High
Known Bad Sites C:\WINDOWS\Favorites\links\expedia.url High
Possible Website Hijack : aol.com High
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D} Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Control Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\InprocServer32 Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Insertable Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\MiscStatus Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\MiscStatus\1 Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\ProgID Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Programmable Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\ToolboxBitmap32 Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\TypeLib Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Version Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\VersionIndependentProgID Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D} Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Control Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\InprocServer32 Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Insertable Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\MiscStatus Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\MiscStatus\1 Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\ProgID Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Programmable Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\ToolboxBitmap32 Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\TypeLib Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Version Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\VersionIndependentProgID Medium
Virtual Bouncer C:\Documents and Settings\All Users\Application Data\VBouncer\SWsettings.xml Medium
DelfinProject C:\Documents and Settings\All Users\Application Data\vmss\vmss.inf Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinAF.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinBD.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinCO.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinDL.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinED.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinID.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinKY.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinLD.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinLO.ebd Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinSI.edx Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinST.ebd Elevated
DelfinProject C:\Documents and Settings\All Users\Application Data\wsxs\delfinTG.ebd Elevated
DelfinProject C:\keys.ini Elevated
WildTangent C:\Program Files\Java\j2re1.4.2_03\lib\ext\DRM0302java.jar Medium
WildTangent C:\Program Files\Java\j2re1.4.2_03\lib\ext\wildtangent.jar Medium
WildTangent C:\Program Files\Java\j2re1.4.2_03\lib\ext\wtdmmpi.jar Medium
XXXToolbar C:\WINDOWS\INF\conscorr.inf Elevated
Zango Search Assistant C:\WINDOWS\INF\conscorr.inf Elevated
CouponAge C:\WINDOWS\system32\cacore.dll Elevated
CouponAge C:\WINDOWS\system32\carules.dll Elevated
CouponAge C:\WINDOWS\system32\casync.dll Elevated
BrAid/Startium C:\WINDOWS\system32\D0CE0C16B1.DLL High
Jraun C:\WINDOWS\system32\drivers\etc\hosts.bho High
BrAid/Startium C:\WINDOWS\system32\e6f1873b.dll High
Online-Dialler C:\WINDOWS\system32\q6nu0g59e6.dll Elevated
IncrediFind variant C:\WINDOWS\system32\setup_incred_9.exe High
BrAid/Stlb2 C:\WINDOWS\system32\stlb2.xml Medium
DelfinProject C:\WINDOWS\system32\vmss\vmss.exe Elevated
Jraun C:\WINDOWS\temp\SpOrder.dll High
nCASE C:\Documents and Settings\All Users\Documents\AOL Downloads\Old Computer\Favorites\Games\Riviera Gold Casino.url Medium
Wintools C:\Documents and Settings\MariaC\Local Settings\Temp\Temporary Directory 1 for 20041105002459265.zip\Program Files\common files\wintools\rmhgxlmu.wzg Medium
ClkOptimizer C:\WINDOWS\SYSTEM32\ipsaKKei.dll Medium
AdDestroyer C:\WINDOWS\Temp\nsdtmp09.dll Medium
Grokster C:\WINDOWS\Temp\vmstmp\vmstmp.exe Medium
Other Sections:
Copyright © 2005. Distributed by PC Tools Pty Ltd. Legal Notice
:mad:
Sign In
Create Account
