Anything Forums

Formally anythingforums.com, iceteks.com, uovalor.com and uogateway.com Forums.
https://www.anyf.ca/

I Need Help With Spyware!!

https://www.anyf.ca/viewtopic.php?t=6755

Page 1 of 2

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 11:36 am
by katinamarie72
My Ad-aware found these things, and I'm not sure if its all safe to delete? :(

Huntbar Object recognized!
Type : RegKey
Data : BTLINK_
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWAREMicrosoftWindowsCurrentVersionUninstallBTLINK_404


Huntbar Object recognized!
Type : RegKey
Data : BTLINK_
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWAREMicrosoftWindowsCurrentVersionUninstallBTLINK_DLL


Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : BTIEINScriptConfigProj.BTIEINScriptConfig


Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : btlink.relatedlinksProtocol


Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : btlink.ResProtocol


Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID{26E8361F-BCE7-4F75-A347-98C88B418322}


Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID{63B78BC1-A711-4D46-AD2F-C581AC420D41}


Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID{CD8D1CAA-FE4A-45DF-A06C-028AAF1821DE}


Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID{D6DFF6D8-B94B-4720-B730-1C38C7065C3B}


Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface{26E8361F-BCE7-4F75-A347-98C88B418321}


Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SoftwareBTIEIN


Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : SoftwareBTIEIN


Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SoftwareMicrosoftWindowsCurrentVersionexplorerBrowser Helper Objects{63B78BC1-A711-4D46-AD2F-C581AC420D41}


Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D6DFF6D8-B94B-4720-B730-1C38C7065C3B}


Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\BTLINK


Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Typelib{26E8361F-BCE7-4F75-A347-98C88B418328}


IGetNet Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CURRENT_USER
Object : SoftwareMicrosoftInternet ExplorerURLSearchHooks
Value : {CFBFAE00-17A6-11D0-99CB-00C04FD64497}

Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 17
Objects found so far: 17


Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Possible browser hijack attempt : SoftwareMicrosoftInternet ExplorerMainSearch Barwww.websearch.com

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.websearch.com/ie.aspx"
Rootkey : HKEY_CURRENT_USER
Object : SoftwareMicrosoftInternet ExplorerMain
Value : Search Bar
Data : "http://www.websearch.com/ie.aspx"

Possible browser hijack attempt : SoftwareMicrosoftInternet ExplorerSearchSearchAssistantwww.websearch.com

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.websearch.com/ie.aspx"
Rootkey : HKEY_LOCAL_MACHINE
Object : SoftwareMicrosoftInternet ExplorerSearch
Value : SearchAssistant
Data : "http://www.websearch.com/ie.aspx"

Possible browser hijack attempt : SoftwareMicrosoftInternet ExplorerMainSearch Barwww.websearch.com

ClientMan Object recognized!
Type : RegData
Data : "http://www.websearch.com/ie.aspx"
Rootkey : HKEY_CURRENT_USER
Object : SoftwareMicrosoftInternet ExplorerMain
Value : Search Bar
Data : "http://www.websearch.com/ie.aspx"

Possible browser hijack attempt : SoftwareMicrosoftInternet ExplorerSearchSearchAssistantwww.websearch.com

ClientMan Object recognized!
Type : RegData
Data : "http://www.websearch.com/ie.aspx"
Rootkey : HKEY_LOCAL_MACHINE
Object : SoftwareMicrosoftInternet ExplorerSearch
Value : SearchAssistant
Data : "http://www.websearch.com/ie.aspx"


Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SoftwaremicrosoftwindowscurrentversionmoduleusageC:/WINDOWS/Downloaded Program Files/btiein.dll


Huntbar Object recognized!
Type : RegValue
Data : c:windowsdownloaded program filestiein.dll
Rootkey : HKEY_LOCAL_MACHINE
Object : SoftwareMicrosoftWindowsCurrentVersionSharedDLLs
Value : C:WINDOWSDownloaded Program Filestiein.dll


Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID{3C53010D-97BA-4650-84C5-1A6FAA31055E}


Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : PROTOCOLSHandler
elatedlinks


Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 8
Objects found so far: 25


Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Huntbar Object recognized!
Type : File
Data : btiein.dll
Object : C:WINDOWSSYSTEM32\nFileSize : 192 KB
FileVersion : 2.0.0.114
ProductVersion : 1.0.0.0
Created on : 6/4/2003 12:17:32 AM
Last accessed : 6/12/2003 4:00:00 AM
Last modified : 5/15/2003 6:35:10 PM



Huntbar Object recognized!
Type : File
Data : btiein.dll
Object : C:WINDOWSDownloaded Program Files\nFileSize : 192 KB
FileVersion : 2.0.0.114
ProductVersion : 1.0.0.0
Created on : 5/15/2003 6:35:10 PM
Last accessed : 6/12/2003 4:00:00 AM
Last modified : 5/15/2003 6:35:10 PM



Huntbar Object recognized!
Type : File
Data : ivwricno.wzg
Object : C:Program FilesCommon FilesBTLINK\nFileSize : 39 KB
Created on : 6/4/2003 12:20:16 AM
Last accessed : 6/12/2003 4:00:00 AM
Last modified : 6/4/2003 12:20:18 AM



Huntbar Object recognized!
Type : File
Data : btlink.dll
Object : C:Program FilesCommon FilesBTLINK\nFileSize : 276 KB
FileVersion : 1.0.0.541
ProductVersion : 1.0.0.0
Created on : 6/4/2003 10:46:02 AM
Last accessed : 6/12/2003 4:00:00 AM
Last modified : 5/15/2003 6:35:12 PM

Archived topic from Iceteks, old topic ID:869, old post ID:7517

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 11:41 am
by Chris Vogel
You should be able to quarantine those. You can always restore them if you needed them, so I would quarantine them and see what happens. :) Nothing should happen really. :) After they have been quarantined for a few days, I would delete them. :)

Archived topic from Iceteks, old topic ID:869, old post ID:7518

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 1:35 pm
by Wren
That's what I do and have had no problems. ;)

I have a program called CookieWall that helps to keep spyware off the system...it picks up every cookie and gives you options what to do with them. I seldom have spyware anymore. :)

Archived topic from Iceteks, old topic ID:869, old post ID:7519

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 2:32 pm
by Chris Vogel
it picks up every cookie and gives you options what to do with them.
Doesn't that get a bit annoying? :) Mozilla has that option, but I have never enabled it. I guess I should. :roflmao2: In the 1.4 branch of Mozilla, I would have more control over cookies, but I am not brave enough to use the 1.4 branch yet. B)

Archived topic from Iceteks, old topic ID:869, old post ID:7523

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 2:38 pm
by Wren
It's just one click to make your choice for the cookie. Not nearly as much trouble as trying to get spyware removed. I wouldn't be without it. ;) It caught Gator the other day, was glad to see that one popup so it could go into the kill file.

Archived topic from Iceteks, old topic ID:869, old post ID:7524

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 2:40 pm
by Chris Vogel
I guess I will enable Mozilla's cookie filters.... :)

Archived topic from Iceteks, old topic ID:869, old post ID:7525

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 3:03 pm
by Wren
Good idea. :)

Think I am going to have to unplug...thunder rumbling! :eek:

Archived topic from Iceteks, old topic ID:869, old post ID:7526

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 3:27 pm
by Red Squirrel
I just moved this to a more appropriate forum, could be considered "general" but more networking/internet. :)



Archived topic from Iceteks, old topic ID:869, old post ID:7531

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 3:35 pm
by Red Squirrel
Since it's all registry keys, you can also backup the whole registry (regedit / file / export) and go from there, if it does something bad, just open up the backup.

Once I deleted all my registry to see what happends... never try that. Simply put, windows won't reconize a .exe file. :roflmao2:

Archived topic from Iceteks, old topic ID:869, old post ID:7532

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 3:48 pm
by Chris Vogel
Once I deleted all my registry to see what happends... never try that. Simply put, windows won't reconize a .exe file.
I have always wanted to do that. :roflmao2: :roflmao2:

Archived topic from Iceteks, old topic ID:869, old post ID:7537

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 4:41 pm
by Chris Vogel
Red Squirrel wrote: I just moved this to a more appropriate forum, could be considered "general" but more networking/internet. :)
Oops... Sorry, Katina. :roflmao2:

Archived topic from Iceteks, old topic ID:869, old post ID:7542

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 4:43 pm
by Wren
It's my understanding, you don't change registry settings unless you know what you're doing. :eek:

Archived topic from Iceteks, old topic ID:869, old post ID:7543

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 4:46 pm
by katinamarie72
Do I put these in the "quarntine" or press the "next" button?

Archived topic from Iceteks, old topic ID:869, old post ID:7545

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 4:47 pm
by katinamarie72
ohh and the quartine box asks for a file name, do I just name it anything?..... :cry:

Archived topic from Iceteks, old topic ID:869, old post ID:7546

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 4:48 pm
by Chris Vogel
katinamarie72 wrote: Do I put these in the "quarntine" or press the "next" button?
Press the "next" button. :)

Archived topic from Iceteks, old topic ID:869, old post ID:7548

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 4:53 pm
by Wren
Just name it whatever so you can find it if need be. ;)

Archived topic from Iceteks, old topic ID:869, old post ID:7549

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 4:56 pm
by katinamarie72
ok..I did that and it said some objects could not be removed:
c:windowssystem32tiein.dll
c:program filescommon filestlinktlink.dll

do you think it didn't delete because I need this??..... :blink:

Archived topic from Iceteks, old topic ID:869, old post ID:7551

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 5:00 pm
by Wren
I don't know, kat, I've never had that happen. :eek:

Archived topic from Iceteks, old topic ID:869, old post ID:7552

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 5:04 pm
by katinamarie72
Wren wrote: I don't know, kat, I've never had that happen. :eek:
Thanks Wren......... ;) ..........boy doing this stuff makes me nervous.... :(

Archived topic from Iceteks, old topic ID:869, old post ID:7553

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 5:22 pm
by Red Squirrel
just backup whatever you do, and if you delete files, rename them to ".del" or something, and if you see everything works fine after a few days, just delete those files :)

Archived topic from Iceteks, old topic ID:869, old post ID:7557

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 5:24 pm
by Wren
I know what you mean. I saw the post at the other forum and this looks like it's going to be hard to get rid of. :angry:

Archived topic from Iceteks, old topic ID:869, old post ID:7558

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 6:24 pm
by Chris Vogel
katinamarie72 wrote: ok..I did that and it said some objects could not be removed:
c:windowssystem32tiein.dll
c:program filescommon filestlinktlink.dll

do you think it didn't delete because I need this??..... :blink:
Perhaps the files were in use, and maybe that is why they weren't deleted. :)

Archived topic from Iceteks, old topic ID:869, old post ID:7561

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 8:01 pm
by Wren
Sometimes those spyware files get embedded in the registry and have to be taken out manually. I saw the removal instructions...not an easy task! :blink:

Archived topic from Iceteks, old topic ID:869, old post ID:7564

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 8:03 pm
by Chris Vogel
Maybe to get rid of those ones that wouldn't delete, you might have to go into Safe Mode.

Can AdAware run in Safe Mode? I have never had to do it.... :blink: :grade11math:

Archived topic from Iceteks, old topic ID:869, old post ID:7566

I Need Help With Spyware!!

Posted: Thu Jun 12, 2003 8:30 pm
by Wren
I don't know if you can run Ad-aware in safe mode. It's been a long time since I had to use it...that was back when I had WinME.

Archived topic from Iceteks, old topic ID:869, old post ID:7572
All times are UTC-05:00
Page 1 of 2

Powered by phpBB® Forum Software © phpBB Limited