|
Spyware File Details O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k Last Detected: 9/25/2006 3:39:00 PM Found on 35 PCs. Users with this object complained of the following: "slow pc.popups,crash,blue screen" "I get critical error system warnings ,warnings about spyware on my system,spy axe downloads itself, constant harrassment from doogooders???I do not know" "slow " "the pc is slow but also has pop-ups from ad-first and some online poker site everytime you log onto the internet and the avoid pop-up blockers and don't show up in ad or remove programs. I have also run a variety of adware removers and they don't seem to work either." "trogens" PCs containing this item also contained the following spyware: R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:0/proxy.pac (More Details) R3 - URLSearchHook: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (More Details) O2 - BHO: CRnPluginSite Object - {0050A87F-CF26-41AE-9C0A-C32307C941CB} - C:\WINDOWS\system32\rnieplug.dll (More Details) O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file) (More Details) O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (More Details) O2 - BHO: (no name) - {702EA91C-1ACF-4772-8078-18F2B2EE1031} - (no file) (More Details) O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k (More Details) O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU) (More Details) O9 - Extra button: Advisor - {855FB496-F2D4-4BA6-B11D-BEA759394B4C} - C:\WINDOWS\System32\shdocvw.dll (HKCU) (More Details) O10 - Unknown file in Winsock LSP: c:\program files\trackzapper.com\tz spyware-remover\apptoport.dll (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = (More Details) O2 - BHO: HomepageBHO - {27150f81-0877-42e9-af13-55e5a3439a26} - C:\WINDOWS\system32\hpC6F9.tmp (More Details) O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Program Files\Security Toolbar\Security Toolbar.dll (More Details) O4 - HKLM\..\Run: [SpyAxe] C:\Program Files\SpyAxe\spyaxe.exe /h (More Details) O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll (More Details) O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (More Details) O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - (no file) (More Details) O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll (More Details) O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file) (More Details) O4 - HKLM\..\Run: [ukphmaw] c:\winnt\system32\ukphmaw.exe ukphmaw (More Details) O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1 (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yfvzblowzoesgxol.com/hmNa92bjFc_3N7481k5Jnad0CMcXmbcZ8gHo/BUENNlWk_XDJp073OTonJhFMMIQ.htm (More Details) O1 - Hosts: 207.68.176.250 auto.search.msn.com (More Details) O1 - Hosts: 64.12.152.18 search.netscape.com (More Details) O2 - BHO: (no name) - {E714C353-37B0-3F62-A1F1-97C46CEC562A} - C:\DOCUME~1\Brad\APPLIC~1\HOLDMA~1\multi five.exe (More Details) O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE (More Details) O4 - HKLM\..\Run: [requester] "C:\WINDOWS\system32\requester.11.exe" (More Details) O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = (More Details) O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (More Details) O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" (More Details) O4 - HKLM\..\Run: [HideIcons] C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\Temporary Directory 1 for Hideicons.zip\HideIcons.exe (More Details) O4 - HKCU\..\Run: [Advanced Spyware Remover] C:\ASRemover\Asr.exe (More Details) O4 - HKCU\..\Run: [Weather Pulse] E:\Program Files\Weather Pulse\weatherpulse.exe (More Details) O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) | ||||||
