|
Spyware File Details R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch Last Detected: 8/6/2006 3:35:00 PM Found on 5 PCs. Users with this object complained of the following: "Slow pc, window installer popsup,Homepage Changes,Host File Changes" "Browser Hijack, modem auto dialing, spy sniper popup every 2sec ,browser hijack recover pops up every 5 sec" "slow pc, freezes alot, slow internet" "Can't get rid of "Vcodec" using spybot. Still have "SypwareStrike 2.5" on my machine and can't get rid of it too. My windows firewall keeps getting shut off. TIA" PCs containing this item also contained the following spyware: R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch (More Details) O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present (More Details) O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present (More Details) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present (More Details) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present (More Details) O17 - HKLM\System\CCS\Services\Tcpip\..\{9D4E194B-4706-47F3-9040-4057211F6636}: NameServer = 205.188.146.145 (More Details) O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file) (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = (More Details) O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll (More Details) O8 - Extra context menu item: &Use webcow on this Page - C:\Documents and Settings\Freddy\Desktop\webcow.0.53.0039\wcie.iemenu.htm (More Details) O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm (More Details) F3 - REG:win.ini: run=C:\WINDOWS\inet20001\winlogon.exe (More Details) O2 - BHO: HomepageBHO - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - C:\WINDOWS\system32\hp8FB9.tmp (More Details) O2 - BHO: (no name) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - (no file) (More Details) O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (More Details) O4 - HKLM\..\Run: [abu] abu.exe (More Details) O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inet20001\winlogon.exe (More Details) O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u (More Details) O4 - HKLM\..\Run: [WindowsUpdateNT] C:\WINDOWS\System\svwhost.exe /s (More Details) O2 - BHO: Mario Forever Toolbar Helper - {8036D4D7-AAD3-4793-AB49-329E437155A8} - C:\Program Files\Mario Forever Toolbar\v2.0.0.4\Mario_Forever_Toolbar.dll (More Details) O3 - Toolbar: Mario Forever Toolbar - {463DF6D5-BEC1-4d67-B217-59DB692DFC53} - C:\Program Files\Mario Forever Toolbar\v2.0.0.4\Mario_Forever_Toolbar.dll (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) | ||||||
