HijackRemote.com - Spyware Details: O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

Clean This with HijackRemote

Spyware File Details

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

Last Detected: 1/29/2006 2:24:00 AM
Found on 3 PCs.

Users with this object complained of the following:

"Computer Name : ILKER User Name : $!W$£K Windows Ver : Windows XP 5.1.2600 Service Pack 2 Windows Language : Türkçe Windows Path : C:\WINDOWS System Path : C:\WINDOWS\system32 Temp Path : C:\DOCUME~1\$!W$K~1\LOCALS~1\TempProductId : 55894-OEM-0014351-49821 Workgroup : NO Data : 09.01.2006 Time : 22:28:45 Pc is open for : 0 Hour(s) 1 Minute(s) Resolution : 1280x720 I.Explorer Ver : 6.0.2900.2180 I.E. Start Page : about:blank Printer : NO Processor Name : Vendor Identifier: GenuineIntel Identifier : x86 Family 6 Model 8 Stepping 1 CPU Speed : 601 Mhz "
"Slow pc"
"popups"

PCs containing this item also contained the following spyware:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://qqffzrmdklsocduobkqerpl.com/3akFo8Y/h2_/0UklwN/JfZ61ZrtxETvgPXCFZ8ztu/O5n8nSxQDPfFXFGDT6CD2h.asp
(More Details)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jeobrjehwerssdzodjvsipax.net/3akFo8Y/h29vGaeY7aYW1np66bB47i2I6L5hWgfn4HM.html
(More Details)

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Balantlar
(More Details)

O2 - BHO: (no name) - {834D0681-7E0B-4E8E-81C2-F0CA9AF4CE9B} - C:\DOCUME~1\xp\APPLIC~1\BLEHGL~1\upload iso.exe
(More Details)

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
(More Details)

O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll
(More Details)

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\tr-tr\msntb.dll
(More Details)

O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\tr-tr\msnappau.exe"
(More Details)

O4 - HKCU\..\Run: [Style List] C:\DOCUME~1\xp\APPLIC~1\CDROMA~1\lite bags nurb.exe
(More Details)

O4 - Global Startup: BlueSoleil.lnk = ?
(More Details)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
(More Details)

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
(More Details)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
(More Details)

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
(More Details)

O2 - BHO: (no name) - {1689ACDE-3F41-4694-6BA1-16837DB8F8CB} - C:\WINDOWS\system32\nynbuol.dll (file missing)
(More Details)

O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
(More Details)

O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
(More Details)

O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
(More Details)

O4 - HKLM\..\Run: [Serviceprocess] CToolBar.exe
(More Details)

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\Jccatch.dll
(More Details)

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
(More Details)

O8 - Extra context menu item: ? FlashGet U - C:\Program Files\FlashGet\jc_link.htm
(More Details)

O8 - Extra context menu item: ? FlashGet U - C:\Program Files\FlashGet\jc_all.htm
(More Details)

O16 - DPF: i.Game MJImpressHK - http://202.43.223.149/client/MJc/com/igame/MJImpressTest.cab
(More Details)

O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
(More Details)

Back to Spyware List

About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us