|
Spyware File Details O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe Last Detected: 6/2/2006 1:11:00 PM Found on 5 PCs. Users with this object complained of the following: "I am new to this program, but at the moement i am having issues with my Yahoo and MSN messenger ,... like i can't see the person online though she is online on the other end and the weird part is i can chat with her only if she sends me a message" "popups..." "Over the last few weeks, I have had browser problems ( I use Firefox primarily--also via Netscape-- and IE Explorer). I keep losing contact with Google although the link and browser are still functioning. I also got error reports from Firefox that it could not contact the server and needed to close down. This also happened with Thunderbird. I tried uninstalling and re-installing both programmes to no avail and visited several XP restore points. Thus I have been using Microsoft Explorer and mail and the former has also lost server contact. My AVG anti-virus scan listed four instances of ExploitWMF and eight of Java/ByteVerify. The former are now in the Vault, the latter are apparently fairly harmless. However, when I ran another anti-virus test (XoftSpy) it briefly noted that my browser may have been hijacked. It found only 18 innocuous trackers and no viruses or trojans. However, I cleared the Java plug-in cache and un-enabled caching to stop any further Java/ByteVerify arrivals. " "unwanted popups" "Hack" PCs containing this item also contained the following spyware: O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tportal.hr/ (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tportal.hr/ (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.t-com.hr/cd-rom/update/?max=201 (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = T-Com Internet Explorer (More Details) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost (More Details) O4 - HKLM\..\Run: [LWBMOUSE] C:\MMaestro\BWheel35.exe (More Details) O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\System32\fast.exe (More Details) O14 - IERESET.INF: START_PAGE_URL=http://www.tportal.hr/ (More Details) O17 - HKLM\System\CCS\Services\Tcpip\..\{4E224F64-6C00-413A-B7F8-36A5C3DF1EBC}: NameServer = 195.29.150.3 195.29.150.4 (More Details) O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE (More Details) O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper (More Details) O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup (More Details) O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k (More Details) O2 - BHO: (no name) - {75851442-D9A0-A756-804C-AE1851DFCB98} - C:\WINDOWS\system32\waxpjlz.dll (file missing) (More Details) O2 - BHO: (no name) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - (no file) (More Details) O3 - Toolbar: (no name) - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - (no file) (More Details) O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (More Details) O4 - HKCU\..\Run: [Mruynyvv] C:\WINDOWS\system32\w?crtupd.exe (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm (More Details) O4 - HKLM\..\Run: [RAMDef] C:\Program Files\RAM Def\ramdef.exe -tray (More Details) O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe (More Details) O4 - HKCU\..\Run: [Free Ram Optimizer] C:\Program Files\AceLogix\Free Ram Optimizer\fro.exe (More Details) O4 - HKCU\..\Run: [SpyDefense] C:\Program Files\Everest Labs\Spydefense\sdc.exe /service (More Details) O11 - Options group: [INTERNATIONAL] International* (More Details) O14 - IERESET.INF: START_PAGE_URL=http://www.insightbb.com (More Details) O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP Pro 3\Tools\NMSAccess.exe (file missing) (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) Privacy Policy | ||||||
