|
Spyware File Details R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost Last Detected: 4/2/2006 8:48:00 PM Found on 18 PCs. Users with this object complained of the following: "maleware and spy ware" "popups..." "Slow Pc" PCs containing this item also contained the following spyware: R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = (More Details) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost (More Details) F3 - REG:win.ini: run=C:\WINDOWS\inet20001\winlogon.exe (More Details) O2 - BHO: HomepageBHO - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - C:\WINDOWS\system32\hpE1B5.tmp (More Details) O2 - BHO: (no name) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - (no file) (More Details) O3 - Toolbar: CM Band - {159C2E51-9823-11D2-8DDC-D84A1B4ACD4D} - C:\Program Files\Crystalys media\cm.dll (More Details) O4 - HKLM\..\Run: [abu] abu.exe (More Details) O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inet20001\winlogon.exe (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tportal.hr/ (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tportal.hr/ (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.t-com.hr/cd-rom/update/?max=201 (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = T-Com Internet Explorer (More Details) O4 - HKLM\..\Run: [LWBMOUSE] C:\MMaestro\BWheel35.exe (More Details) O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe (More Details) O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\System32\fast.exe (More Details) O14 - IERESET.INF: START_PAGE_URL=http://www.tportal.hr/ (More Details) O17 - HKLM\System\CCS\Services\Tcpip\..\{4E224F64-6C00-413A-B7F8-36A5C3DF1EBC}: NameServer = 195.29.150.3 195.29.150.4 (More Details) O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file) (More Details) O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) (More Details) O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe (More Details) O4 - HKLM\..\Run: [VTTimer] VTTimer.exe (More Details) O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe (More Details) O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" (More Details) O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/cust...ymsgr6/uk/*http://uk.docs.yahoo.com/info/bt_side.html (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/cust...ymsgr6/uk/*http://www.yahoo.co.uk (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://uk.red.clientapps.yahoo.com/cust...ymsgr6/uk/*http://www.yahoo.co.uk (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/cust...ymsgr6/uk/*http://uk.docs.yahoo.com/info/bt_side.html (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/cust...ymsgr6/uk/*http://www.yahoo.co.uk (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/cust...ymsgr6/uk/*http://www.yahoo.co.uk (More Details) O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain (More Details) O4 - HKLM\..\Run: [links] links.exe (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customi...su/ymsgr6/*http://www.yahoo.com (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customi...sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank (More Details) O2 - BHO: (no name) - {17414e34-a2e1-483c-bdc5-b65f4cbc3efb} - C:\WINDOWS\system32\qrdjiksa.dll (More Details) O2 - BHO: (no name) - {4f98924b-ebe8-4d7d-92d6-e16652d0e067} - C:\WINDOWS\system32\tvqhxcyi.dll (More Details) O2 - BHO: (no name) - {b2fdb6bb-39a7-476b-8c6b-024054ec8c7b} - C:\WINDOWS\system32\tvqhxcyi.dll (More Details) O2 - BHO: (no name) - {c47cbb99-0476-47d5-9d57-5d745fbf8aeb} - C:\WINDOWS\system32\tvqhxcyi.dll (More Details) O2 - BHO: (no name) - {EBF4E835-207A-4144-ADDF-42A4F4BF9D0c} - C:\WINDOWS\system32\tvqhxcyi.dll (More Details) O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) | ||||||
