|
Spyware File Details O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe Last Detected: 5/6/2006 4:06:00 PM Found on 11 PCs. Users with this object complained of the following: "Llots of pop-ups, occ. programs freezing, etc. Norton Antivirus says that one file - Windows\system32\rk.bin is a spyware, but gives me no info on how to remove it. Any help would be greatly appreciated. thanx" "popups" "slow pc" "slows" "the wallpaper describes my system is infected with spyware, i don't know how to fix it" PCs containing this item also contained the following spyware: O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file) (More Details) O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) (More Details) O3 - Toolbar: 180search Toolbar - {93CECBB2-6B1B-448D-91B9-72604EF70105} - C:\Program Files\180search Assistant Programs\180search Toolbar\180ST.dll (More Details) O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe (More Details) O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe (More Details) O4 - HKLM\..\Run: [MediaGateway] C:\Program Files\MediaGateway\MediaGateway.exe (More Details) O20 - Winlogon Notify: jkkjh - C:\WINDOWS\system32\jkkjh.dll (file missing) (More Details) O3 - Toolbar: &Radyo - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx (More Details) O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART (More Details) O4 - Global Startup: BlueSoleil.lnk = ? (More Details) O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - (More Details) O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab (More Details) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) (More Details) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (More Details) R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (More Details) O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (More Details) O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (More Details) O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dll (More Details) O4 - HKLM\..\Run: [LoadQM] loadqm.exe (More Details) O4 - HKLM\..\Run: [webscan] "C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" -k (More Details) O4 - HKCU\..\Run: [Spyware Cleaner] "C:\Program Files\Spyware Cleaner\SpywareCleaner.Exe" /boot (More Details) O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe (More Details) O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (More Details) O1 - Hosts: 82.179.166.164 lender-search.com (More Details) O1 - Hosts: 82.179.166.165 hot-searches.com (More Details) O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.7.1.0\HbtHostIE.dll (More Details) O4 - HKLM\..\Run: [webrebates] "C:\Program Files\WebRebates4\webrebates.exe" (More Details) O4 - HKLM\..\Run: [TopSearch] C:\Program Files\TopSearch\TopSearch.exe (More Details) O8 - Extra context menu item: Web Rebates. - file://C:\Program Files\WebRebates4\websrebates\webtrebates\toprC0.htm (More Details) O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int12.exe (More Details) O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.130/e9xr2.chm::/file.exe (More Details) O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/DownloadsUnlimited/ie/bridge-c11.cab (More Details) O4 - HKLM\..\Run: [aa4,V?H?L??KC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\cmdfa.exe (More Details) O4 - HKLM\..\Run: [bO?]y-?] C:\WINDOWS\cmdfa.exe (More Details) O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe (More Details) O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe (More Details) O8 - Extra context menu item: Download Using &BitSpirit - D:\Programefile2\BitSpirit\bsurl.htm (More Details) O8 - Extra context menu item: BitSpirit U - D:\Program Files2\BitSpirit\bsurl.htm (More Details) O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (More Details) O15 - Trusted Zone: http://ny.contentmatch.net (HKLM) (More Details) O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) | ||||||
