|
Spyware File Details O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) Last Detected: 1/11/2007 11:59:00 AM Found on 21 PCs. Users with this object complained of the following: "slow,infected files" "trojan" "have virtumonde.gen and cant rid it...also still have winfixer popups......help" "popups and a couple of running processes that i can not control " "slow pc" PCs containing this item also contained the following spyware: R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://D:\DOCUME~1\Andreea\LOCALS~1\Temp\se.dll/space.html (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = mariuschitoiu@msn.com (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\OOBE\BLANK.HTM (More Details) O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - D:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (More Details) O2 - BHO: IE_PopupBlocker Class - {656EC4B7-072B-4698-B504-2A414C1F0037} - D:\Program Files\ClickNet Accelerator\prpl_IePopupBlocker.dll (More Details) O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - D:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll (More Details) O2 - BHO: (no name) - {DEBD20D6-5921-4E51-A6E9-1AD0243F91DF} - blank (file missing) (More Details) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx (More Details) O4 - HKLM\..\Run: [Microsoft Works Update Detection] D:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe (More Details) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll (More Details) O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) (More Details) O2 - BHO: ATLDistrib Object - {93C6313C-9DB4-4694-8BD0-E378C573A9AD} - C:\WINDOWS\system32\gebcb.dll (More Details) O2 - BHO: IeHelper Class - {A491D208-B353-490F-B81A-A8A3DC97042D} - C:\WINDOWS\system32\smiehlp.dll (More Details) O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe (More Details) O20 - Winlogon Notify: gebcb - C:\WINDOWS\system32\gebcb.dll (More Details) F3 - REG:win.ini: run=C:\WINDOWS\inet20003\services.exe (More Details) O2 - BHO: Lexico Toolbar - {11359F4A-B191-42d7-905A-594F8CF0387B} - C:\WINDOWS\Downloaded Program Files\lexbar.dll (More Details) O2 - BHO: Internet Explorer Web Content Guard - {1B77D30A-81C9-497A-8647-142F7511B1FB} - C:\DOCUME~1\JD\LOCALS~1\Temp\mediax.dll (More Details) O4 - HKLM\..\Run: [winsync] C:\WINDOWS\System32\pipcpa.exe reg_run (More Details) O4 - Global Startup: ohoj.exe (More Details) O17 - HKLM\System\CCS\Services\Tcpip\..\{21F2A0EB-50CC-4510-9C82-EAA14F907E5D}: NameServer = 216.167.161.35,216.167.161.36 (More Details) O17 - HKLM\System\CS1\Services\Tcpip\..\{21F2A0EB-50CC-4510-9C82-EAA14F907E5D}: NameServer = 216.167.161.35,216.167.161.36 (More Details) O17 - HKLM\System\CS2\Services\Tcpip\..\{21F2A0EB-50CC-4510-9C82-EAA14F907E5D}: NameServer = 216.167.161.35,216.167.161.36 (More Details) O20 - Winlogon Notify: Mixer - sndmixex.dl (file missing) (More Details) O20 - Winlogon Notify: msctl32.dll - C:\WINDOWS\ (More Details) O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL (More Details) O2 - BHO: QuickSearch SearchBar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar3_28.dll (More Details) O2 - BHO: posHelp Class - {CDEEC43D-3572-4E95-A2A5-F519D29F00C0} - blank (file missing) (More Details) O3 - Toolbar: Advanced Searchbar - {43F02779-6D88-4958-8AD3-83C12D86ADC7} - blank (file missing) (More Details) O3 - Toolbar: QuickSearch SearchBar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar3_28.dll (More Details) O3 - Toolbar: My Search Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL (More Details) O4 - Global Startup: palstart.exe (More Details) O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZS (More Details) O9 - Extra button: Advanced Searchbar - {43F02779-6D88-4958-8AD3-83C12D86ADC7} - blank (file missing) (More Details) O9 - Extra 'Tools' menuitem: Advanced Searchbar - {43F02779-6D88-4958-8AD3-83C12D86ADC7} - blank (file missing) (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) | ||||||
