|
Spyware File Details R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com Last Detected: 10/29/2006 10:30:00 AM Found on 5 PCs. Users with this object complained of the following: "ALWAYS SHUT DOWN BECAUSE OF SPYWARE" "Computer is suddenly so slow it often times out before a screen can change. Some programs will not respond at all" "popup and winfixer" "movieland ad keeps popping up and won't go away" PCs containing this item also contained the following spyware: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com (More Details) O15 - Trusted Zone: http://*.billingnow.com (More Details) O15 - Trusted Zone: http://*.reliablestats.com (More Details) O15 - Trusted Zone: http://*.winantispyware.com (More Details) O15 - Trusted Zone: http://*.winantivirus.com (More Details) O15 - Trusted Zone: http://*.winantiviruspro.com (More Details) O15 - Trusted Zone: http://*.winnanny.com (More Details) O15 - Trusted Zone: http://*.winsoftware.com (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=2c99&lc=0409&s=search&i=enu (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=2c99&lc=0409&s=search&i=enu (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer (More Details) O9 - Extra button: (no name) - {06FE5D02-8F11-11d2-804F-00105A133818} - http://jump.altavista.com/avie5/linksearch (file missing) (More Details) O9 - Extra button: (no name) - {06FE5D03-8F11-11d2-804F-00105A133818} - http://jump.altavista.com/avie5/hostsearch (file missing) (More Details) O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) (More Details) O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=2c00&s=searchbar&LC=0409 (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=2c00&s=searchbar&LC=0409 (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Joi Internet (More Details) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = actsvr.comcastonline.com:8100 (More Details) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = cdn (More Details) O2 - BHO: (no name) - {1EF26A57-C61B-70E6-8756-64550DF2791E} - C:\WINDOWS\System32\ipljnzfl.dll (file missing) (More Details) O2 - BHO: ATLDistrib Object - {3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - C:\WINDOWS\System32\vtust.dll (More Details) O2 - BHO: (no name) - {54DB5E46-F6C7-976A-AD8B-C0274239DEAC} - C:\WINDOWS\System32\ayam.dll (file missing) (More Details) O2 - BHO: (no name) - {8EE1705B-8889-B97F-B06A-EEE52EBA54A4} - C:\WINDOWS\System32\sri.dll (file missing) (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com (More Details) O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file) (More Details) O2 - BHO: posHelp Class - {CDEEC43D-3572-4E95-A2A5-F519D29F00C0} - C:\PROGRA~1\ADVANC~1\Toolbar.dll (More Details) O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) (More Details) O3 - Toolbar: Advanced Searchbar - {43F02779-6D88-4958-8AD3-83C12D86ADC7} - C:\Program Files\Advanced Searchbar\Toolbar.dll (More Details) O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H (More Details) O4 - HKLM\..\Run: [Notification Utility] "C:\Program Files\ItBill\itbill.exe" (More Details) O4 - HKCU\..\Run: [ares] C:\Program Files\Ares\Ares.exe -h (More Details) O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = (More Details) O4 - Startup: PowerReg SchedulerV2.exe (More Details) O23 - Service: TQHMBEETORCJ - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\TQHMBEETORCJ.exe (file missing) (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) | ||||||
