|
Spyware File Details O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab Last Detected: 5/1/2006 4:52:00 AM Found on 3 PCs. Users with this object complained of the following: "the wallpaper describes my system is infected with spyware, i don't know how to fix it" "pop-ups,slow,says that has detected 200+ viruses and that malicious spyware has been detected" "there are a lot of popups when i'm surfing the net with IE.....like "adultfriendfinders.com"...and some gambling sites....." PCs containing this item also contained the following spyware: O4 - HKLM\..\Run: [aa4,V?H?L??KC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\cmdfa.exe (More Details) O4 - HKLM\..\Run: [bO?]y-?] C:\WINDOWS\cmdfa.exe (More Details) O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe (More Details) O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe (More Details) O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe (More Details) O8 - Extra context menu item: Download Using &BitSpirit - D:\Programefile2\BitSpirit\bsurl.htm (More Details) O8 - Extra context menu item: BitSpirit U - D:\Program Files2\BitSpirit\bsurl.htm (More Details) O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (More Details) O15 - Trusted Zone: http://ny.contentmatch.net (HKLM) (More Details) O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=presario&pf=desktop (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=presario&pf=desktop (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=presario&pf=desktop (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=presario&pf=desktop (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1ILEOi+Vh7AfA98Gm4Me69ZMbubcDBVt3B+BXausuvGJLE8j25NqLlfutzT6pM2We28iJn1enoZNmR1jice5zTRsR26rpShMAd03KjsBD2TQttreWRETS3hqFttbl6Lnr24tR18pck8Hxd7K3GL1Byx84ZEW2y/ehYAJD1hvVfG1q4zFmZgYedZFMARQ1xIcmwYFWI/A9HjhS2UwewvUskoF/PTwAWCgJyiIHaDRFX5T3fQRKrLCRCaCGfdyeMuX5khUVAIUF1F4AKTJs2rW073bFb9Tmg611PAVyTl1KhOa2+Vu6QqVuiWKf0kaqL7TQTpX7MaELUwm4K/SS3H1ALd4LpZ5bVCaYOpBT5zw= (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com (More Details) O2 - BHO: HomepageBHO - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - C:\WINDOWS\System32\hpF43.tmp (More Details) O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (More Details) O2 - BHO: (no name) - {26115CAF-42F0-5F31-6952-24C986F0F98F} - (no file) (More Details) O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe (More Details) O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb029YYHK_ZBzeb032YYHK (More Details) O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab (More Details) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll (More Details) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll (More Details) O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) | ||||||
