|
Spyware File Details O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing) Last Detected: 3/5/2006 12:21:00 AM Found on 4 PCs. Users with this object complained of the following: "the wallpaper describes my system is infected with spyware, i don't know how to fix it" "partypoker.com, casino, sometimes 100 in an hour" PCs containing this item also contained the following spyware: O4 - HKLM\..\Run: [aa4,V?H?L??KC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\cmdfa.exe (More Details) O4 - HKLM\..\Run: [bO?]y-?] C:\WINDOWS\cmdfa.exe (More Details) O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe (More Details) O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe (More Details) O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe (More Details) O8 - Extra context menu item: Download Using &BitSpirit - D:\Programefile2\BitSpirit\bsurl.htm (More Details) O8 - Extra context menu item: BitSpirit U - D:\Program Files2\BitSpirit\bsurl.htm (More Details) O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (More Details) O15 - Trusted Zone: http://ny.contentmatch.net (HKLM) (More Details) O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab (More Details) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = (More Details) O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll (More Details) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll (More Details) O16 - DPF: cpcScanner - http://www.crucial.com/controls/cpcScanner.cab (More Details) O16 - DPF: {1C955F3B-5B32-4393-A05D-24B4970CD2A1} - http://stream10k.redhotnetworks.com/cabs/videox.cab (More Details) O16 - DPF: {24D1BDCE-D835-11D6-BF84-0050047EA0E7} (BlueStream_Flash Class) - http://www.rovion.com/Controls/Rovion.cab?affiliate=wpvi (More Details) O16 - DPF: {2C1651EF-8827-11D6-91A2-00E02964E8E3} - http://www.adultoweb.com/dialershtml/dialerweb.cab (More Details) O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/160cd49ced6c980f81...RdxIE2.cab (More Details) R3 - URLSearchHook: (no name) - _{9E7D2425-5E63-5AA0-0751-D0227CF78991} - (no file) (More Details) O4 - HKLM\..\RunServices: [LSASS Authority] lshosts32.exe (More Details) O15 - Trusted Zone: http://click.getmirar.com (HKLM) (More Details) O15 - Trusted Zone: http://click.mirarsearch.com (HKLM) (More Details) O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM) (More Details) O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/1116ff6a4d9...xIE601.cab (More Details) O20 - Winlogon Notify: Themes - C:\WINDOWS\system32\hrps0577e.dll (file missing) (More Details) O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing) (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm (More Details) R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://click-power.com/index1.html (More Details) R3 - URLSearchHook: (no name) - _{CD045A1D-E5A2-947E-F4F9-903BF3732793} - (no file) (More Details) O15 - Trusted Zone: *.elitemediagroup.net (More Details) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) (More Details) O20 - Winlogon Notify: App Paths - C:\WINDOWS\system32\fp0o03d3e.dll (file missing) (More Details) O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\QW5kZXJzb24\command.exe (file missing) (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) Privacy Policy | ||||||
