|
Spyware File Details O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background Last Detected: 3/19/2009 12:45:00 PM Found on 9 PCs. Users with this object complained of the following: "errors" "have spyware issues constant pop ups error messages at start up such as csrss.new.exe very slow computer also get a error message about my sub system being dos not sure what it is" "internet popups (very annoying), "command service" & "network monitor" found. Also COOLWWWSearch" "very slow to start programs and open windows" "Slow startup and transitions" PCs containing this item also contained the following spyware: O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (More Details) O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll (More Details) O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll (More Details) O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll (More Details) O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) (More Details) O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (More Details) O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll (More Details) O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll (More Details) O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?p=%s (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System\blank.htm (More Details) R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) (More Details) F3 - REG:win.ini: load=C:\WINDOWS\System32\lufajlvb\csrss.new.exe (More Details) F3 - REG:win.ini: run=C:\WINDOWS\System32\lufajlvb\csrss.new.exe (More Details) O1 - Hosts: 64.233.167.104 www.symantec.com (More Details) O1 - Hosts: 64.233.167.104 www.sophos.com (More Details) O1 - Hosts: 64.233.167.104 www.mcafee.com (More Details) O1 - Hosts: 64.233.167.104 www.viruslist.com (More Details) O1 - Hosts: 64.233.167.104 www.f-secure.com (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q404&bd=pavilion&pf=desktop (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr6/*http://www.yahoo.com (More Details) R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q404&bd=pavilion&pf=desktop (More Details) R3 - URLSearchHook: (no name) - - (no file) (More Details) R3 - URLSearchHook: (no name) - _{E1AE7B4B-BBAB-E754-ACDC-E3CB28E85DB4} - (no file) (More Details) R3 - URLSearchHook: (no name) - {E1AE7B4B-BBAB-E754-ACDC-E3CB28E85DB4} - C:\WINDOWS\system32\qtpbxoe.dll (More Details) O2 - BHO: (no name) - {E1AE7B4B-BBAB-E754-ACDC-E3CB28E85DB4} - C:\WINDOWS\system32\qtpbxoe.dll (More Details) O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll (More Details) O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing) (More Details) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (More Details) O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (More Details) O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (More Details) O4 - Global Startup: Wireless-G Notebook Adapter.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter\Gcc.exe (More Details) O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html (More Details) O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html (More Details) O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html (More Details) O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html (More Details) O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 (More Details) O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html (More Details) O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html (More Details) O4 - HKLM\..\Run: [nwiz] nwiz.exe /install (More Details) O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe /r (More Details) O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE (More Details) O4 - HKLM\..\Run: [KeyAccess] C:\WINDOWS\keyacc32.exe (More Details) O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (More Details) O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe (More Details) O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (More Details) O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) Privacy Policy | ||||||
