|
Spyware File Details O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll Last Detected: 12/5/2006 2:47:00 AM Found on 6 PCs. Users with this object complained of the following: "still getting spywareaxe comming up on my desktop. Cant log on to web sites that I use to be able to log on, like my online banking." "there are a lot of popups when i'm surfing the net with IE.....like "adultfriendfinders.com"...and some gambling sites....." "hijack" PCs containing this item also contained the following spyware: R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = (More Details) O2 - BHO: (no name) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - (no file) (More Details) O4 - HKLM\..\Run: [CMLoader] rundll32.exe "c:\program files\crystalys media\cm.dll",MakeInjection (More Details) O4 - HKLM\..\Run: [NaviSearch] C:\Program Files\NaviSearch\bin\nls.exe (More Details) O4 - HKLM\..\Run: [SpyAxe] C:\Program Files\SpyAxe\spyaxe.exe /h (More Details) O4 - HKLM\..\Run: [SpywareStrike] C:\Program Files\SpywareStrike\SpywareStrike.exe /h (More Details) O4 - HKLM\..\Run: [WindowsUpdateNT] C:\WINDOWS\System\svwhost.exe /s (More Details) O4 - HKLM\..\Run: [winsync] C:\WINDOWS\system32\nirdnr.exe reg_run (More Details) O4 - HKLM\..\Run: [zango] c:\program files\zango\zango.exe (More Details) O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (More Details) O2 - BHO: (no name) - {26115CAF-42F0-5F31-6952-24C986F0F98F} - (no file) (More Details) O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe (More Details) O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb029YYHK_ZBzeb032YYHK (More Details) O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab (More Details) O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab (More Details) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll (More Details) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll (More Details) O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE (More Details) O1 - Hosts: 232.79.9.62 avp.com (More Details) O1 - Hosts: 190.14.16.121 ca.com (More Details) O1 - Hosts: 212.45.164.28 customer.symantec.com (More Details) O1 - Hosts: 75.161.168.80 dispatch.mcafee.com (More Details) O1 - Hosts: 20.156.244.248 download.mcafee.com (More Details) O1 - Hosts: 143.5.164.115 downloads1.kaspersky-labs.com (More Details) O1 - Hosts: 129.177.197.7 downloads2.kaspersky-labs.com (More Details) O1 - Hosts: 181.88.77.116 downloads3.kaspersky-labs.com (More Details) O1 - Hosts: 45.139.225.56 downloads4.kaspersky-labs.com (More Details) O1 - Hosts: 169.186.198.227 downloads-eu1.kaspersky-labs.com (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.com/ (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Larry's Internet (More Details) O1 - Hosts: 84.40.19.242 gateway.dtnet.com (More Details) O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll (More Details) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (More Details) O2 - BHO: wb - {55BE9F0D-6CAF-4c3e-B125-5A13A8C9D0EC} - C:\WINDOWS\system32\nsm8EB.dll (More Details) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (More Details) O2 - BHO: IRiras Class - {95C60327-8E17-44D6-98EB-7EB70CC606DD} - C:\WINDOWS\system32\iraspooa.dll (file missing) (More Details) O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll (More Details) O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (More Details) O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) Privacy Policy | ||||||
