|
Spyware File Details R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html Last Detected: 10/29/2006 10:30:00 AM Found on 4 PCs. Users with this object complained of the following: "%systemroot%\system32\dumprep 0 -k shuts down computer and dumps files in cache" "Computer is suddenly so slow it often times out before a screen can change. Some programs will not respond at all" "ALWAYS SHUT DOWN BECAUSE OF SPYWARE" PCs containing this item also contained the following spyware: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us7.hpwis.com/ (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us7.hpwis.com/ (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us7.hpwis.com (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.isp.com/ (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us7.hpwis.com/ (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://us7.hpwis.com/ (More Details) O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Zero Knowledge\Freedom\pkR.dll (More Details) O2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll (More Details) O2 - BHO: Burn4Free Toolbar Helper - {F8E5CA21-C27B-43e7-B2BE-4CA93C9F9A1F} - C:\Program Files\Burn4Free Toolbar\v2.0.0.3\Burn4Free_Toolbar.dll (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=2c99&lc=0409&s=search&i=enu (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=2c99&lc=0409&s=search&i=enu (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer (More Details) O9 - Extra button: (no name) - {06FE5D02-8F11-11d2-804F-00105A133818} - http://jump.altavista.com/avie5/linksearch (file missing) (More Details) O9 - Extra button: (no name) - {06FE5D03-8F11-11d2-804F-00105A133818} - http://jump.altavista.com/avie5/hostsearch (file missing) (More Details) O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) (More Details) O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab (More Details) O15 - Trusted Zone: http://*.billingnow.com (More Details) O15 - Trusted Zone: http://*.reliablestats.com (More Details) O15 - Trusted Zone: http://*.winantispyware.com (More Details) O15 - Trusted Zone: http://*.winantivirus.com (More Details) O15 - Trusted Zone: http://*.winantiviruspro.com (More Details) O15 - Trusted Zone: http://*.winnanny.com (More Details) O15 - Trusted Zone: http://*.winsoftware.com (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = (More Details) O4 - Startup: PowerReg SchedulerV2.exe (More Details) O23 - Service: TQHMBEETORCJ - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\TQHMBEETORCJ.exe (file missing) (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) | ||||||
