|
Spyware File Details O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm Last Detected: 3/20/2006 1:24:00 PM Found on 15 PCs. Users with this object complained of the following: "%systemroot%\system32\dumprep 0 -k shuts down computer and dumps files in cache" "slow pc" "popup and virus" "someone has installed virtual components on my disk to track the information I send out of my computer on the internet. The words 'Patriot Act' come to mind." "spyware" PCs containing this item also contained the following spyware: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us7.hpwis.com/ (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us7.hpwis.com/ (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us7.hpwis.com (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.isp.com/ (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us7.hpwis.com/ (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://us7.hpwis.com/ (More Details) O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Zero Knowledge\Freedom\pkR.dll (More Details) O2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll (More Details) O2 - BHO: Burn4Free Toolbar Helper - {F8E5CA21-C27B-43e7-B2BE-4CA93C9F9A1F} - C:\Program Files\Burn4Free Toolbar\v2.0.0.3\Burn4Free_Toolbar.dll (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchcentral.cc/search.php?v=4&aff=2729 (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchcentral.cc/index.php?v=4&aff=2729 (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchcentral.cc/index.php?v=4&aff=2729 (More Details) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *hot-searches.com*;*lender-search.com* (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen (More Details) O1 - Hosts file is located at: C:\WINDOWS\nsdb\hosts (More Details) O1 - Hosts: 82.179.166.164 lender-search.com (More Details) O1 - Hosts: 82.179.166.165 hot-searches.com (More Details) O2 - BHO: WHttpHelper Class - {9896231A-C487-43A5-8369-6EC9B0A96CC0} - C:\WINDOWS\System32\WStart.dll (More Details) O4 - HKLM\..\Run: [NTCommLib3] C:\WINDOWS\System32\NTCommLib3.exe (More Details) O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe" (More Details) O4 - Global Startup: Winter Fun Wallpaper Changer.lnk = ? (More Details) O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (More Details) O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab (More Details) O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} (DialXSCtl Object) - http://dialxs.nl/install/dialxs.ocx (More Details) O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab (More Details) O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.com/activex/zylomgamesplayer.cab (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.accoona.com/search_assistant/accoona_search_assistant.jsp?&utm_id=400010&utm_content=leftnav&utm_source=efc&utm_medium=bund&utm_campaign=efc0605 (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.accoona.com (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.accoona.com/search_assistant/accoona_search_assistant.jsp?&utm_id=400010&utm_content=leftnav&utm_source=efc&utm_medium=bund&utm_campaign=efc0605 (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.accoona.com/search?q=%s (More Details) O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_98.dll (More Details) O2 - BHO: CM BHO - {6379A99A-9102-446C-A837-0623E1810D75} - C:\Program Files\Crystalys media\cm.dll (More Details) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (More Details) O2 - BHO: Accoona Search Assistant - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (More Details) O3 - Toolbar: Accoona - {364B6276-C6C1-40B6-A6D7-6C48871FD707} - C:\Program Files\Accoona\atoolbar.dll (More Details) O3 - Toolbar: CM Band - {159C2E51-9823-11D2-8DDC-D84A1B4ACD4D} - C:\Program Files\Crystalys media\cm.dll (More Details) R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://60.topnssearch.com/search.php?track=07&q=Spyware%20Remover (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) | ||||||
