HijackRemote Anti-Spyware P2P Service

 
     
 
 Clean This with HijackRemote


Spyware File Details

 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti

Last Detected: 1/25/2006 9:29:00 AM
Found on 5 PCs.

 Users with this object complained of the following:

 "no problem"
"xxxxx xxxxx xxxxxx"
"Message error ibm00001.exe"
"trojian"


PCs containing this item also contained the following spyware:

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.kenwoodusa.com/
(More Details)

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
(More Details)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\TSI32\tsircusr.exe
(More Details)

O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Programmi\SlipStream Web Accelerator\PBHelper.dll
(More Details)

O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Programmi\Desktop Sidebar\sbhelp.dll
(More Details)

O2 - BHO: IEPlugin Class - {CF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Programmi\Advanced System Optimizer\IEHelper.dll
(More Details)

O3 - Toolbar: (no name) - {00000000-5736-4205-0008-781cd0e19f00} - (no file)
(More Details)

O3 - Toolbar: SlipStream Web Accelerator - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Programmi\SlipStream Web Accelerator\Toolband.dll
(More Details)

O4 - Startup: YPOPs!.lnk = C:\Programmi\YPOPs\ypops.exe
(More Details)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sapienzaweisheit.com/sapienza/index.htm
(More Details)

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sapienzaweisheit.com/sapienza/index.htm
(More Details)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
(More Details)

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
(More Details)

O3 - Toolbar: Cooxie - {DC99E960-6594-45e3-9D5D-141D825B8096} - F:\Programmi\Cooxie Toolbar\PrvcBand.dll
(More Details)

O4 - HKCU\..\Run: [Hot Keyboard] F:\Programmi\Hot Keyboard\HotKeyb.exe -minimized
(More Details)

O9 - Extra button: (no name) - {4B30061A-5D22-11D3-80F8-0090276F843F} - F:\WINDOWS\System32\shdocvw.dll
(More Details)

O17 - HKLM\System\CCS\Services\Tcpip\..\{1EDE1A13-831A-45E1-94D5-561C6D112F45}: NameServer = 193.70.152.15 193.70.152.25
(More Details)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
(More Details)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.repubblica.it/
(More Details)

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
(More Details)

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
(More Details)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
(More Details)

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
(More Details)

F2 - REG:system.ini: Shell=explorer.exe "C:\Programmi\File comuni\Microsoft Shared\Web Folders\ibm00001.exe"
(More Details)

O4 - HKCU\..\Run: [ibmmessages] C:\Programmi\IBM\Messages By IBM\ibmmessages.exe
(More Details)

O15 - Trusted Zone: www.redfunny.com
(More Details)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.micso.it/search
(More Details)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.chs-italia.com/
(More Details)

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.micso.net
(More Details)

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.micso.it/search
(More Details)

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.chs-italia.com/
(More Details)

O2 - BHO: IE SP2 AddOn - {80ECCB40-6561-4252-A7C0-E833499A2615} - blank (file missing)
(More Details)

O14 - IERESET.INF: START_PAGE_URL=http://www.micso.net
(More Details)
Back to Spyware List
 
     
 About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us
 HijackRemote ©2005 (Terms of Service)