|
Spyware File Details O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) Last Detected: 5/3/2009 3:54:00 PM Found on 20 PCs. Users with this object complained of the following: "tcinstall.exe" "xxx" "spyware" "slow pc" "I have some problems with my computer. Sometimes it is working very slow. No pop-ups appear, but I thing that my system is infected" PCs containing this item also contained the following spyware: R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local (More Details) F3 - REG:win.ini: load=C:\WINDOWS\system32\afthbwtp\winlogon.exe (More Details) F3 - REG:win.ini: run=C:\WINDOWS\system32\afthbwtp\winlogon.exe (More Details) O1 - Hosts: 1.1.1.1 f-secure.com (More Details) O1 - Hosts: 1.1.1.1 www.f-secure.com (More Details) O1 - Hosts: 1.1.1.1 ftp.f-secure.com (More Details) O1 - Hosts: 1.1.1.1 ftp.sophos.com (More Details) O1 - Hosts: 1.1.1.1 liveupdate.symantec.com (More Details) O1 - Hosts: 1.1.1.1 customer.symantec.com (More Details) O1 - Hosts: 1.1.1.1 dispatch.mcafee.com (More Details) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) (More Details) O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe (More Details) O4 - HKLM\..\Run: [dfg POPnCheck] C:\Documents and Settings\OPTIMAX\Desktop\popcheck-0.6\POPCheck.exe --MINIMIZE (More Details) O17 - HKLM\System\CCS\Services\Tcpip\..\{50A125A0-54CF-4628-BB2E-6EE8A4112744}: NameServer = 85.114.32.7,85.114.32.8 (More Details) O17 - HKLM\System\CCS\Services\Tcpip\..\{604DCD3F-C87F-4D27-B740-1490C8FE4C41}: NameServer = 85.114.32.7 85.114.32.7 (More Details) O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (More Details) O4 - HKLM\..\Run: [netkitap_beta] C:\Program Files\NetKitap\netkitap_v2_0.exe (More Details) O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (More Details) O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe" (More Details) O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized (More Details) O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (More Details) O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (More Details) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) (More Details) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) (More Details) O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (More Details) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (More Details) O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (More Details) O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) (More Details) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) (More Details) O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) (More Details) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing) (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) Privacy Policy | ||||||
