|
Spyware File Details O4 - HKLM\..\Run: [drsmartloadb] c:\\drsmartloadb.exe Last Detected: 2/17/2006 12:29:00 AM Found on 10 PCs. Users with this object complained of the following: "google home page " "popup" "2006-01-16,11:52:53 System Repair Engineer 2.0.12.350 (2.0 RC 1) Windows XP Professional - Administrative User - Completed Functions Allowed Follow item(s) have been choosed: All Boot Items (Including Registry, Startup Folders, Services and so on) Browser Add-ons Runing Processes (Including process model information) File Associations Boot Items Registry [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vnculos (More Details) O4 - HKLM\..\Run: [drsmartloadb] c:\\drsmartloadb.exe (More Details) O4 - HKLM\..\Run: [winsync] C:\WINDOWS\system32\yiqiwk.exe reg_run (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com (More Details) O4 - HKLM\..\Run: [Popup Blocker System9 Monitoring] PopUpBlocker9.exe (More Details) O4 - HKLM\..\Run: [MS Office1 Startup] OfficeGUI1.exe (More Details) O4 - HKLM\..\Run: [timessquare] c:\windows\timessquare.exe (More Details) O4 - HKLM\..\Run: [winsync] C:\WINNT\system32\ycyyii.exe reg_run (More Details) O4 - HKLM\..\RunServices: [Popup Blocker System9 Monitoring] PopUpBlocker9.exe (More Details) O4 - HKLM\..\RunServices: [MS Office1 Startup] OfficeGUI1.exe (More Details) O4 - Global Startup: pjpp.exe (More Details) O4 - HKLM\..\Run: [banmanpro] C:\windows\banmanpro.exe (More Details) O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://promo.dollarrevenue.com/webmasterexe/drsmartload117a.exe (More Details) O20 - Winlogon Notify: RunOnce - C:\WINDOWS\system32\enl6l13s1.dll (More Details) O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\WWF1IFNhbmc\command.exe (More Details) O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (More Details) R3 - URLSearchHook: (no name) - {C4963B66-D089-AD55-F83D-F8EA1DCD7BC5} - C:\WINDOWS\system32\zirkhung.dll (More Details) F2 - REG:system.ini: Shell= (More Details) O2 - BHO: (no name) - {C4963B66-D089-AD55-F83D-F8EA1DCD7BC5} - C:\WINDOWS\system32\zirkhung.dll (More Details) O2 - BHO: (no name) - {D5529FD5-7337-0BE3-4347-5A50D6213392} - C:\WINDOWS\system32\besesjm.dll (file missing) (More Details) O4 - HKLM\..\Run: [enewsletterpro] C:\windows\enewsletterpro.exe (More Details) O4 - HKCU\..\Run: [Gqrkpzno] C:\WINDOWS\system32\??ool32.exe (More Details) O20 - Winlogon Notify: satdll - satdll.dll (file missing) (More Details) O20 - Winlogon Notify: ShellScrap - C:\WINDOWS\ (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) Privacy Policy | ||||||
