|
Spyware File Details O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab Last Detected: 1/29/2006 2:24:00 AM Found on 3 PCs. Users with this object complained of the following: "My computer has a message on the taskbar that says dangerous malware infection was detected on my PC. The system will download and int stall most efficient antimalware program to prevent data loss and your pvt information theft, click here to protect your computer from the biggest malware threats. If i click anywhere it opens spyware page wanting me to pay for this download. I have scanned with adaware, spybot and ran a virus scan. Cleaned up with add/remove programes yet this message still comes up. What is your advice please. Can u please help me. Thank you" "there are always a lot of popups when i'm surfing the internet...and the number of those popups seems to be more and more.....most of those popups are adveritsments like: http://www.cli-tone.com.hk.... they keep poping up.... if there's popup, i'll close it immediately,,, but it will pop up again after a short while.... beside the popups, sometimes, there are some new icons on the desktop..... but i didn't install them.....when i saw these icons, i'll delete them, but weeks later, they may appear in my desktop again.... i can't remember the names of those icons... they were like "my cellular"..."my casino"... and something like that" "popups" PCs containing this item also contained the following spyware: R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ninemsn.com.au/ (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.ninemsn.com.au/ (More Details) O2 - BHO: HomepageBHO - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - C:\C\WINDOWS\system32\hp6543.tmp (More Details) O3 - Toolbar: (no name) - {54C44E5F-AEA9-458E-B33B-7936F2CB57F1} - (no file) (More Details) O4 - HKLM\..\Run: [WINDOWSflashbrg] C:\C\WINDOWS\sqldata1.exe (More Details) O4 - HKCU\..\Run: [Spyware Cleaner] "C:\Program Files\Spyware Cleaner\SpywareCleaner.Exe" /boot (More Details) O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe (More Details) O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/applet-6.4.3.36/omaha/omaha-ob-assets.cab (More Details) O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.4.1.46/aces/aces-ob-assets.cab (More Details) R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (More Details) O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (More Details) O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (More Details) O2 - BHO: (no name) - {26115CAF-42F0-5F31-6952-24C986F0F98F} - (no file) (More Details) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (More Details) O2 - BHO: (no name) - {7DD2A909-DF2E-5B69-3F6B-3F2F42256143} - C:\DOCUME~1\hk\APPLIC~1\SHIMMA~1\Adminnoun.exe (More Details) O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\Jccatch.dll (More Details) O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll (More Details) O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (More Details) O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe (More Details) O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (More Details) O8 - Extra context menu item: ? FlashGet U - C:\Program Files\FlashGet\jc_link.htm (More Details) O8 - Extra context menu item: ? FlashGet U - C:\Program Files\FlashGet\jc_all.htm (More Details) O16 - DPF: i.Game MJImpressHK - http://202.43.223.149/client/MJc/com/igame/MJImpressTest.cab (More Details) O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) | ||||||
