|
Spyware File Details O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE Last Detected: 6/29/2006 4:01:00 PM Found on 12 PCs. Users with this object complained of the following: "Slow computer generally" "the pc is slow but also has pop-ups from ad-first and some online poker site everytime you log onto the internet and the avoid pop-up blockers and don't show up in ad or remove programs. I have also run a variety of adware removers and they don't seem to work either." "there is junk mail pop up, slow pc, error, etc." "Over the last few weeks, I have had browser problems ( I use Firefox primarily--also via Netscape-- and IE Explorer). I keep losing contact with Google although the link and browser are still functioning. I also got error reports from Firefox that it could not contact the server and needed to close down. This also happened with Thunderbird. I tried uninstalling and re-installing both programmes to no avail and visited several XP restore points. Thus I have been using Microsoft Explorer and mail and the former has also lost server contact. My AVG anti-virus scan listed four instances of ExploitWMF and eight of Java/ByteVerify. The former are now in the Vault, the latter are apparently fairly harmless. However, when I ran another anti-virus test (XoftSpy) it briefly noted that my browser may have been hijacked. It found only 18 innocuous trackers and no viruses or trojans. However, I cleared the Java plug-in cache and un-enabled caching to stop any further Java/ByteVerify arrivals. " PCs containing this item also contained the following spyware: R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm (More Details) O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE (More Details) O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yfvzblowzoesgxol.com/hmNa92bjFc_3N7481k5Jnad0CMcXmbcZ8gHo/BUENNlWk_XDJp073OTonJhFMMIQ.htm (More Details) O1 - Hosts: 207.68.176.250 auto.search.msn.com (More Details) O1 - Hosts: 64.12.152.18 search.netscape.com (More Details) O2 - BHO: (no name) - {E714C353-37B0-3F62-A1F1-97C46CEC562A} - C:\DOCUME~1\Brad\APPLIC~1\HOLDMA~1\multi five.exe (More Details) O4 - HKLM\..\Run: [requester] "C:\WINDOWS\system32\requester.11.exe" (More Details) O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto (More Details) O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k (More Details) O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup (More Details) O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\System32\fast.exe (More Details) O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) | ||||||
