|
Spyware File Details R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System\blank.htm Last Detected: 3/19/2006 11:58:00 AM Found on 15 PCs. Users with this object complained of the following: "constant adware on desktop,homepage---everywhere" "slow, browser control" "alot of pop ups comuter very slow unable to open email when going into my email links with in the mail wont work " "have spyware issues constant pop ups error messages at start up such as csrss.new.exe very slow computer also get a error message about my sub system being dos not sure what it is" "spyware, desktop background image changed to a screen that I cant change and it says there is spyware on the computer." PCs containing this item also contained the following spyware: R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System\blank.htm (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System\blank.htm (More Details) O20 - Winlogon Notify: Themes - C:\WINDOWS\system32\j62q0gf5e62.dll (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = + (More Details) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 67.99.5.145:80 (More Details) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 (More Details) O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) (More Details) O16 - DPF: Win32 Classes - (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/ie.aspx?tb_id=60124 (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/?tbid=60124 (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60124 (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60124 (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60124 (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60124 (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = (More Details) R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll (More Details) O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?p=%s (More Details) R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) (More Details) F3 - REG:win.ini: load=C:\WINDOWS\System32\lufajlvb\csrss.new.exe (More Details) F3 - REG:win.ini: run=C:\WINDOWS\System32\lufajlvb\csrss.new.exe (More Details) O1 - Hosts: 64.233.167.104 www.symantec.com (More Details) O1 - Hosts: 64.233.167.104 www.sophos.com (More Details) O1 - Hosts: 64.233.167.104 www.mcafee.com (More Details) O1 - Hosts: 64.233.167.104 www.viruslist.com (More Details) O1 - Hosts: 64.233.167.104 www.f-secure.com (More Details) R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL (More Details) O2 - BHO: CInterfaceObj Object - {58F07DD3-924D-4141-BC74-299F523A95F1} - C:\WINDOWS\pxwma.dll (More Details) O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (More Details) O3 - Toolbar: (no name) - {09C02180-3B46-4CD8-83FF-34DAF442BDEF} - (no file) (More Details) O8 - Extra context menu item: Search Using Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT (More Details) O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE (More Details) O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE (More Details) O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) | ||||||
