|
Spyware File Details O4 - HKLM\..\Run: [WindowsUpdateNT] C:\WINDOWS\System\svwhost.exe /s Last Detected: 4/2/2006 8:43:00 PM Found on 6 PCs. Users with this object complained of the following: "maleware and spy ware" "Can't get rid of "Vcodec" using spybot. Still have "SypwareStrike 2.5" on my machine and can't get rid of it too. My windows firewall keeps getting shut off. TIA" "Can't get rid of the following programs using uninstall- Spy Axe or Spyware Strike. They keep re-installing themselfs. WANT THEM GONE. PLEASE HELP. TIA" PCs containing this item also contained the following spyware: R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = (More Details) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost (More Details) F3 - REG:win.ini: run=C:\WINDOWS\inet20001\winlogon.exe (More Details) O2 - BHO: HomepageBHO - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - C:\WINDOWS\system32\hpE1B5.tmp (More Details) O2 - BHO: (no name) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - (no file) (More Details) O3 - Toolbar: CM Band - {159C2E51-9823-11D2-8DDC-D84A1B4ACD4D} - C:\Program Files\Crystalys media\cm.dll (More Details) O4 - HKLM\..\Run: [abu] abu.exe (More Details) O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inet20001\winlogon.exe (More Details) R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch (More Details) O2 - BHO: HomepageBHO - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - C:\WINDOWS\system32\hp8FB9.tmp (More Details) O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (More Details) O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u (More Details) O4 - HKLM\..\Run: [WindowsUpdateNT] C:\WINDOWS\System\svwhost.exe /s (More Details) O2 - BHO: International - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - C:\WINDOWS\system32\hpE6A6.tmp (More Details) O4 - HKLM\..\Run: [Optimum Online] C:\Program Files\Optimum Online\Netsurf.exe -tray (More Details) O4 - HKLM\..\Run: [SpywareStrike] C:\Program Files\SpywareStrike\SpywareStrike.exe /h (More Details) O4 - HKLM\..\Run: [SpyAxe] C:\Program Files\SpyAxe\spyaxe.exe /h (More Details) O4 - HKCU\..\Run: [xp_system] C:\WINDOWS\inet20001\winlogon.exe (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file://C:\WINDOWS\blank.mht (More Details) F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\kernels64.exe (More Details) F3 - REG:win.ini: run=C:\WINDOWS\inet20001\services.exe (More Details) O2 - BHO: C:\WINDOWS\system32\st3.dll - {1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5} - C:\WINDOWS\system32\st3.dll (More Details) O2 - BHO: C:\WINDOWS\adsldpbe.dll - {7507739F-BC2E-4DC3-B233-816783C25DC9} - C:\WINDOWS\adsldpbe.dll (More Details) O2 - BHO: (no name) - {78364D99-A640-4ddf-B91A-67EFF8373045} - C:\WINDOWS\System32\apwiz.dll (More Details) O2 - BHO: (no name) - {B75F75B8-93F3-429D-FF34-660B206D897A} - C:\WINDOWS\system32\zolker011.dll (More Details) O2 - BHO: ZToolbar Activator Class - {FFF5092F-7172-4018-827B-FA5868FB0478} - C:\WINDOWS\system32\ztoolb011.dll (More Details) O3 - Toolbar: ZToolbar - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB} - C:\WINDOWS\system32\ztoolb011.dll (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q= (More Details) F2 - REG:system.ini: Shell= (More Details) O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file) (More Details) O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) (More Details) O4 - HKCU\..\Run: [WindowsUpdateNT] C:\WINDOWS\System\svwhost.exe (More Details) O21 - SSODL: upRPfIkkpW - {4CF2B954-E658-13FE-8FC6-AEE8700F5F7C} - blank (file missing) (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) | ||||||
