|
Spyware File Details R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen Last Detected: 1/25/2006 8:51:00 AM Found on 10 PCs. Users with this object complained of the following: "slow pc" "Very slow, after cleaning all inutile software still slow and hardly any capacity" "popups, strange icons on my desktop" "slow" "slow pc" PCs containing this item also contained the following spyware: R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen (More Details) O4 - Startup: Muis.lnk = C:\WINDOWS\system32\main.cpl (More Details) O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe (More Details) O4 - Global Startup: Monitor.lnk = ? (More Details) O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll (More Details) O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll (More Details) O15 - Trusted IP range: 193.58.81.70 (More Details) O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Shared/Applet//DexiaIIA.cab (More Details) O17 - HKLM\System\CCS\Services\Tcpip\..\{3D2BFF40-3576-4C5C-A385-8EB16585AE69}: NameServer = 85.255.115.118,85.255.112.12 (More Details) O17 - HKLM\System\CCS\Services\Tcpip\..\{464D92E4-5705-4E23-A6A9-65D4BCA3DCD7}: NameServer = 85.255.115.118,85.255.112.12 (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://breedband.telenet.be/ (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://breedband.telenet.be (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = (More Details) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=TraceRemoverPopupKiller:8100 (More Details) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local (More Details) O4 - HKLM\..\Run: [Traceless] "C:\Program Files\Traceless\traceless.exe" launch (More Details) O4 - Global Startup: BTTray.lnk = ? (More Details) O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm (More Details) O4 - HKLM\..\Run: [intell32.exe] C:\WINDOWS\System32\intell32.exe (More Details) O4 - HKLM\..\Run: [WinHound] C:\Program Files\WinHound\WinHound.exe (More Details) O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe (More Details) O20 - Winlogon Notify: browsela - C:\WINDOWS\system32\browsela.dll (file missing) (More Details) O20 - Winlogon Notify: msupdate - C:\WINDOWS\SYSTEM32\msupdate32.dll (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/0413/bl8.asp (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.be (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/0413/bl8.asp (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.be (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://breedband.telenet.be/ (More Details) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8100 (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchcentral.cc/search.php?v=4&aff=2729 (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchcentral.cc/index.php?v=4&aff=2729 (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchcentral.cc/index.php?v=4&aff=2729 (More Details) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *hot-searches.com*;*lender-search.com* (More Details) O1 - Hosts file is located at: C:\WINDOWS\nsdb\hosts (More Details) O1 - Hosts: 82.179.166.164 lender-search.com (More Details) O1 - Hosts: 82.179.166.165 hot-searches.com (More Details) O2 - BHO: WHttpHelper Class - {9896231A-C487-43A5-8369-6EC9B0A96CC0} - C:\WINDOWS\System32\WStart.dll (More Details) O4 - HKLM\..\Run: [NTCommLib3] C:\WINDOWS\System32\NTCommLib3.exe (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) | ||||||
