|
Spyware File Details O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll Last Detected: 5/25/2006 5:44:00 AM Found on 9 PCs. Users with this object complained of the following: "%systemroot%\system32\dumprep 0 -k shuts down computer and dumps files in cache" "spyware, virus" "alot of popups " "Slow pc, some popups, am using Spybot, Spyware Blaster & Adawar..." "i have a spyware infection" PCs containing this item also contained the following spyware: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us7.hpwis.com/ (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us7.hpwis.com/ (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us7.hpwis.com (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.isp.com/ (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us7.hpwis.com/ (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://us7.hpwis.com/ (More Details) O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Zero Knowledge\Freedom\pkR.dll (More Details) O2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll (More Details) O2 - BHO: Burn4Free Toolbar Helper - {F8E5CA21-C27B-43e7-B2BE-4CA93C9F9A1F} - C:\Program Files\Burn4Free Toolbar\v2.0.0.3\Burn4Free_Toolbar.dll (More Details) O4 - HKLM\..\Run: [saap] c:\program files\180search assistant\saap.exe (More Details) O4 - HKLM\..\Run: [srij] C:\WINDOWS\srij.exe (More Details) O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto (More Details) O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe (More Details) O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe (More Details) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (More Details) O16 - DPF: {99410CDE-6F16-42ce-9D49-3807F78F0287} (ClientInstaller Class) - http://www.180searchassistant.com/180saax.cab (More Details) O17 - HKLM\System\CCS\Services\Tcpip\..\{EA41C3D6-9D1E-4E5B-8A14-F6A9D12E4B15}: NameServer = 196.25.255.3,196.25.255.34 (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.gwwrsjszpaghpwzoffagxpcq.com/1LDwTjr_HtJs_fqr6V8Yo_6gPN2zZCgwq3j3UhhQQnmOUVvS8Ys1wQKUqQnl2LFO.html (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://213.159.117.134/index.php (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://minisearch.startnow.com/ (More Details) R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://minisearch.startnow.com/ (More Details) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = (More Details) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Mr.Nokia Explorer (More Details) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9202 (More Details) R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = (More Details) O2 - BHO: SU Toolbar Helper - {D44BBB61-E17F-4AE6-A502-8D7E0B29E616} - C:\WINDOWS\DOWNLO~1\STUMBL~1.DLL (More Details) O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20020323/qtinstall.info.apple.com/qt505/us/win/QuickTimeInstaller.exe (More Details) O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - http://www.amiuptodate.com/vsc/bin/1,0,0,7/McUpdatePortal.cab (More Details) O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab (More Details) O16 - DPF: {95844941-7934-4693-92D9-8202EA7B20ED} - http://www.stumbleupon.com/stumble.cab (More Details) O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} - (More Details) O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\System32\PackethSvc.exe (More Details) R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emachines.com/ (More Details) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0 (More Details) O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Etomi\Plugins\RazaWebHook.dll (file missing) (More Details) O4 - HKLM\..\Run: [DI2] "C:\DOCUME~1\ANGUSB~1\LOCALS~1\Temp\27.exe\27.exe" (More Details) O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun (More Details) O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm (More Details) O8 - Extra context menu item: Download by Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm (More Details) O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm (More Details) O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm (More Details) O8 - Extra context menu item: Download with &Etomi - res://C:\Program Files\Etomi\Plugins\RazaWebHook.dll/3000 (More Details) Back to Spyware List |
||||||
| About HijackRemote | Recently Slayed Spyware | Message Board | Contact Us | ||||||
| HijackRemote ©2005 (Terms of Service) | ||||||
