View MDO database (O20)
Showing entries 26 to 50 of 79.
(L) O20 - HKU\S-1-5-19 Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) From Microsoft. Reported by OTL log. Windows ALL; discovered by nasdaq |
(L) O20 - HKU\S-1-5-20 Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) From Microsoft. Reported by OTL log. Windows ALL; discovered by nasdaq |
(X) O20 - Winlogon Notify: App Paths - C:\WINDOWS\system32\fp4o03h3e.dll Look2Me infection. Fix / Info: L2mfix tool. http://www.geekstogo.com/forum/ISRVS_problem-t13336.html Windows ALL; discovered by nasdaq |
(X) O20 - Winlogon Notify: aveula - C:\WINDOWS\repair\aveula.dll Trojan Agent. DJ Fix / Info: HJT and Virus/trojan removal programs. Windows ALL; discovered by nasdaq |
(L) O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\System32\catsrvut.dll This program uses the Winlogon Notify key to automatically start. This key is used to run certain programs when specific actions occur such as computer starting up, a user logging in or logging off, or a computer shutting down. http://www.bleepingcomputer.com/startups/ComPlusSetup-9965.html Windows ALL; discovered by nasdaq |
(L) O20 - Winlogon Notify: DPWLN - C:\WINDOWS\system32\DPWLEvHd.dll "Digital Persona" which is who makes the fingerprint scanner I have connected to the computer. http://www.fbeej.dk/NewHJTEntries.htm Windows ALL; discovered by n |
(X) O20 - Winlogon Notify: Dynamic Directory - C:\WINDOWS\system32\lv6809jue.dll Check for VX2 infection. Fix / Info: L2MFIX tool http://forum.malwareremoval.com/viewtopic.php?t=1886 Windows ALL; discovered by nasdaq |
(X) O20 - Winlogon Notify: eetvpn - C:\WINDOWS\SYSTEM32\eetvpn.dll Haxdoor variant. Fix / Info: Haxfix tool by Marckie http://spywareinfoforum.com/index.php?act=ST&f=6&t=66836 Windows ALL; discovered by nasdaq |
(X) O20 - Winlogon Notify: emul65 - C:\WINDOWS\SYSTEM32\emul65.dll Haxdoor variant. Fix / Info: Haxfix tool by Marckie http://spywareinfoforum.com/index.php?act=ST&f=6&t=66836 Windows ALL; discovered by nasdaq |
(X) O20 - Winlogon Notify: f3dsl - C:\WINDOWS\SYSTEM32\lsd_f3.dll PWSteal.Banker.B is a Trojan horse that attempts to steal financial information. It also has a limited backdoor functionality Fix / Info: HJT and Virus/trojan removal programs. http://securityresponse.symantec.com/avcenter/venc/data/pwsteal.banker.b.html Windows ALL; discovered by nasdaq |
(X) O20 - Winlogon Notify: Group Policy - C:\WINDOWS\system32\k8440ihqe84e0.dll Look2Me infection. Fix / Info: L2mfix tool. http://www.techsupportforum.com/computer/topic/51416-1.html Windows ALL; discovered by nasdaq |
(X) O20 - Winlogon Notify: ipvss - C:\DOCUME~1\Su\LOCALS~1\Temp\ssvpi.dat Suspect Elite ToolBar infection. Fix / Info: HijackThis, delete file, Malware removal tool. Windows ALL; discovered by nasdaq |
(L) O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Common Files\Mediafour\MacDriveiTunesPatch.dll MacDrive 6 for Windows is the perfect solution for accessing any Mac-formatted disk on your Windows PC. http://www.mediafour.com/ Windows ALL; discovered by nasdaq |
(X) O20 - Winlogon Notify: msvctapi - C:\WINDOWS\Web\msvctapi.dll Related to a random name trojan. Windows ALL; discovered by Nasdaq |
(X) O20 - Winlogon Notify: netdll - C:\WINDOWS\inf\netdll.dll Troj/Agent-DJ is capable of spying on a user's browsing habits, modifying Internet Explorer settings, downloading further executables and displaying popup advertisements. Fix / Info: HijackThis - Trojan/Virus removal tools http://www.sophos.co.uk/virusinfo/analyses/trojagentdj.html Windows ALL; discovered by nasdaq |
(X) O20 - Winlogon Notify: odbclib - C:\WINDOWS\odbclib.dll Trojan - TROJ_AGENT.FZ Fix / Info: HJT and Virus/trojan removal programs. http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ%5FAGENT%2EFZ&VSect=T Windows ALL; discovered by Nasdaq |
(X) O20 - Winlogon Notify: policies - C:\WINDOWS\system32\t8r80i9ue8.dll VX2 infection. Fix / Info: LM2Fix tool. http://www.tech-forums.net/history/topic/43559-1.html Windows ALL; discovered by nasdaq |
(X) O20 - Winlogon Notify: req - C:\WINNT\system32\req.dat (file missing) Troj/ConHook-B is a Trojan for the Windows platform. Fix / Info: HJT and Virus/trojan removal programs. http://www.sophos.com/virusinfo/analyses/trojconhookb.html Windows ALL; discovered by Nasdaq |
(X) O20 - Winlogon Notify: rmk8ot - C:\WINDOWS\SYSTEM32\rmk8ot.dll Haxdoor variant. Fix / Info: Haxfix tool by Marckie http://spywareinfoforum.com/index.php?act=ST&f=6&t=66836 Windows ALL; discovered by nasdaq |
(X) O20 - Winlogon Notify: rxx5ot - C:\WINDOWS\SYSTEM32\rxx5ot.dll Haxdoor variant. Fix / Info: Haxfix tool by Marckie http://spywareinfoforum.com/index.php?act=ST&f=6&t=66836 Windows ALL; discovered by nasdaq |
(X) O20 - Winlogon Notify: satad640 - C:\WINDOWS\SYSTEM32\satad640.dll Goldun variant Fix / Info: Haxfix tool by Marckie http://spywareinfoforum.com/index.php?act=ST&f=6&t=66836 Windows ALL; discovered by nasdaq |
(X) O20 - Winlogon Notify: scsi2usb - C:\WINDOWS\SYSTEM32\scsi2usb.dll Haxdoor variant. Fix / Info: Haxfix tool by Marckie http://spywareinfoforum.com/index.php?act=ST&f=6&t=66836 Windows ALL; discovered by nasdaq |
(X) O20 - Winlogon Notify: scsiusr4 - C:\WINDOWS\SYSTEM32\scsiusr4.dll Haxdoor variant. Fix / Info: Haxfix tool by Marckie http://spywareinfoforum.com/index.php?act=ST&f=6&t=66836 Windows ALL; discovered by nasdaq |
(X) O20 - Winlogon Notify: SideBySide - C:\WINDOWS\system32\gp02l3do1.dll Look2Me VX2 infection. Fix / Info: Use the L2Mfix http://spywareinfoforum.com/index.php?act=ST&f=6&t=39262 Windows ALL; discovered by Nasdaq |
(X) O20 - Winlogon Notify: st3 - C:\WINDOWS\system32\st3.dll Trojan.Downloader.Delf.H Fix / Info: See removal instructions at the link below. http://spywareinfoforum.com/index.php?act=ST&f=6&t=65518 Windows ALL; discovered by nasdaq |
This is a list of items that is designed to help with the analysis of HijackThis, DDS, OTL and FRST logs.
It is by no means exhaustive (in fact it is being added to all the time), and is intended
to complement other legitimate online lists.