ALL PP F0 F1 F2 F3 R0 R1 N1 N2 N3 N4 O1 O2 O3 O4 O5 O6 O7 O8
O9 O10 O11 O12 O13 O14 O15 O16 O17 O18 O19 O20 O21 O22 O23 CHR FF
View MDO database (R1)
Showing entries 676 to 700 of 1011.
Go directly to page: 1 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 41
|
(U) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://inet-pac.sabr...sabre-proxy.pac set by user Windows ALL; discovered by nasdaq |
|
(U) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://stlkc1svwsus....net/pacfile.pac set by user Windows ALL; discovered by nasdaq |
|
(U) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = www.comcast.net Set by user Windows ALL; discovered by nasdaq |
|
(Q) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local indicates that Internet Explorer will not use the proxy for all internal network addresses. Windows ALL; discovered by nasdaq |
|
(Q) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local; Could be related to malware Fix / Info: Fix only if you find traces of MySpace/FaceBook worm on the log. Read the link. http://miekiemoes.blogspot.com/2008/10/myspacefacebook-worm-causes-confusion.html Windows ALL; discovered by nasdaq |
|
(Q) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local Check if required. Could be associated with a Rogue Fakealert infection Windows ALL; discovered by nasdaq |
|
(U) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1; Set by user Windows ALL; discovered by nasdaq |
|
(U) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = Set by user Windows ALL; discovered by nasdaq |
|
(U) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost Do not remove. Windows ALL; discovered by nasdaq |
|
(U) R1 - HKCU\Software\Microsof\Internet Connection Wizard,ShellNext = http://qca10.hpwis.com/ Set by user Windows ALL; discovered by nasdaq |
|
(X) R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://103.nowfind.biz/pps.php blocked by this hosts file. Adware NowFind. Fix / Info: HijackThis, AwAware tool http://www.mvps.org/winhelp2002/hosts.htm Windows ALL; discovered by nasdaq |
|
(X) R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com Added by AntiSpyCheck a Rogue program. Fix / Info: Hijackthis http://www.bleepingcomputer.com/malware-removal/antispycheck Windows ALL; discovered by nasdaq |
|
(X) R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://s-redirect.com/?a=2&b=n-glx-2 CoolWebSearch variant Fix / Info: Cwshredder tool http://xblock.com/product_show.php?id=930 Windows ALL; discovered by nasdaq |
|
(X) R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://windiwsfsearch.com Redirects Google search to malware sites. Windows ALL; discovered by nasdaq |
|
(X) R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://windowsisearch.com Trojan.Win32.Agent.aesw [Kaspersky Lab] http://www.threatexpert.com/report.aspx?md5=210c2d02a16de44735e50eccefe346e Windows ALL; discovered by nasdaq |
|
(X) R1 - HKLM\Software\Microsoft\Internet Explorer\ Main,Start Page_bak = prosearching.com Adware-WinActive Fix / Info: HijackThis - AdAware tool http://vil.nai.com/vil/content/v_125025.htm Windows ALL; discovered by nasdaq |
|
(O) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.c...aspx?TbId=60181 Related to the Crawler Toolbar. Read the link. http://www.systemlookup.com/CLSID/28542-ctbr_dll.html Windows ALL; discovered by nasdaq |
|
(O) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.c...aspx?TbId=60280 Related to the Crawler Toolbar. Read the link. http://www.systemlookup.com/CLSID/28542-ctbr_dll.html Windows ALL; discovered by nasdaq |
|
(O) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.c...aspx?TbId=60327 Related to the Crawler Toolbar. Read the link. http://www.systemlookup.com/CLSID/28542-ctbr_dll.html Windows ALL; discovered by nasdaq |
|
(O) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.c...aspx?TbId=60426 Related to the Crawler Toolbar. Read the link. http://www.systemlookup.com/CLSID/28542-ctbr_dll.html Windows ALL; discovered by nasdaq |
|
(O) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.c...aspx?TbId=60446 Related to the Crawler Toolbar. Read the link. http://www.systemlookup.com/CLSID/28542-ctbr_dll.html Windows ALL; discovered by nasdaq |
|
(O) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/ Read the link. http://vil.mcafeesecurity.com/vil/content/v_137764.htm Windows ALL; discovered by nasdaq |
|
(X) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa WinTools infection Fix / Info: See fix at the suggested URL http://spywareinfoforum.com/index.php?act=ST&f=6&t=48083 Windows ALL; discovered by nasdaq |
|
(U) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL.com - Welcome to AOL set by user Windows ALL; discovered by nasdaq |
|
(U) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm Set by user Windows ALL; discovered by nasdaq |
This is a list of items that is designed to help with the analysis of HijackThis, DDS, OTL and FRST logs.
It is by no means exhaustive (in fact it is being added to all the time), and is intended
to complement other legitimate online lists.