View MDO database (O4)
Showing entries 51 to 75 of 167.
Go directly to page: 1 2 3 4 5 6 7
(X) O4 - HKLM..Run: [[Win Xp] Personal Firewall] WinSyswal32.exe CWS Spyware!! Fix / Info: Task Manager, HijackThis, CWShredder, etc. may also require special tools yet to be developed http://www.spywareinfoforum.info/newsletter/archives/2005/aug7.php Windows ALL; discovered by Basementgeek |
(X) O4 - HKLM..RunServices: [microsft Updates] msupdate32.exe CWS Spyware!! Fix / Info: Task Manager, HijackThis, CWShredder, etc. may also require special tools yet to be developed http://www.spywareinfoforum.info/newsletter/archives/2005/aug7.php Windows ALL; discovered by Basementgeek |
(X) O4 - HKLM\..\Run: [*avmp3] C:\WINNT\Fonts\avmp3.exe Virtumonde/StopGuard infection Fix / Info: See fix at the suggested URL http://www.bleepingcomputer.com/forums/How_to_remove_Virtumonde_Stopguard_CATLEvents_TrojanVundo-t3494.html Windows ALL; discovered by nasdaq |
(X) O4 - HKLM\..\Run: [*JAVAAD] C:\WINDOWS\APPPATCH\JAVAAD.EXE Virtumonde/StopGuard infection Fix / Info: See fix at the suggested URL http://www.bleepingcomputer.com/forums/How_to_remove_Virtumonde_Stopguard_CATLEvents_TrojanVundo-t3494.html Windows ALL; discovered by nasdaq |
(X) O4 - HKLM\..\Run: [12C.tmp.exe] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\12C.tmp.exe 0 10001 Bube.d Fix / Info: Kaspersky anti-virus (30 day trial version if not already present) Windows ALL; discovered by Angoid |
(X) O4 - HKLM\..\Run: [12C.tmp] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\12C.tmp.exe 0 10001 Bube.d Fix / Info: Kaspersky anti-virus (30 day trial version if not already present) Windows ALL; discovered by Angoid |
(X) O4 - HKLM\..\Run: [15E.tmp.exe] C:\WINNT\TEMP\15E.tmp.exe 3 10001 Bube.d Fix / Info: Kaspersky anti-virus (30 day trial version if not already present) Windows ALL; discovered by Angoid |
(X) O4 - HKLM\..\Run: [15E.tmp] C:\WINNT\TEMP\15E.tmp.exe 3 10001 Bube.d Fix / Info: Kaspersky anti-virus (30 day trial version if not already present) Windows ALL; discovered by Angoid |
(X) O4 - HKLM\..\Run: [4.tmp.exe] C:\WINNT\TEMP\4.tmp.exe 0 10001 Bube.d Fix / Info: Kaspersky anti-virus (30 day trial version if not already present) Windows ALL; discovered by Angoid |
(X) O4 - HKLM\..\Run: [4.tmp] C:\WINNT\TEMP\4.tmp.exe 0 10001 Bube.d Fix / Info: Kaspersky anti-virus (30 day trial version if not already present) Windows ALL; discovered by Angoid |
(L) O4 - HKLM\..\Run: [@RegRunOnSecure] C:\PROGRA~1\Greatis\REGRUN~1\OnSecure.exe Related to RegRun Security Suite http://www.greatis.com/security/ Windows ALL; discovered by nasdaq |
(X) O4 - HKLM\..\Run: [a332543369bd] C:\WINDOWS\system32\atrace34.exe CoolWebSearch Infection Fix / Info: HijackThis - CWShredder http://labs.paretologic.com/spyware.aspx?remove=Trojan/CWS%20Combo Windows ALL; discovered by nasdaq |
(L) O4 - HKLM\..\Run: [aaLDSoftMon] C:\LDClient\SoftMon.EXE Related to LANDeskŪ Management Agent http://www.superadblocker.com/S/SOFTMON.EXE-1047.html Windows ALL; discovered by nasdaq |
(X) O4 - HKLM\..\Run: [abasa5jrp] C:\WINDOWS\system32\abasa5jrp.exe ShopAtHome adaware. Fix / Info: HijackThis, delete file, AwAware tool http://www.superadblocker.com/A/ABASA5JRP.EXE-1975.html Windows ALL; discovered by nasdaq |
(L) O4 - HKLM\..\Run: [ACUMon] "C:\Program Files\Cisco Systems\Aironet Client Monitor\ACUMon.Exe" This is the client control and monitoring utility for my Cisco PCMCIA wireless LAN adapter. http://www.windowsstartup.com/wso/detail.php?id=3980 Windows ALL; discovered by nasdaq |
(L) O4 - HKLM\..\Run: [AdvTray] C:\Program Files\Black White Box\bin\AdvTray.exe Black White Box delivers software that improves an organization's control and management of Information Systems (IS). http://bwbox.com/ Windows ALL; discovered by nasdaq |
(L) O4 - HKLM\..\Run: [Anon2005] C:\Program Files\Anonymizer\Anon2005\Anon2005.exe Related to Anonymizer, Inc. Fix / Info: n/a http://www.anonymizer.com/ Windows ALL; discovered by nasdaq |
(X) O4 - HKLM\..\Run: [ap9h4qmo] C:\WINDOWS\System32\ap9h4qmo.exe Shop At Home Agent Application Components. Monitors your shopping and surfing habits and transmits them to a central server. Fix / Info: HijackThis, delete file, AwAware tool http://www.superadblocker.com/A/ABASA5JRP.EXE-1975.html Windows ALL; discovered by nasdaq |
(L) O4 - HKLM\..\Run: [ATTFirewallChk] C:\WINNT\NFW-REG01.EXE NFW-REG01.EXE is from the Pitney Bowes firewall app. See remarks from user. http://spywareinfoforum.com/index.php?act=ST&f=18&t=52441 Windows ALL; discovered by nasdaq |
(L) O4 - HKLM\..\Run: [BLINK2CC] C:\WINDOWS\twain_32\SiPix\SCBLINK2\BLINK2CC.exe Related to SiPix Digital camera. http://www.sipixdigital.com/ Windows ALL; discovered by nasdaq |
(X) O4 - HKLM\..\Run: [BrowserBrand] C:\Program Files\ONLINE~1\XTRA\brand.exe On all logs checked on google this item is fixed. Fix / Info: HijackThis Windows ALL; discovered by nasdaq |
(L) O4 - HKLM\..\Run: [ChrisTV Agent] "E:\Program Files\ChrisTV\ChrisTV_Agent.exe" Associated with Chris P.C. srl. http://www.chris-tv.com/ Windows ALL; discovered by nasdaq |
(X) O4 - HKLM\..\Run: [Counter Strike: Source] CSS.exe Backdoor.Lanfilt.B Allows its creator unauthorized access to a compromised computer. Fix / Info: HJT and Virus removal programs. http://securityresponse.symantec.com/avcenter/venc/data/backdoor.lanfilt.b.html Windows ALL; discovered by nasdaq |
(L) O4 - HKLM\..\Run: [CpRmtKey] "C:\Program Files\TOSHIBA\Toshiba Controls\CpRmtKey.EXE" Dritek Multimedia HotKey Program http://www.superadblocker.com/C/CPRMTKEY.EXE-3764.html Windows ALL; discovered by nasdaq |
(U) O4 - HKLM\..\Run: [ExistFlag] o Brothers Ind. Garmen printer. http://www.siteadvisor.com/sites/brother-usa.com/downloads/32416171/ Windows ALL; discovered by nasdaq |
This is a list of items that is designed to help with the analysis of HijackThis, DDS, OTL and FRST logs.
It is by no means exhaustive (in fact it is being added to all the time), and is intended
to complement other legitimate online lists.