View MDO database (O4)

Showing entries 51 to 75 of 167.

Go directly to page: 1 2 3 4 5 6 7

(X) O4 - HKLM..Run: [[Win Xp] Personal Firewall] WinSyswal32.exe
CWS Spyware!!
Fix / Info: Task Manager, HijackThis, CWShredder, etc. may also require special tools yet to be developed
http://www.spywareinfoforum.info/newsletter/archives/2005/aug7.php
Windows ALL; discovered by Basementgeek

(X) O4 - HKLM..RunServices: [microsft Updates] msupdate32.exe
CWS Spyware!!
Fix / Info: Task Manager, HijackThis, CWShredder, etc. may also require special tools yet to be developed
http://www.spywareinfoforum.info/newsletter/archives/2005/aug7.php
Windows ALL; discovered by Basementgeek

(X) O4 - HKLM\..\Run: [*avmp3] C:\WINNT\Fonts\avmp3.exe
Virtumonde/StopGuard infection
Fix / Info: See fix at the suggested URL
http://www.bleepingcomputer.com/forums/How_to_remove_Virtumonde_Stopguard_CATLEvents_TrojanVundo-t3494.html
Windows ALL; discovered by nasdaq

(X) O4 - HKLM\..\Run: [*JAVAAD] C:\WINDOWS\APPPATCH\JAVAAD.EXE
Virtumonde/StopGuard infection
Fix / Info: See fix at the suggested URL
http://www.bleepingcomputer.com/forums/How_to_remove_Virtumonde_Stopguard_CATLEvents_TrojanVundo-t3494.html
Windows ALL; discovered by nasdaq

(X) O4 - HKLM\..\Run: [12C.tmp.exe] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\12C.tmp.exe 0 10001
Bube.d
Fix / Info: Kaspersky anti-virus (30 day trial version if not already present)
Windows ALL; discovered by Angoid

(X) O4 - HKLM\..\Run: [12C.tmp] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\12C.tmp.exe 0 10001
Bube.d
Fix / Info: Kaspersky anti-virus (30 day trial version if not already present)
Windows ALL; discovered by Angoid

(X) O4 - HKLM\..\Run: [15E.tmp.exe] C:\WINNT\TEMP\15E.tmp.exe 3 10001
Bube.d
Fix / Info: Kaspersky anti-virus (30 day trial version if not already present)
Windows ALL; discovered by Angoid

(X) O4 - HKLM\..\Run: [15E.tmp] C:\WINNT\TEMP\15E.tmp.exe 3 10001
Bube.d
Fix / Info: Kaspersky anti-virus (30 day trial version if not already present)
Windows ALL; discovered by Angoid

(X) O4 - HKLM\..\Run: [4.tmp.exe] C:\WINNT\TEMP\4.tmp.exe 0 10001
Bube.d
Fix / Info: Kaspersky anti-virus (30 day trial version if not already present)
Windows ALL; discovered by Angoid

(X) O4 - HKLM\..\Run: [4.tmp] C:\WINNT\TEMP\4.tmp.exe 0 10001
Bube.d
Fix / Info: Kaspersky anti-virus (30 day trial version if not already present)
Windows ALL; discovered by Angoid

(L) O4 - HKLM\..\Run: [@RegRunOnSecure] C:\PROGRA~1\Greatis\REGRUN~1\OnSecure.exe
Related to RegRun Security Suite
http://www.greatis.com/security/
Windows ALL; discovered by nasdaq

(X) O4 - HKLM\..\Run: [a332543369bd] C:\WINDOWS\system32\atrace34.exe
CoolWebSearch Infection
Fix / Info: HijackThis - CWShredder
http://labs.paretologic.com/spyware.aspx?remove=Trojan/CWS%20Combo
Windows ALL; discovered by nasdaq

(L) O4 - HKLM\..\Run: [aaLDSoftMon] C:\LDClient\SoftMon.EXE
Related to LANDesk® Management Agent
http://www.superadblocker.com/S/SOFTMON.EXE-1047.html
Windows ALL; discovered by nasdaq

(X) O4 - HKLM\..\Run: [abasa5jrp] C:\WINDOWS\system32\abasa5jrp.exe
ShopAtHome adaware.
Fix / Info: HijackThis, delete file, AwAware tool
http://www.superadblocker.com/A/ABASA5JRP.EXE-1975.html
Windows ALL; discovered by nasdaq

(L) O4 - HKLM\..\Run: [ACUMon] "C:\Program Files\Cisco Systems\Aironet Client Monitor\ACUMon.Exe"
This is the client control and monitoring utility for my Cisco PCMCIA wireless LAN adapter.
http://www.windowsstartup.com/wso/detail.php?id=3980
Windows ALL; discovered by nasdaq

(L) O4 - HKLM\..\Run: [AdvTray] C:\Program Files\Black White Box\bin\AdvTray.exe
Black White Box delivers software that improves an organization's control and management of Information Systems (IS).
http://bwbox.com/
Windows ALL; discovered by nasdaq

(L) O4 - HKLM\..\Run: [Anon2005] C:\Program Files\Anonymizer\Anon2005\Anon2005.exe
Related to Anonymizer, Inc.
Fix / Info: n/a
http://www.anonymizer.com/
Windows ALL; discovered by nasdaq

(X) O4 - HKLM\..\Run: [ap9h4qmo] C:\WINDOWS\System32\ap9h4qmo.exe
Shop At Home Agent Application Components. Monitors your shopping and surfing habits and transmits them to a central server.
Fix / Info: HijackThis, delete file, AwAware tool
http://www.superadblocker.com/A/ABASA5JRP.EXE-1975.html
Windows ALL; discovered by nasdaq

(L) O4 - HKLM\..\Run: [ATTFirewallChk] C:\WINNT\NFW-REG01.EXE
NFW-REG01.EXE is from the Pitney Bowes firewall app. See remarks from user.
http://spywareinfoforum.com/index.php?act=ST&f=18&t=52441
Windows ALL; discovered by nasdaq

(L) O4 - HKLM\..\Run: [BLINK2CC] C:\WINDOWS\twain_32\SiPix\SCBLINK2\BLINK2CC.exe
Related to SiPix Digital camera.
http://www.sipixdigital.com/
Windows ALL; discovered by nasdaq

(X) O4 - HKLM\..\Run: [BrowserBrand] C:\Program Files\ONLINE~1\XTRA\brand.exe
On all logs checked on google this item is fixed.
Fix / Info: HijackThis
Windows ALL; discovered by nasdaq

(L) O4 - HKLM\..\Run: [ChrisTV Agent] "E:\Program Files\ChrisTV\ChrisTV_Agent.exe"
Associated with Chris P.C. srl.
http://www.chris-tv.com/
Windows ALL; discovered by nasdaq

(X) O4 - HKLM\..\Run: [Counter Strike: Source] CSS.exe
Backdoor.Lanfilt.B Allows its creator unauthorized access to a compromised computer.
Fix / Info: HJT and Virus removal programs.
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.lanfilt.b.html
Windows ALL; discovered by nasdaq

(L) O4 - HKLM\..\Run: [CpRmtKey] "C:\Program Files\TOSHIBA\Toshiba Controls\CpRmtKey.EXE"
Dritek Multimedia HotKey Program
http://www.superadblocker.com/C/CPRMTKEY.EXE-3764.html
Windows ALL; discovered by nasdaq

(U) O4 - HKLM\..\Run: [ExistFlag] o
Brothers Ind. Garmen printer.
http://www.siteadvisor.com/sites/brother-usa.com/downloads/32416171/
Windows ALL; discovered by nasdaq

This is a list of items that is designed to help with the analysis of HijackThis, DDS, OTL and FRST logs.
It is by no means exhaustive (in fact it is being added to all the time), and is intended to complement other legitimate online lists.