View MDO database (O4)
Showing entries 126 to 150 of 167.
Go directly to page: 1 2 3 4 5 6 7
(L) O4 - HKLM\..\RunOnce: [SpyFlush] C:\PROGRAM FILES\SPYFLUSH\SPYFLUSH.exe Related to Newmitech. Spyware removal tool. http://www.spyflush.com/ Windows ALL; discovered by Nasdaq |
(L) O4 - HKLM\..\RunOnce: [SSCTL] C:\Program Files\SurfSecret\IC.exe SurfSecret Privacy Protector http://www.surfsecret.com/ Windows ALL; discovered by nasdaq |
(X) O4 - HKLM\..\RunOnce: [wextract_cleanup0] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 PUP.Optional.AppMaster.TskLnk - Adware Fix / Info: Malwarebytes https://forums.malwarebytes.com/topic/238070-removal-instructions-for-absoluteconverter/ Windows ALL; discovered by nasdaq |
(X) O4 - HKLM\..\RunServices: [Counter Strike: Source] CSS.exe Backdoor.Lanfilt.B Allows its creator unauthorized access to a compromised computer. Fix / Info: HJT and Virus removal programs. http://securityresponse.symantec.com/avcenter/venc/data/backdoor.lanfilt.b.html Windows ALL; discovered by nasdaq |
(X) O4 - HKLM\..\RunServices: [D3GI32.EXE] C:\WINDOWS\D3GI32.EXE CWS Fix / Info: HJT, CWShredder tool. Windows ALL; discovered by nasdaq |
(X) O4 - HKLM\..\RunServices: [VID INTERNET WEB DRIVERS FOR WIN32] phqghu.exe Trojan.phqghu Fix / Info: HijackThis - Trojan/Virus removal tools http://research.sunbelt-software.com/threat_display.cfm?name=Trojan.phqghu&threatid=40240 Windows ALL; discovered by nasdaq |
(X) O4 - HKLM\..\RunServices: [Wireless Conections] WireConnect.exe WORM_SDBOT.AQS This memory-resident worm spreads by dropping copies of itself in certain network shares. Fix / Info: HJT and Virus/trojan removal programs. http://www.trendmicro-middleeast.com/smb/security_info/ve_detail.php?id=85735&VName=WORM_SDBOT.AQS&VSect=O Windows ALL; discovered by nasdaq |
(L) O4 - Startup: AutoFSB.lnk = C:\Program Files\8rdavcore\8rdavcore.exe Master Board Monitoring software. http://www.hasw.net/ Windows ALL; discovered by nasdaq |
(L) O4 - Startup: BBCTicker.lnk = C:\Program Files\BBC Ticker\BBCTicker.exe BBC News Ticker http://www.bbc.co.uk/newsline/index.shtml Windows ALL; discovered by Andy Veal |
(U) O4 - Startup: BWMeter.lnk = C:\Program Files\BWMeter\BWMeter.exe BW Meter is an internet and connection bandwidth meter that logs your internet traffic and bandwidth usage. http://www.windowsstartup.com/wso/detail.php?id=4149 Windows ALL; discovered by nasdaq |
(N) O4 - Startup: C:\Documents and Settings\NINA\Start Menu\Programs\Startup\PowerReg Scheduler.exe () PowerReg SchedulerV2 not required at startup http://www.file.net/process/powerreg%20schedulerv2.exe.html Windows ALL; discovered by nasdaq |
(X) O4 - startup: csrss.lnk = ? Added by the W32.Chod.D malware. The \wfxcom\ folder is a random filename. Fix / Info: Use the tool/fix found at the link below. http://spywareinfoforum.com/index.php?act=ST&f=6&t=67187 Windows ALL; discovered by nasdaq |
(L) O4 - Startup: CVFTPD~A.lnk = D:\cvftpDashFormat.exe Related to Gateway Ticketing Systems, Inc. http://www.gatewayticketing.com/ Windows 2K; discovered by nasdaq |
(L) O4 - Startup: D-link AirPlus G DWL-G120 Wireless USB.lnk = C:\Program Files\D-link AirPlus G DWL-G120 Wireless USB\120UTIL.exe Related to D-Link Systems, Inc. http://www.dlink.com/ Windows ALL; discovered by nasdaq |
(L) O4 - Startup: D-Link Media Server.lnk = C:\Program Files\D-Link Media Server\MediaGUI.exe D-Link Media server. Allows access to your media files on your network. Fix / Info: NA Ref: http://www.greatis.com/appdata/a/m/mediagui.exe.htm 10Feb07 Windows ALL; discovered by Basementgeek |
(L) O4 - Startup: Desktop Application Director 9.LNK = D:\Corel\WordPerfect Office 2000\programs\dad9.exe Part of the WordPerfect Office 2000 software suite. http://www.superadblocker.com/D/DAD9.EXE-2095.html Windows ALL; discovered by nasdaq |
(X) O4 - Startup: DLHelperEXE.exe Downloader for Microgaming/Casino software - stealth installed Fix / Info: HijackThis - Trojan/Virus removal tools http://castlecops.com/startuplist-967.html Windows ALL; discovered by nasdaq |
(L) O4 - Startup: FaxTalk Communicator.lnk = C:\Program Files\FaxTalk Communicator\FTMain32.exe Related to Thought Communications http://www.faxtalk.com/ Windows ALL; discovered by Nasdaq |
(L) O4 - Startup: Fujitsu Quick Touch.lnk = C:\Program Files\Fujitsu\Fujitsu Quick Touch\AUVCore.exe Required and set by the application Windows ALL; discovered by nasdaq |
(L) O4 - Startup: IMsecure.lnk = F:\Program Files\Utilities\Zone Labs\IMsecure\IMsecure.exe Related to Zone Labs. ZoneAlarm Firewall. http://www.zonelabs.com/store/content/home.jsp Windows ALL; discovered by nasdaq |
(X) O4 - Startup: microsoftupdater.exe Unknown Malware. Fix / Info: HijackThis Windows ALL; discovered by nasdaq |
(X) O4 - Startup: MS_update_0610_KB72306.exe Added by a variant of the Rbot familly of trojan. Fix / Info: Use Andy manchesta's SDFix tool http://spywareinfoforum.com/index.php?act=ST&f=37&t=81454 Windows ALL; discovered by nasdaq |
(X) O4 - Startup: MY_C4D.jpg Added by a variant of the Rbot familly of trojan. Fix / Info: Use Andy manchesta's SDFix tool http://spywareinfoforum.com/index.php?act=ST&f=37&t=81454 Windows ALL; discovered by nasdaq |
(L) O4 - Startup: NYKO Gamepad Mapping Tools.lnk = C:\Program Files\NYKO\Gamepad Mapping Tools\ngpmap.exe Related to NYKO Technologies, Inc. replicate mouse and keyboard actions on the controller making it compatible with every computer game http://www.nyko.com/ Windows ALL; discovered by nasdaq |
(U) O4 - Startup: Personal Notepad.lnk = E:\Program Files\Personal Notepad\PersonalNotepad.exe Utililty used by user - Personal NotePad http://www.melchart.com/ Windows ALL; discovered by nasdaq |
This is a list of items that is designed to help with the analysis of HijackThis, DDS, OTL and FRST logs.
It is by no means exhaustive (in fact it is being added to all the time), and is intended
to complement other legitimate online lists.