View MDO database (ALL)
Showing entries 18226 to 18250 of 18323.
Go directly to page: 1 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733
(X) x64-IFEO: bpsvc.exe - tasklist.exe Reportedly bundled with third party software and installed without notice. http://www.systemlookup.com/search.php?type=filename&client=malwaresearch-chrome&search=bpsvc.exe Windows ALL; discovered by Nasdaq |
(X) x64-IFEO: browserdefender.exe - tasklist.exe Win32/bProtector.A http://www.systemlookup.com/search.php?type=filename&client=malwaresearch-chrome&search=browserdefender.exe Windows ALL; discovered by Nasdaq |
(X) x64-IFEO: browserprotect.exe - tasklist.exe Added without your concent by Babylon or Claro. http://www.systemlookup.com/search.php?type=filename&client=malwaresearch-chrome&search=browserprotect.exe Windows ALL; discovered by Nasdaq |
(L) x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe Microsoft Internet Explorer http://www.systemlookup.com/ActiveSetup/314-ieudinit_exe.html Windows ALL; discovered by Nasdaq |
(L) x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall Themes Setup Themes Setup Windows ALL; discovered by Nasdaq |
(L) x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U Windows Desktop Update http://www.systemlookup.com/ActiveSetup/404-regsvr32_exe_s_n_i_U_shell32_dll.html Windows ALL; discovered by Nasdaq |
(U) x64-mDefault_Page_URL = hxxp://acer.msn.com Set by user. Windows ALL; discovered by nasdaq |
(Q) x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 Content Indexer service http://support.microsoft.com/kb/947265 Windows ALL; discovered by nasdaq |
(Q) x64-mPolicies-Explorer: DisableCurrentUserRun = dword:0 The function of this restriction is to disable the ability to run startup programs specified in the registry when Windows launches. 0 = enable run http://www.antalyatasarim.com/registry/sources/detail-876.htm Windows ALL; discovered by Nasdaq |
(Q) x64-mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0 The function of this restriction is to disable the ability to run startup programs specified in the registry when Windows launches. 0 = enable run http://www.antalyatasarim.com/registry/sources/detail-876.htm Windows ALL; discovered by Nasdaq |
(Q) x64-mPolicies-Explorer: DisableLocalMachineRun = dword:0 The function of this restriction is to disable the ability to run startup programs specified in the registry when Windows launches. 0 = enable run http://www.antalyatasarim.com/registry/sources/detail-876.htm Windows ALL; discovered by Nasdaq |
(Q) x64-mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0 The function of this restriction is to disable the ability to run startup programs specified in the registry when Windows launches. 0 = enable run http://www.antalyatasarim.com/registry/sources/detail-876.htm Windows ALL; discovered by Nasdaq |
(Q) x64-mPolicies-Explorer: EnableShellExecuteHooks = dword:1 May be set by a FBI Ransomware Infection Virus Registry Entries that should be removed. Check this out also : https://github.com/LRN/mimerun http://www.expertsupportnow.com/self-help-adware-and-spyware-removal/ Windows ALL; discovered by Nasdaq |
(Q) x64-mPolicies-Explorer: ForceActiveDesktopOn = dword:0 Add this setting to the registry to stop unauthorized users from locking machines from the Windows Security dialog box. Value Data: (0 = disabled, 1 = enabled) http://www.pctools.com/guides/registry/detail/264/ Windows ALL; discovered by nasdaq |
(Q) x64-mPolicies-Explorer: HideClock = dword:0 The function of this setting is to remove the clock from the system tray on the taskbar. 0 = Show Clock http://www.pc1news.com/hiding-the-taskbar-clock-970.html Windows ALL; discovered by Nasdaq |
(L) x64-mPolicies-Explorer: NoActiveDesktop = dword:1 Prevents change to active desktop settings http://www.liutilities.com/products/registrybooster/tweaklibrary/tweaks/10015/ Windows ALL; discovered by Nasdaq |
(Q) x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1 Restrict Changes to Active Desktop Settings http://www.pctools.com/guides/registry/detail/541 Windows ALL; discovered by nasdaq |
(Q) x64-mPolicies-Explorer: NoDevMgrUpdate = dword:0 Default value. http://www.pctools.com/guides/registry/detail/1217/ Windows ALL; discovered by Nasdaq |
(Q) x64-mPolicies-Explorer: NoDFSTab = dword:0 Sets the Distributed File System Tab. http://www.pctools.com/guides/registry/detail/1095 Windows ALL; discovered by Nasdaq |
(Q) x64-mPolicies-Explorer: NoDriveAutoRun = dword:67108863 Using Group Policy Objects to hide specified drives. May have been set by an Administrator. Hides all drives http://support.microsoft.com/kb/231289 Windows ALL; discovered by nasdaq |
(Q) x64-mPolicies-Explorer: NoDrives = dword:0 All drives appear in Windows explorer. http://technet.microsoft.com/en-us/library/cc938267.aspx Windows ALL; discovered by nasdaq |
(Q) x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:0 Disable = 0 May have been set by an administrator. http://www.computerperformance.co.uk/windows7/windows7_autoplay.htm Windows ALL; discovered by Nasdaq |
(Q) x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:16 You calculate the figure by summing: the hex values http://www.computerperformance.co.uk/windows7/windows7_autoplay.htm Windows ALL; discovered by Nasdaq |
(Q) x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:181 You calculate the figure by summing the hex values http://www.computerperformance.co.uk/windows7/windows7_autoplay.htm Windows ALL; discovered by Nasdaq |
(Q) x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:181 You calculate the figure by summing: the hex values http://www.computerperformance.co.uk/windows7/windows7_autoplay.htm Windows ALL; discovered by Nasdaq |
This is a list of items that is designed to help with the analysis of HijackThis, DDS, OTL and FRST logs.
It is by no means exhaustive (in fact it is being added to all the time), and is intended
to complement other legitimate online lists.