19th March, 2006
New items - 218
- [blank] - X - svchost.exe
-
456655 - X - explorer.exe
-
(default) - X - rundll32.exe [path] Zykheptd.dll
-
*Windows [filename] Checker - X - [filename]
-
*WindowsAudio - X - systemupd.exe
-
.nvsvc - X - smss.exe
-
[3-4 random letters]Srv32 - X - [path to file]
-
[decimal number] - X - [path to worm]
-
[random character name] - X - [path to worm]
-
[trojan name] - X - svchost.exe
-
\SysInit - X - svchost.exe
-
Auto Update - X - svchost.exe
-
auto__antiav__key - X - antiav_exe.exe
-
AVStation premium - U - AVStation agent.exe
-
Biomenu - U - menusw.exe
-
Broadcom Wireless Manager UI - U - bcmntray.exe
-
Bron-Spizaetus - X - RakyatKelaparan.exe
-
Bron-Spizaetus-5118REPM - X - komodo-6321422.exe
-
Bron-Spizaetus-cfgmktoq - X - bbm-qotkmgfc.exe
-
Bron-Spizaetus-cfgmmnru - X - bbm-urnmmgfc.exe
-
BrowserUpdateSched - X - qwinnsap.exe
-
Ccao - X - regedit.exe
-
CGI Firewall Script - X - CGIAGENT.EXE
-
ClipSrv - X - CLIPBRD3D.EXE
-
command32 - X - command32.exe
-
Configuration Loader - X - IEXPLORE.EXE
-
Configuration Loader - X - svchost.exe
-
Console de Gerenciamento Microsoft - X - csrss.exe
-
ctfmon - X - msnmsgr.exe
-
ctfmon.exe - U - ctfmon.exe
-
cwcptray - U - cwcptray.exe
-
Debugger - X - explorer32dbg.exe
-
Debugger - X - iexplore_dbg.exe
-
DigiSrv - U - DigiSrv.exe
-
dKernel - X - dKernel.exe
-
dlmMgr - N - AdobeDownloadManager.exe
-
Domain Name Resolve Service - X - dnsresolver.exe
-
DriverModule - X - csrnvrt.exe
-
DropSpam Lifestyle - X - dslifestyle.exe
-
DsplObjects - X - windspl.exe
-
E06DXLRD_7604703 - U - EDICT.EXE
-
Entbloess 2 - U - Entbloess2.exe
-
e-Surveiller Station - X - estation.exe
-
explorer - X - explorer.exe
-
EXPLORER - X - EXPLORER.exe
-
explorer - X - explorer.exe
-
explorer.exe - X - explorer.exe
-
FilmLoop - U - FilmLoopService.exe
-
FirewallActivies - X - csrss.exe
-
F-Secure 2005 - X - svchost.exe
-
gimmygames - X - [path to trojan]
-
Hard drive Controller - X - hdcontroller.exe
-
hws - X - hws.exe
-
IDTemplates - X - IDTemplate.exe
-
IEXPLORE.EXE - X - [path to trojan]
-
IEXPLORE.EXE - X - goot.exe
-
Iexplorer - X - explorer.exe
-
intell321.exe - X - intell321.exe
-
Internat - X - [trojan filename]
-
internet - X - [trojan filename].exe
-
Internet Explorer Configuration - X - IEXPLORE.EXE
-
Internet Server - X - inetsrv.exe
-
ISBMgr.exe - U - ISBMgr.exe
-
JussDropUtility - U - JussDrop.exe
-
jxef1104 - X - jxef1104.exe
-
KernellApps32 - X - smss.exe
-
ksrlnhm - X - zxatgso.exe
-
lich - X - lich.exe
-
lk3h1 - X - [path to file]
-
Load Service - X - SvHost.exe
-
Local Authority Service - X - lsass.exe
-
login - X - [path to trojan]
-
Login - X - Login.exe
-
LsaManager - X - lsamgr.exe
-
Lsass - X - Lsass.exe
-
Lsass - X - Lsass.exe
-
MagicKeyboard - U - PreMKBD.exe
-
MDSA Sentinel X - X - smss.exe
-
Memory manager - X - himem32.exe
-
Microsoft - X - svchost.exe
-
Microsoft Internet Explorer - X - svchost.exe
-
Microsoft Office - X - microsoft.exe
-
Microsoft Word Profissional - X - csrss.exe
-
Microsoft Word Profissional - X - csrss.exe
-
mmemdrv - X - mmemdrv.exe
-
MoussaEvil - X - [path to file]
-
MovieM - X - lmovie.exe
-
MsAudio - X - explorer.exe
-
MsAudio - X - MsVM_STI.EXE RunDll32 cmicnfg.cpl, CMICtrlWnd
-
mspwr - U - PuXpMan2.exe
-
nano - X - svchost.exe
-
NC1565 - X - winntsrv -l -p10001 -d -e cmd.exe -L
-
Ndpldaemon - X - [path to trojan]
-
NoAdware4 - U - NoAdware4.exe
-
nternet Explorer - X - iexplore.exe
-
NvCpl32Deamon - X - nvcpl.exe
-
nvpatch - X - napatch.exe
-
nwisse - X - nwisse.exe
-
oe_drop_spam - X - oesrv.exe
-
oepsrv - U - oepsrv.exe
-
OPTMOUSEMOUSE - U - optmouse.exe
-
order_Shell - X - order_smey.exe
-
outlook - X - outlook.exe
-
PC Spy Keylogger - X - ToolKeylogger.exe
-
PDService.exe - U - pdservice.exe
-
PerfFont (Performance True Type Font) - X - perfont.exe
-
Performance - X - MyHeart.exe
-
Photoshop - X - svchost.exe
-
random - X - random.exe
-
recover.bmp.exe - X - Rundll.exe
-
RegEdit32 - X - RegEdit32.exe
-
Regmonitor - X - regmaping.exe
-
reseurce - X - svchost.exe
-
Runner - X - csrss.exe
-
Runner - X - lsass.exe
-
Runner - X - svchost.exe
-
Runtime Process - X - Csrss.exe
-
SDAutoLiveupdate - U - LiveUpdateSD.exe.exe
-
Second Copy 2000 - U - SecCopy.exe
-
SernellApp.pcx - X - csrss.exe
-
Service Host - X - svchost.exe
-
Service Host - X - svchost.exe
-
Service Process - X - smss.exe
-
Service Process - X - smss.exe
-
Service Process - X - svchost.exe
-
Services - X - svchost.exe
-
ServicesLoad - X - lsass.exe
-
Shedule Connection - X - arpo412.exe
-
Shell - X - svchost.exe
-
Shell32 - X - iexplore.exe
-
ShellRun32 - X - iexplore.exe
-
SiSRaid - U - SRaid.exe
-
smss - X - smss.exe
-
smss - X - smss.exe
-
SnoopFreeUI - U - SnoopFreeUI.exe
-
Socket Utility - X - socket.exe
-
Socket Utility - X - svchostz.exe
-
spoolsv - X - svchost.exe
-
SpyFighterMonitor - X - SpyFighter.exe
-
SpyFighterUpdate - X - AutoUpdate.exe
-
starter - X - iexplore.exe
-
startkey - X - CKOTS.exe
-
StartKey - X - pligde.exe
-
State Service - X - csrss.exe
-
Super X Desktop Version 3.4 - U - SXDesk.exe
-
SurfHelper - U - SurfHelp.exe
-
svchost - X - [path to explorer.exe]
-
svchost - X - rundll16.exe
-
Svchost - X - svchost.exe
-
svchost - X - svchost.exe
-
svchost - X - svchost.exe
-
svchost Netware Manager - X - svchost.exe
-
svchost.exe - X - [path to executeable]
-
svchost.exe - X - svchost.exe
-
SweetIM - N - SweetIM.exe
-
sysMett1 - X - explorer.exe
-
Sysqq - X - LSESS.exe
-
System Update - X - [path to trojan]
-
SystemGent - X - CVT.exe
-
SystemProcEvent - X - csrwnd.exe
-
T3Console - U - T3Console.exe
-
taskmgr - X - explorer.exe
-
TaskMrg - X - csrss.exe
-
Telnet - X - Telnet.exe
-
TheMonitor - X - [path to trojan]
-
tlntsvr - U - tlntsvr.exe
-
Tok-Cirrhatus-[4 random digits] - X - br[4 random digits]on.exe
-
Tok-Cirrhatus-1959 - X - br4941on.exe
-
Tok-Cirrhatus-1959sarc - X - sv711224030r.exe
-
Tok-Cirrhatus-2784 - X - br6591on.exe
-
Tok-Cirrhatus-2784 - X - smss.exe
-
TTrayp - N - VTtrayp.exe
-
TVTunerLib - U - TVTLInstTool.exe
-
UCmd - X - fallfour.exe
-
UnlockerAssistant - U - UnlockerAssistant.exe
-
Update - X - csrss.exe
-
Update - X - csrss.exe
-
Update - X - lsass.exe
-
Update - X - svchost.exe
-
upDpacketo - X - services.exe
-
VAIO Update 2 - U - VAIOUpdt.exe
-
VZRemoteCommander - U - AvRmtCtr.exe
-
wersds.exe - X - doriot.exe
-
windows - X - iexplore.exe
-
Windows - X - services.exe
-
Windows - X - smss.exe
-
windows - X - svchost.exe
-
Windows 2004 - X - csrss.exe
-
Windows Authority Service - X - lsass.exe
-
Windows Default Configuration - X - svchost.exe
-
Windows Defender - Y - MSASCui.exe
-
Windows IP Security - U - ipsec.exe
-
Windows Security Manager - X - svchost.exe
-
Windows Service Hosting - X - USERINIT.exe
-
Windows Services - X - iexplore.exe
-
Windows Stortup - X - svchost.exe
-
Windows System32 - X - explorer.exe
-
Windows_LowLevel_Security_Core - X - lsass.exe
-
WindowsAudio - X - systemupd.exe
-
WindowsDiskEvt - X - svcsvh32.exe
-
WindowsProtocolLog - X - lsadst.exe
-
Windowsupdate Service - X - csrss.exe
-
WinExec - X - Lsass.exe
-
WinFixer helper - X - wfxcwr.exe
-
WinFixer2006 - X - uwfx6.exe
-
Winlogon - X - lsass.exe
-
Winlogon - X - lsass.exe
-
WinMedia - X - [path to trojan]
-
winsockdriver - X - bot.exe
-
winsrv3 - X - services.exe
-
wintask32 - X - Jwintask.com
-
WinXP - X - csrss.exe
-
wpds.exe - X - wwnrot.exe
-
ws_d - X - ws32.exe
-
xp_system - X - services.exe
-
Ya Salam - X - NancyAjram.exe
-
ZincgrubInc - X - Lsass.exe
-
Zonealarm - X - iexplore.exe
Changed items - 85
- %FP%012-L2TP fts.exe (fts.exe) - Status (N) changed and description changed/updated
-
%FP%012-L2TP FWPortal.exe (FWPortal.exe) - Status (U) changed and description changed/updated
-
%FP%1776 Internet fts.exe (fts.exe) - Status (N) changed and description changed/updated
-
%FP%1776 Internet FWPortal.exe (FWPortal.exe) - Status (U) changed and description changed/updated
-
%FP%Barak013 fts.exe (fts.exe) - Status (N) changed and description changed/updated
-
%FP%Barak013 FWPortal.exe (FWPortal.exe) - Status (U) changed and description changed/updated
-
%FP%Friendly fts.exe (fts.exe) - Status (N) changed and description changed/updated
-
[random number] (explorer.exe) - Description changed/updated
-
_WinCheck (services.exe) - Description changed/updated
-
ABIT uGuru (uGuru.exe) - Description changed/updated
-
AdwareAlert (AdwareAlert.Exe) - Status (U) changed and description changed/updated
-
AlcxMonitor (Alcxmntr.exe) - Description changed/updated
-
Anti-Virus Update Scheduler ([path to trojan]) - Description changed/updated
-
ccreg (explorer.exe) - Description changed/updated
-
Disk Keeper ([path to trojan]) - Command and description changed
-
DNS ([worm filename]) - Command changed
-
EnsoniqMixer (starter.exe) - Hyperlink changed/updated
-
Explore (Explorer.exe) - Description changed/updated
-
Explorer lptt01 (explorer.exe) - Description changed/updated
-
Explorer ml097e (explorer.exe) - Description changed/updated
-
explorer.exe (explorer.exe) - Description changed/updated
-
golumm (services.exe) - Description changed/updated
-
IE configure (explorer.exe) - Description changed/updated
-
Kernel_check (wmiprvse.exe) - Description changed/updated
-
key2 (winlog.exe) - Description changed/updated
-
klp (explorer.exe) - Description changed/updated
-
load (explorer.exe) - Description changed/updated
-
Loadab1 (explorer.exe) - Description changed/updated
-
loadMecq0 (explorer.exe) - Description changed/updated
-
loadMect1 (explorer.exe) - Description changed/updated
-
MicroCQ0 (explorer.exe) - Description changed/updated
-
Microsoft Automatic Updater (Explorer.exe) - Description changed/updated
-
Microsoft Service (rundll.exe) - Description changed/updated
-
Microsoft Synchronization Manager (explorer.exe) - Description changed/updated
-
Microsoft Update 32 (explorer.exe) - Description changed/updated
-
MMB2 (explorer.exe) - Description changed/updated
-
MonitorSD (SDMonitor.exe.exe) - Status (U) changed and description changed/updated
-
MSIMN32 (MSIMN32.EXE) - Description changed/updated
-
MSOffice (services.exe) - Description and hyperlink changed/updated
-
NeroCheck (regedit.exe) - Description changed/updated
-
Network Service (svchost.exe) - Description changed/updated
-
NoAdware (NoAdware.exe) - Description changed/updated
-
NoAdware3 (NoAdware3.exe) - Description changed/updated
-
NvCpl (NvCpl.EXE) - Status (X) changed
-
print sharing ([path] hidden32.exe [path] explorer.exe) - Description changed/updated
-
Program in Windows (iexplore.exe) - Description changed/updated
-
Protected Storage (RUNDLL32.EXE MSSIGN30.DLL ondll_reg) - Description changed/updated
-
regedit (regedit.exe) - Description changed/updated
-
RunDll (rundll.exe) - Description changed/updated
-
RundllSvr (Rundll.exe) - Description changed/updated
-
SDAutoLiveupdate (LiveUpdateSD.exe.exe) - Status (U) changed and description changed/updated
-
shell (explorer.exe) - Description changed/updated
-
Shell (Explorer.exe sound_drive16.exe) - Description changed/updated
-
Shell (Explorer.exe, msmsgs.exe) - Description changed/updated
-
smsys (Explorer.exe) - Description changed/updated
-
Socket Utility (svchostz.exe) - Hyperlink changed/updated
-
SonyPowerCfg (SPMgr.exe) - Status (U) changed and description changed/updated
-
Sustem (explorer.exe) - Description changed/updated
-
SustemUpdate (explorer.exe) - Description changed/updated
-
svchost (svchost.exe) - Description changed/updated
-
Swchost (Swhost.exe) - Command changed
-
sys_Runtt1 (explorer.exe) - Description changed/updated
-
system (Explorer.exe) - Description changed/updated
-
system (outlook.exe) - Description changed/updated
-
System Update2 (explorer.exe) - Description changed/updated
-
Systemtra (Systra.exe) - Description changed/updated
-
SystemTraySD (SDSystemTray.exe) - Status (U) changed and description changed/updated
-
SystemTraySR (SRSystemTray.exe) - Status (U) changed and description changed/updated
-
TASKMGRU (TASKMGRU.EXE) - Description changed/updated
-
Tok-Cirrhatus (smss.exe) - Description and hyperlink changed/updated
-
VFW Encoder/Decoder Settings (RUNDLL32.exe MSSIGN30.DLL ondll_reg) - Description changed/updated
-
Windows (explorer.exe) - Description changed/updated
-
Windows (services.exe) - Description changed/updated
-
Windows Explorer ([filename].exe) - Description changed/updated
-
Windows Explorer (explorer.exe) - Description changed/updated
-
Windows Explorer (Lsas.exe) - Description changed/updated
-
Windows Services (Explorer.exe) - Description changed/updated
-
Windows32 (rundll.exe) - Description changed/updated
-
Windowz Update V2.0 (Explorer.exe) - Description changed/updated
-
WinINet (services.exe) - Description changed/updated
-
Winlogon Shell (Explorer.exe [path] svchost.exe) - Description changed/updated
-
WinUPD32 (explorer.exe) - Description changed/updated
-
winupdateconn_ (Explorer.EXE) - Description changed/updated
-
WksSVC (EXPLORER.exe) - Description changed/updated
-
ZIBMACC (rundll.exe ZIBMACC.INF) - Status (U) changed
Removed
- MCUpdateExe - X - mcagent.exe
- MPFExe - X - mcagent.exe
- VirusScan Online - X - mcagent.exe
- VSOCheckTask - X - mcagent.exe