Archived from groups: microsoft.public.windowsxp.newusers (More info?) I'm running WindowsXP Pro-SP2 on a system with a new hard dri.Windows startup programs - Database search. If you're frustrated with the time it takes your Windows 8/7/Vista/XP PC to boot and then it seems to be running slowly you may have too. Page 1 of 2 - [Resolved] Help I think i have a virus - posted in Malicious Code: Viruses, Trojans, Spyware and Browser HiJacking: Hi, the only way I was able to get. Avalara's Founders Scott McFarlane, Rory Rawlings, Jared Vogt Avalara's Founders Scott McFarlane, Rory Rawlings, Jared Vogt Avalara's Founders Scott McFarl. Slt, je suis Sam et j'ai attrappé un virus de type Trojan.Agent.CS. Il s'est logé ds Windows/MsAgent/winanti.dll et je n'arrive pas à le supprimer. Pourtant Bit. FirstClass is a client/server groupware, email, online conferencing, voice/fax services, and bulletin-board system for Windows, Macintosh, and Linux. This is the original. Services are not included - see below. For further information on this and how to identify and disable. Introduction page. See here for further information on random entries - which are typically added by viruses and other. Last database update : - 2. February, 2. 01. 64. You can search for any of the following terms to find and display entries in the start- up programs database but the minimum search is 3. Search" button. Results are sorted by the Startup Item/Name field. From Windows 8 Task Manager (CTRL+SHIFT+ESC → Startup): Name, Command (Note - right- click on any column heading and ensure "Command" is ticked)From MSConfig (Start → Run → msconfig → Startup): Startup Item, Command. From Registry Editor (Start → Run → regedit): Name, Data. From Sys. Internals free Auto. Runs utility: Auto. Run Entry, Filename from "Image Path"From Windows Defender for XP/Vista (Tools → Software Explorer): Display Name, Filename. O4 entries from Hijack. This or similar logging utilities: Text highlighted here - [this text] or here - "Startup: this text. Filename. Any other text. Alternatively, you can browse the full database (without the search facility) over a number of pages or. Command/Data field, but the results may. A | B | C | D | E | F | G | H | I | J | K | L | B | N | O | P | Q | R | S | T | U | V | W | X | Y | ZNOTE: Searching for common words (i. Please click on the Search button. CStartup Item or Name. Status. Command or Data. Description. Tested(Default)Xc ofor Rin logr. Detected by Microsoft as Trojan. Spy: MSIL/Smets. gen! B and by Malwarebytes Anti- Malware as Trojan. Keylogger. Note - this malware actually changes the value data of the "(Default)" key in HKCU\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blank and the file is located in %System%No. Windows Defender. XC++. exe. Detected by Malwarebytes Anti- Malware as Trojan. Agent. Gen. The file is located in %App. Data%Noautoauto. Xc. Detected by Malwarebytes Anti- Malware as Trojan. Agent. BT. The file is located in %System% - see here. No. 0Xc. exe. Detected by Malwarebytes Anti- Malware as Trojan. Agent. DGGen. The file is located in %Common. App. Data%\Microsoft\Windows\Start Menu (8/7/Vista) or %All. Users. Profile%\Start Menu (XP)No. Windows. Update. XC. Detected by Malwarebytes Anti- Malware as Backdoor. IRCBot. Gen. The file is located in %User. Profile%\NGTMDNoc. Xc. vbs. Detected by Intel Security/Mc. Afee as RDN/Generic. Malwarebytes Anti- Malware as Trojan. Script. Note - the file is located in %User. Startup% and its presence there ensures it runs when Windows starts. No. C0. 10. 0Mon. C0. 10. 0Mon. exe. Live! Cam Console Auto Launcher for the Creative Live! Cam range of webcams. Launches the camera console when using video messaging for example? No. C0. NIMEXC0. NIME. Detected by Dr. Web as Trojan. PWS. Qqpass. 8. 52. Malwarebytes Anti- Malware as Trojan. Agent. Note the number "0" in both the name and filename. Noc. 0nime. exe. Xc. Detected by Dr. Web as Trojan. Down. Loader. 5. 3. Note the number "0" in both the name and filename. Noh. 1b. 8Xc. 20t. Detected by Kaspersky as Virus. Win. 32. Virut. ce. The file is located in %Temp%No. C2. 9. exe. XC2. 9. Added by the AGENT- UAJ TROJAN! No. C2. CMonitor. NC2. CMonitor. exe. Click to Convert from Inzone Software Limited - a PDF and HTML document converter for Windows documents. No. C2. C_Skype. exe. XC2. C_Skype. exe. Detected by Malwarebytes Anti- Malware as Trojan. Agent. Note - the file is located in %User. Startup% and its presence there ensures it runs when Windows starts. No. C2. CSkype. XC2. C_Skype. exe. Detected by Malwarebytes Anti- Malware as Backdoor. Agent. E. The file is located in %App. Data%\Microsoft. Noc. Uc. 32cs. 2. exe. Older version of Cyber. Sentinel parental control software. No. CS3. 2Uc. 32cs. Older version of Cyber. Sentinel parental control software. Noc. 7ster. 32. Xc. Detected by Dr. Web as Trojan. Down. Loader. 12. Malwarebytes Anti- Malware as Trojan. Agent. CSNo. Remote Control. UC7. XRCtl. exe. Remote control support for TV tuner cards from KWorld Multimedia/XTREME Multimedia based upon the Brooktree Bt. Conexant Fusion Bt. A PCI video decoder. No. TV Remote Control. UC7. XRCtl. exe. Remote control support for TV tuner cards from V- Stream Multimedia/Jetway/Mentor/MTEK based upon the Brooktree Bt. Conexant Fusion Bt. A PCI video decoder. No. TV Uzaktan KumandasıUC7. XRCtl. exe. Remote control support for TV tuner cards from INCA Multimedia based upon the Brooktree Bt. Conexant Fusion Bt. A PCI video decoder. Turkish. No. TV8. Remote Control. UC7. XRCtl. exe. Remote control support for TV tuner cards from V- Stream Multimedia based upon the Brooktree Bt. Conexant Fusion Bt. A PCI video decoder. No. Atheros. Md. Srv. Update. Xc. 9fiq. Detected by Malwarebytes Anti- Malware as Trojan. Banker. The file is located in %Local. App. Data%\Atheros. Noc. 9mgr. Xc. 9mgr. Detected by Kaspersky as Trojan- Downloader. Win. 32. Agent. tgzg. Noc. Xc: \archiv~1\win. Added by the CUYDOC TROJAN! No. EZ Firewall. Yca. EZ Firewall - part of the e. Trust range of security products formerly available from CA but now discontinued. Available as a stand- alone product or as part of the EZ Armor suite. No. Zone Labs Client. Yca. exe. Earlier version of EZ Firewall (based upon a rebranded version of Zone. Alarm Pro) - part of the e. Trust range of security products formerly available from CA but now discontinued. Available as a stand- alone product or as part of the EZ Armor suite. Nocaaspydelayedscan. YCAAnti. Spyware. Part of CA Anti- Spyware until 2. Runs a delayed scan on the first boot after installation before exiting. Yes. Ca. PPcl. UCAAnti. Spyware. exe. Part of CA Anti- Spyware (either as a stand- alone product or as part of a suite). Runs a scan for spyware on startup. No. Microsoft Cab Manager. Xcab. exe. Detected by Sophos as Troj/Delf- JJNocababaafcad. Xcababaafcad. exe. Detected by Sophos as Troj/Agent- AAVL and by Malwarebytes Anti- Malware as Trojan. Agent. FSENo. Micro. Update. Xcaballito. Detected by Intel Security/Mc. Afee as Generic Downloader. Malwarebytes Anti- Malware as Backdoor. Agent. DCNocabcbfdbeffbfcgfdgfdgdfg. Xcabcbfdbeffbfcgfdgfdgdfg. Detected by Intel Security/Mc. Afee as RDN/Generic PWS. Malwarebytes Anti- Malware as Trojan. Agent. RNDNo. Cabchk. XCabchk. exe. Detected by Symantec as Trojan. Gema. No. Cabchk. XCabchk. 32. exe. Detected by Symantec as Trojan. Gema. No. CABCInstall. XCABCInstall. exe. Ignite Technologies (was CABC) content delivery software. No. Internet_Speedup. XCable Accelerator. Added by the SPEEDUP- A WORM! No[1. 2 random characters]Xcabview. Ie. Driver adware variant. Nocacaoweb. Ncacaoweb. Cacaoweb is a free plugin to watch, share and host videos and files online with no limits"No. DSAcass. Xcacasp. Added by the SDBOT. AEL WORM! No. Automatic Media Update. XCACHE. RVDAdded by an unidentified WORM/TROJAN! Nodnscache. Xcache. Detected by Malwarebytes Anti- Malware as Backdoor. Agent. HKP. The file is located in %App. Data%\navigate - see here. No. HKCUXcache. 1. Detected by Malwarebytes Anti- Malware as Backdoor. HMCPol. Gen. The file is located in %App. Data%\navigate - see here. No. HKLMXcache. 1. Detected by Malwarebytes Anti- Malware as Backdoor. HMCPol. Gen. The file is located in %App. Data%\navigate - see here. Noload. Xcache. 1. Detected by Malwarebytes Anti- Malware as Backdoor. Agent. HKP. Note - this entry modifies the legitimate HKCU\Software\Microsoft\Windows NT\Current. Version\Windows "load" value data to include the file "cache. App. Data%\navigate) and also adds an illegal HKCU\Software\Microsoft\Windows NT\Current. Version\Windows "load" entry pointing to the same file, see here. No. Shell. Xcacheexpress. Detected by Malwarebytes Anti- Malware as Hijack. Shell. A. Gen. Note - this entry adds an illegal HKCU\Software\Microsoft\Windows NT\Current. Version\Winlogon "Shell" entry. The value data points to "cacheexpress. User. Temp%\cacheexpress)No. Cacheman. NCacheman. Freeware disk cache tweaker from Outer Technologies. Should only be run once and not loaded at start- up. No. Cache. Mgr. YCache. Mgr. exe. Part of the Remote Update utility for older versions of Sophos antivirus products which provided an easy way for remote workers to keep up to date with their virus protection via a website or network connection provided by their employer. Runs as a service on an NT based OS (such as Windows 8/7/Vista/XP)No. Stub. Path. Xcachemgr. Detected by Microsoft as Backdoor: Win. Bifrose. IQNo. Systeme. Xcachereg. exe. Detected by Dr. Web as Trojan. Siggen. Malwarebytes Anti- Malware as Backdoor. Agent. STMGen. No. Cache. Sentry Pro. UCache. Sentry Pro. Cache. Sentry Pro by Enigmatic. Software - "is a program that takes over the management of the Internet Explorer (and AOL) web browser cache." No longer supported. No. CACStarter. Ncacstart. Cash A Check - check writing software. Nocom. codeode. cactusspamfilter. Ucactusspamfilter. Cactus Spam - free easy- to- use spam blocker. No. Cad Components. XCad Components. exe. Detected by Dr. Web as Win. HLLW. Phorpiex. 1. Malwarebytes Anti- Malware as Backdoor. Agent. DCNo. CADSUcads. Older version of Cyber. Sentinel parental control software. Nocadzagxusdef. Xcadzagxusdef. Detected by Intel Security/Mc. Afee as RDN/Generic Back. Door! rf and by Malwarebytes Anti- Malware as Trojan. Agent. USNo. Adobe CSS5. Manager. Xcaeaadbdabfedeaad. Detected by Malwarebytes Anti- Malware as Riskware. Exit. The file is located in %Local. App. Data%\{GUID}Nocaeaadbdabfedeaad. Xcaeaadbdabfedeaad. Detected by Malwarebytes Anti- Malware as Riskware. Exit. The file is located in %Local. App. Data%\{GUID}Nocaeaadbdabfedeac. Xcaeaadbdabfedeac. Detected by Malwarebytes Anti- Malware as Trojan. Winlock. The file is located in %Common. App. Data%Nocaeaadbdabfedeagfdgfdgdfg. Xcaeaadbdabfedeagfdgfdgdfg. Detected by Malwarebytes Anti- Malware as Backdoor. Bot. The file is located in %Common. App. Data%Noca. 40.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
September 2016
Categories |