O20 HijackThis Entries

bleepingcomputer.com

Welcome Guest (Log In | Create Account)

New Member? Join for free.

BleepingComputer.com -> Startup Programs Database -> O20 HijackThis Entries

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Other

HJT: F0, F1, F2, F3 · O4 · O20 · O21 · O22 · O23

Rootkit List · Submit a Startup · Top Submitters

Startup Index · Newest Entries · Mozilla Search Tools · WebMaster Site Tools · Status Key
Startup Database Forum · How to use the Startup Database

Enter the filename or keyword you would like to search for:

Advanced Search

Pages: (6) 1 2 [3] 4 5 ... Last »

Name	Filename	Status	Description
winbjv32	winbjv32.dll	X	A variant of the Trojan.Win32.Agent.qt Trojan.
winbug32	winbug32.dll	X	A variant of the Trojan.Win32.Agent.qt Trojan.
AwayNotify	AwayNotify.dll	Y	Related to the AwayManager program. The Away Manager program is an autonomic feature that utilizes the unused computing power on your system to perform a variety of maintenance tasks.
mav-8551	idsAX.dll	?	Added by the Nike JogaTV service that allows you to send soccer videos to other people.
xdudtt	xdudtt.dll	X	A variant of the HaxDoor Trojan.
<not used>	rsvp322.dll	X	Added by the Troj/Riler-AA Trojan.
<not used>	perfc000.dat	X	Malware related to and installed with the rogue anti-spyware program called WinAntiSpyware 2006 or WinAntiSpyware 2007.
<not used>	perfsm.dat	X	Malware related to and installed with the rogue anti-spyware program called WinAntiSpyware 2006 or WinAntiSpyware 2007.
wsmsge	wsmsge.dll	X	A variant of the Goldun Trojan. This infection utilizes the mswsaf.sys rootkit to hide itself.
<not used>	r3hook.dll	Y	Related to Kaspersky Antivirus.
smcss	smcss.dll	X	Added by the Troj/SCLog-AJ Trojan Spyware.
iexplorer	iexplorer.dll	X	Added by the Troj/SCLog-AI Spyware Trojan.
bpk	bpk.dll	X	Added by the Troj/SCLog-AK Spyware Trojan.
msmsgs	msmsgs.dll	X	Added by the Troj/SCLog-AL Spyware Trojan.
HackMuFpt	HackMuFpt.dll	X	Added by the Troj/SCLog-AG spyware Trojan.
mnsvcsp	mnsvcsp.dll	X	Added by the Troj/SCLog-A Trojan.
A3dxq	a3dx8.dll	X	Added by the Troj/Xorpix-Z proxy Trojan.
botreg	bot.dll	X	Identified as the Trojan-Proxy.Win32.Xorpix.bc Trojan.
atixdbxx	atixdbxx.dll	X	A variant of the Goldun/Haxdoor Trojan.
<not used>	NTDLL32.dll	X	Unidentified malware.
<not used>	aclekern.dll	X	Identified as the I-Worm.Warezov.fh worm.
<not used>	perfc000.dat	X	Added by the Trojan.Perfcoo Trojan.
atixdaxx	atixdaxx.dll	X	A variant of the Goldun Trojan. This infection utilizes the atixdbxx.sys rootkit to hide itself.
crypta	cryptsa.dll	X	Identified as the Trojan-Downloader.Win32.Agent.btd Trojan.
mms400	mms400.dll	X	Added by the Troj/Conhook-AF Trojan.
<not used>	mprmdpnm.dll	X	Added by the W32/Stration-AP worm.
<not used>	trafracp.dll	X	Added by the W32.Stration.IZ@mm worm. W32.Stration.IZ@mm is a worm that spreads by emailing itself to other computers. It also drops and downloads other variants in the W32.Stration@mm family of worms.
atiddaxx	atiddaxx.dll	X	Added by a variant of the Haxdoor Trojan. This infection also uses the atiddbxx.sys rootkit to hide itself.
linkerreg	linker.dll	X	Identified as Trojan-Proxy.Win32.Xorpix.ar.
dpl1npwm	dpl1npwm.dll	X	Added by the W32/Stration-NZ worm.
wudb	wudb.dll	X	Identified as Trojan.Downloader.Agent.BFO.
gdowxp	gdowxp.dll	X	A variant of the Troj/Haxdor-Fam Trojan. This infection utilizes the gdow2k.sys rootkit to hide itself.
gatwxkey	gatwxkey.dll	X	A variant of the Troj/Haxdor-Fam Trojan.
vxtnav	vxtnav.dll	X	A variant of the Troj/Haxdor-Fam Trojan. This infection utilizes the ramvxt.sys rootkit to hide itself.
waxw2k	waxw2k.dll	X	A variant of the Troj/Haxdor-Fam Trojan.
winprint	winprint.dll	X	A variant of the Troj/Haxdor-Fam Trojan. This infection utilizes the eps32sys.sys rootkit to hide itself.
OneCard	AsWlnPkg.dll	Y	Security authentication software from Cognizance Corporation.
linksrv0	linksrv0.dll	X	A variant of the Troj/Haxdor-Fam Trojan. This infection utilizes the linksrvd.sys rootkit to hide itself.
wsmsag	wsmsag.dll	X	A variant of the Troj/Haxdor-Fam Trojan. This infection utilizes the mswsaf.sys and the mswsag.sys rootkits to hide itself.
drtw3a	drtw3a.dll	X	Added by the Troj/Haxdoor-DO Trojan. This infection utilizes the NvVid.sys and drtw6a.sys rootkits to hide itself.
<not used>	htmlythyt.dll	X	Added by the Troj/Goldun-FS Trojan.
<not used>	hmlscr.dll	X	Added by the Troj/Bckdr-QIB backdoor Trojan.
<not used>	jpgstat.dll	X	Added by the W32/Stration-AN mass-mailing worm.
<not used>	confjpg.dll	X	Added by the W32/Stration-AN mass-mailing worm.
rainit	RAinit.dll	Y	Associated with Remotely Anywhere.
LOGDFI	LOGDFI.dll	X	Added by the Troj/BHO-BM Trojan.
winzoa32	winzoa32.dll	X	Identified as a Virtumonde related file.
igfxcui	igfxsrvc.dll	Y	Installed with video drivers for video cards that use Intel chipsets.
BITS	admpasr.dll	X	Added by the Troj/QQ-A spyware Trojan.
EFS	sclgntfy.dll	Y	Related to the Microsoft Service called Secondary Login Service Notification.
dimsntfy	dimsntfy.dll	Y	Microsoft file related to credential roaming. Found in Windows 2003 and Windows XP SP3.
PCANotify	PCANotify.dll	Y	Related to Symantec PcAnywhere.
!SASWinLogon	SASWINLO.dll	Y	Related to the SuperAntiSpyware anti-spyware program.
p4reg	p432.dll	X	Unknown malware.
termserv	odbcct32.dll	X	Added by the Troj/Agent-ENG Trojan.
<not used>	trkwvga2.dll	X	Added by the WORM_WAREZOV.AP worm. This memory-resident worm may arrive on a system via Skype, the instant messaging application that uses Voice over Internet Protocol (VoIP).
<not used>	oebdfc.dll	X	Added by the WORM_STRATION.EV worm.
xpspqdvd	xpspqdvd.dll	X	Identified by Kaspersky Antivirus as Email-Worm.Win32.Warezov.lk.
qhdtvv	qhdtvv.dll	X	Added by the Troj/Goldun-FI Trojan. This infection utilizes the ssipod1.sys rootkit to hide itself.
WgaLogon	WgaLogon.dll	Y	This file is a legitimate Windows oeprating system file. It used as part of Windows Genuine Advantage and alerts when you are using an unvalidated Microsoft product.
rlx51dom	rlx51dom.dll	X	Added by the Troj/Haxdor-Fam. This infection utilizes the rlx66dob.sys rootkit to hide itself.
wmstream32	wmstream32.dll	X	Added by the Troj/PWS-AHX password-stealing Trojan.
mljkhhh	mljkhhh.dll	X	Added by the Troj/Virtum-AH Trojan.
qomjkih	qomjkih.dll	X	Added by the Troj/Virtum-V Trojan.
<not used>	nv4_icm3.dll	X	Added by the W32/Stration@MM mass-mailing worm.
flballoon	flwzx.dll	X	Added by the Troj/Agent-ECK Trojan.
msupdate	soemuav.dll	X	Added by the Troj/Dloadr-ASQ Trojan.
<not used>	kernel32.sys	X	Added by the W32/SillyFDC-N worm. W32/SillyFDC-N spreads through removeable storage devices, including floppy drives and USB keys. The worm attempts to create a hidden file Autorun.inf on the removeable drive and copy itself to the removeable drive with the filename autorun.exe
mi5035a0	mi5035a0.dll	X	A variant of the Troj/Haxdor backdoor Trojan. This infection utilizes the mi5035a5.sys rootkit to hide itself.
xmm13g	xmm13g.dll	X	Added by the Troj/Haxdoor-DM backdoor Trojan. This infection utilizes the mmx19g.sys rootkit to hide itself.
eetvpn	eetvpn.dll	X	Added by the Troj/Haxdoor-DL trojan. This infection utilizes the eexvpn.sys rootkit to hide itself.
utgrbe	utgrbe.dll	X	Added by the Troj/Haxdoor-DJ backdoor Trojan. This infection is hidden by the ufgrbe.sys rootkit.
<not used>	audstat.dll	X	Added by the W32/Stration-CJ worm.
<not used>	confaud.dll	X	Added by the W32/Stration-CJ worm.
wartamll	wartamll.dll	X	Added by a variant of the Haxdoor Trojan family. This infection utilizes the wartamd.sys rootkit to hide itself.
rpcc	rpcc.dll	X	Added by the Troj/Spabot-O spamming Trojan. This infection should not be confused with the legitimate C:\Windows\System32\rpcss.dll file.
<not used>	ldcore.dll	X	Added by the Troj/Dloadr-AQG Trojan.
brwmgr	brwmgr32.dll	X	Added by the W32/Stration-CD mass-mailing worm.
<not used>	vnetsmme.dll	X	Added by the WORM_STRAT.GT worm.
msnsxole	msnsxole.dll	X	Added by the WORM_STRAT.GT worm.
winool32	winool32.dll	X	Added by the Troj/Nebuler-N Trojan.
xcttgs	xcttgs.dll	X	Added by a variant of the Haxdoor Trojan family. This infection utilizes the xcttgm.sys rootkit to hide itself.
winluj32	winluj32.dll	X	Added by the Troj/Nebuler-L Trojan.
<not used>	brwstat.dll	X	Added by the W32/Stratio-BN worm.
<not used>	confbrw.dll	X	Added by the W32/Stratio-BN worm.
rege2usb	rege2usb.dll	X	Added by a variant of the Goldun.Fam Trojan. This infection utilizes the regepsrvc.sys rootkit to stealth itself.
<not used>	icmpdx3j.dll	X	Added by the WORM_STRAT.EQ mass-mailing worm. C:\Windows\System32\E1.dll should also be deleted as it is part of this infection.
<not used>	icmpdx3j.dll	X	Added by the W32/Stratio-BG worm. E1.dll should be removed as well.
jgsdrpcn	jgsdrpcn.dll	X	Added by the W32/Stratio-BH worm.
slbcmqad	slbcmqad.dll	X	Added by the W32/Stratio-BP worm.
audmgr	audmgr32.dll	X	Added by the W32/Stratio-BW worm.
avldr	avldr.dll	Y	Part of Panda Antivirus.
attmgr	attmgr32.dll	X	Added by the W32/Stratio-BX worm.
psbamtxe	psbamtxe.dll	X	Added by the W32/Stratio-BT worm.
<not used>	w3sskbda.dll	X	Added by the W32/Stration-AG worm.
prtsks	prtsks.dll	X	Added by a variant of the Goldun.Fam Trojan. This infection also utilizes the prt21sks.sys rootkit to hide itself.
satad640	satad640.dll	X	Added by a variant of the Goldun.Fam Trojan. This infection also utilizes the satad645.sys rootkit to hide itself.
xkeyshl	xkeyshll.dll	X	New Goldun Trojan variant.
arprmdg0	arprmdg0.dll	X	Added by the Troj/Haxdoor-DI trojan. This infection utilizes the arprmdg5.sys rootkit to hide itself.
winsys2freg	winsys2freg.dll	X	Added by the Troj/Xorpix-X proxy Trojan.

Pages: (6) 1 2 [3] 4 5 ... Last »

Disclaimer

It is assumed that users are familiar with the operating system they are using and comfortable with making the suggested changes. BleepingComputer.com will not be held responsible if changes you make cause a system failure.

This is NOT a list of tasks/processes taken from Task Manager or the Close Program window (CTRL+ALT+DEL) but a list of startup applications, although you will find some of them listed via this method. Pressing CTRL+ALT+DEL identifies programs that are currently running - not necessarily at startup. Therefore, before ending a task/process via CTRL+ALT+DEL just because it has an "X" recommendation, please check whether it's in MSCONFIG or the registry first. An example would be "svchost.exe" - which doesn't appear in either under normal conditions but does via CTRL+ALT+DEL. If in doubt, don't do anything.