Name Filename Status Description
Easy Protect NT Driver _epnt.sys X Added by the Spyware.Ezurl spyware.
MEAOI Service _meaoi.exe X Added by the W32/Tilebot-AM worm. When started, this infection connects to a remote IRC server where it waits for commands to execute. This infection also creates a Rootkit file in order to hide itself called %System%meaoi.sys.
sqlsrvd _sqlexec.exe X Possible new variant of W32.Spybot.NLX. This infection has root kit capabilities so it is possible you have further files that can not be seen.
MS SQL Server Moniter _sqlsrvd.exe X Possible new variant of W32.Spybot.NLX. This infection has root kit capabilities so it is possible you have further files that can not be seen.
Microsoft Inet Service _svchost.exe X Added by the Troj/Dwnldr-GYS Trojan. This infection should not be confused with the legitimate C:\Windows\System32\svchost.exe file.
Microsoft P2P Service _svchost.exe X Identified as a variant of the Troj/Dwnldr-GYS variant malware.
Microsoft I Service _svchost.exe X Identified as a variant of the Troj/Dwnldr-GYS malware.
Microsoft P2P2 Service _svchost.exe X Identified as a variant of the Troj/Dwnldr-GYS variant malware.
Microsoft PS Service _svchost.exe X Identified as a variant of the TrojanDownloader:Win32/Tipikit.A malware.
Gray_Pigeon .exe X Added by the Troj/GrayBrd-EH backdoor Trojan. This infection also creates the file c:\windows\temp\8e4ds4.dll.
Virtual Memory Protector (Random Name).exe X Identified as as variant of the Win32:Agent-XKO/Backdoor.Hamweq.B malware.
Physical Memory Protector (Random Name).exe X Identified as a variant of the Trojan-Downloader.Win32.Agent malware.
Virtual Memory Dispatcher (RandomName).exe X Identified as a variant of the Win32:Agent-XKO/Backdoor.Hamweq.B malware.
Remote Procedure Call (RPC) Activator [Currently unknown] X Added by the Troj/Fiserv-A backdoor Trojan.
MicroSoft Media Services [RANDOM 8 CHARACTER].sys X Added by the virus. W32.Mediasups is a virus that spreads by infecting executable files, may download files and communicate with a remote server.
NetDDEipx [Random file name].exe X Added by the Trojan.Netdepix Trojan.
eProxy [random] X Added as a new service by the Troj/Daemoni-AL TROJAN, using a displayname of Microsoft Security Subsystem Provider.
Network Devices Controller [unknown filename] X Added by the Backdoor.Alnica backdoor. Listens on port 6667 awaiting a remote connection.
Activating the notepad common used library [unknown] X Added by W32/Codbot-G, a WORM/backdoor.
Network Client Monitor [unknown] X Added by the Trojan.Boxed.B Trojan.
Search Startups

Login

Remember Me
Sign in anonymously