Search Results
(displaying 69 results)
(displaying 69 results)
| Name | Filename | Description | Status |
| hack1x2 | C:\WINDOWS\system32:hlpnod32.exe | A variant of the Backdoor.Bifrose Note: Located in \%WINDIR%\system32:hlpnod32.exe Note: Please note that this infection is an Alternate Data Stream file attached to the legitimate C:\Windows\System32 folder. Do not delete the C:\Windows\System32 folder as Windows will not operate correctly without it. To delete the Alternate Data Stream you should read this tutorial. Note: Use SDFix under supervision. | X |
| CTFMON | wscript.exe /E:vbs C:\WINDOWS\system32\winjpg.jpg | Added by the W32/Autorun-ALB ADWARE! Note: Located in \%WINDIR%\%System%\ Note: Spreads via removable media. | X |
| WinShowUpdate | copy C:\WINDOWS\winshow.new C:\WINDOWS\winshow.dll | Winshow parasiate related - from the "RunOnce" keys it replaces "winshow.dll" with a new version | X |
| System32 | System32.exe | Added by the MARI, SYSXXX and other VIRUSES! | X |
| DriverPath | system32.exe | Added by the Troj/Prorat-S TROJAN! Note: This trojan file is found in the Windows or Winnt folder. | X |
| System32 | system32,1.exe | worm or trojan, as yet unidentified | X |
| system32 | system32.exe | Added by the Troj/Bancban-JD TROJAN! Note: The executable is system32.exe located in the C:\Windows (95/95/ME/XP) or C:\WINNT (NT/2000) directory-- this is not the system32 folder! | X |
| system32.exe | system32.exe | Added by the Backdoor.Graybird.P TROJAN! Note: This worm/trojan file is found in the Windows or Winnt folder. | X |
| SystemSAS | System32.exe | Added by the KWBOT.C VIRUS! | X |
| Win32 | system32.vbs | Added by the VBS.SWERUN VIRUS! | X |
| Windows Explorer | system32.exe | Added by the W32/Rbot-AJH WORM! | X |
| Windows System32 Kernel | system32.exe | Added by the W32/SDBOT-AAT WORM! | X |
| Windows-System | System32.exe | Added by the LOGPOLE.C VIRUS! | X |
| Winsock2 driver | SYSTEM32.EXE | Added by the W32/Spybot-EG WORM! | X |
| Winsock32 driver | system32.exe | Troj/IRCBot-VT Note: Read the link, allows remote access | X |
| Torrent Management Service | system32.exe | Added by a variant of the IRCBOT TROJAN! See here | X |
| screw | system32.exe | Identified by Sophos as Worm W32/VB-DWN Note: Located in \%WINDIR%\ | X |
| Sygate Personal Firewall | system32.exe | Added by the RBOT.VI WORM! | X |
| msn | system32.exe | Added by the KITRO.A VIRUS! | X |
| System Support | system32.exe | Added by the W32/RBOT-AHA WORM! | X |
| Microsoft Update | system32.exe | Added by an unidentified TROJAN! of the Sdbot family. Note: This worm\trojan is located in C:\Windows\System (Win9x/Me), C:\%WINDIR%\System32 (XP/WinNT/2K) | X |
| Microsofot x386 System Monitor | system32.exe | WORM_WOOTBOT.M | X |
| ioroxxo microsoft sux | system32.exe | Added by a variant of the Rbot family of worms and IRC backdoor Trojans. Note: Located in \%WINDIR%\System32\ | X |
| ruin | system32.exe | Added by the TROJ/DELF-JM TROJAN! | X |
| svchosts | system32:svchosts.exe | Identified as a variant of the Trojan.Win32.VB.dqk Note: Located in \%WINDIR%\System32\ Note: ADS infection [note]Use SDFix under supervision. | X |
| svehost | system32:svehost.exe | Identified as a Backdoor:Win32/Poison.M by Microsoft. Note: This is an alternate data streams. Note: Located in \%WINDIR%\%System%\ | X |
| Poison.Ivy | system32:Poison Ivy.exe | A variant of the Backdoor.Win32.Poison.cpb Backdoor:W32/PoisonIvy is a family of backdoors that give a remote user extensive access to an infected computer. Note: Please note that this infection is an Alternate Data Stream file attached to the legitimate C:\Windows\system32 folder. Do not delete the C:\Windows\system32 folder as Windows will not operate correctly without it. Note: Use SDFix under supervision. | X |
| xp v7.exe | system32:winxp7.exe | Added by the Backdoor:Win32/Poisonivy.H Note: Located in \%WINDIR%\%System%\ Note: This is an ADS - Alternate Data Streams DO NOT REMOVE the %System%\ folder. | X |
| svchost | system32:svchost.exe | Identified as a variant of the Backdoor.Win32.Poison malware. This infection is a Alternate Data Stream file which requires certain tools to remove. Get help from a malware removal forum. Note: Use SDFix under supervision. | X |
| Windows Services | windows.exe | Added by a variant of the IRCBOT Note: Located in \%WINDIR%\ Note: Use SDFix under supervision. | X |
| InternetExplorer2 | windows.exe | Added by the W32/Sdbot-CZP WORM! Note: Located in \%WINDIR%\System32\ Note: Use SDFix under supervision. | X |
| Microsoft IT Update | windows.exe | Added by the W32/Rbot-JM WORM! Note: Located in \%WINDIR%\System32\ | X |
| WINDOWS SYSTEM | windows.exe | Added by the Worm:Win32/Gaobot] Note: Located in \%WINDIR%\%System%\ Note: The Hosts file may have been modified. | X |
| Microsoft Windows Updata | windows.exe | Added by an unidentified TROJAN! of the Sdbot family. Note: Located in \%WINDIR%\System32 Note: Use SDFix under supervision. | X |
| Windows Update | windows.exe | Added by the W32/RBOT-RB WORM! Note: Located in \%WINDIR%\System32\ | X |
| windowspis | windows.exe | Added by the Trojan-Downloader.Win32.Genome.akll Note: Located in \%WINDIR%\%System%\ | X |
| Windows Security Service | windows.pif | Added by the W32/Rbot-AMG WORM! Note: Located in \%WINDIR%\System32 Note: Use SDFix under supervision. | X |
| Windows modez Verifier | Windows-.exe | Added by the W32/Rbot-DIO WORM! Note: Located in \%WINDIR%\System32 Note: Use SDFix under supervision. | X |
| Windows mod Verifier | Windows-mod.exe | Added by a variant of the IRCBOT Note: Located in \%WINDIR%\System32\ Note: Use SDFix under supervision. | X |
| Windows Load | windows.com | Note: ?? | ? |
| NDIS Adapter | windows.exe | Added by the W32/FORBOT-BR WORM! Note: Located in \%WINDIR%\System32\ | X |
| WRMVan | Windows.exe | Added by the W32/AutoRun-BGD WORM! Note: Located in \%Program Files%\ Note: Spreads via removable media. | X |
| Application | windows.exe | Added by the Trojan/Python.a Note: Located in \%Root%\Users\Public\Documents\ | X |
| WINDOWS | \windows.exe | Added by the Troj/Monbot-A TROJAN! Note: Located in \%WINDIR%\System32\ | X |
| Windows | Windows.exe | Added by the KAZMOR, BOBBINS& ALADINZ.D VIRUSES! | X |
| WIN | windows.exe | Added by the W32.Reatle.C@mm WORM! Note: Located in \%WINDIR%\System32\ | X |
| Rundll32 | Windows.exe | Added by the Trojan.PWS.QQPass.E VIRUS! Note: Located in \%Program Files%\ | X |
| Start | windows.vbs | Homepage hijacker | X |
| Docker for Windows | Docker for Windows.exe | Related to Docker Inc aN integrated container security for legacy and cloud-native applications. Note: Located in \%Program Files%\Docker\Docker\ | U |
| WINDOWS HOST | Windows Host.exe | Added by the Windows Host.exe Malware. Note: Located in \%ProgramData%\Windows Host\ | X |
| Internet Explorer | WINDOWS.crypted.exe | Added by the Backdoor.Win32.Poison.pg Note: Located in \%ROOT%\ | X |
| Explorer | Windows Explorer.exe | Added by the W32/SillyFDC-I WORM! Note: This trojan is located in C:\%WINDIR%\ Note: copies itself to: (User)\Documents\Top Pictures.exe and (User)\My Documents\New Folder.exe. May also copy itself to drives A: and B:. | X |
| iseeu.exe | WINDOWS:iseeu.exe | A variant of the Backdoor:W32/PoisonIvy Backdoor:W32/PoisonIvy is a family of backdoors that give a remote user extensive access to an infected computer. Note: Please note that this infection is an Alternate Data Stream file attached to the legitimate C:\Windows folder. Do not delete the C:\Windows\ folder as Windows will not operate correctly without it. Note: Use SDFix under supervision. | X |
| LiveUpdate | [Windows username]05.exe | Added by the LINEAGE TROJAN! | X |
| Windows XP SP2 KeyGen | Windows XP SP2 KeyGen.exe | Added by the W32/Tibick-C WORM! Note: Located in \%WINDIR%\MSVIEW\ | X |
| Windows spyware remover | Windows-spyware.exe | Added by a variant of the IRCBOT Note: Located in \%WINDIR%\System32\ Note: Use SDFix under supervision. | X |
| Windows Clean-Up Pro | WINDOWS CLEAN-UP PRO.Exe | WINDOWS CLEAN-UP PRO Rogue anti-spyware program. | X |
| Windows Anti Verifier | Windows-Anti.exe | Added by the Win32/Rbot.ETT WORM! Note: Located in \%WINDIR%\System32\ | X |
| Windows 32 Update | Windows-Update.exe | Added by a variant of the Win32/Rbot Note: Located in \%WINDIR%\System32\ | X |
| Microsoft Windows | Microsoft Windows.hta | HTA file which creates an executable on the hard drive which subsequently proceeds to download files from a malware site! | X |
| Windows Genuine Check | Windows Genuine Check.exe | Added by a variant of the RBot Note: Located in \%WINDIR%\System32\ Note: Use SDFix under supervision. | X |
| Windows Updates Service | Windows Updates Service.vbe | Added by the Windows Updates Service Virus.vbs.qexvmc.1. Note: Located in \%AppData%\Roaming\Windows Updates Files\ | X |
| Windows Service Agent | Windows Service Agent | Added by the Net-Worm.Win32.Kolab.fqg TROJAN! Note: Located in \%WINDIR%\%System%\ | X |
| DocFetcher-Daemon | docfetcher-daemon-windows.exe | Related to DocFetcher, an Open sourve program. It allows you to search the contents of files on your computer.. Note: Located in \%Program Files%\DocFetcher\ | U |
| Windows host service | Windows host service.exe | Added by the Windows host service Tojan Miner or BitCoin Miner. Note: Located in \%AppData%\Roaming\scwcknzrjf\ | X |
| WinUpdate | :Microsoft Office Update for Windows XP.sys | Identified by Sophos as VBS/AutoRun-UC Note: Located in \%WINDIR%\ | X |
| system34 | Windows External Security Update.exe | Detected as IM-Worm.Win32.VB.ev. WORM! Note: Located in \%WINDIR%\SoftwareProtection\ | X |
| BootRacer | BootRacer measures your Windows boot timebootrace.exe | Related to Greatis Software BootRacer measures your Windows boot time. Note: Located in \%Program Files%\BootRacer measures your Windows boot time. | N |
| MMSystem | "%\Windows%\rundll32.exe "%System%\mmsystem.dll"", RunDll32" | Added by a FUNNER.A worm infection | X |