Search Results
(displaying 82 results)
(displaying 82 results)
Name | Filename | Description | Status |
MsWerr | ctfmon.dll | Added by the W32.Virut.CF VIRUT! Note: Located in \%WINDIR%\%System%\ | X |
Windows Live Messenger 8.12 | ctfmon.exe | Added by a W32/LiPark-A WORM! Note: Located in \%User%\ Note: Do not remove the legitimate program file in \%WINDIR%\%System%\ Note: The worm spread by copying itself into shared folders used by common Peer to Peer (P2P) filesharing applications. | X |
ctfmon | ctfmon.exe | Added by the Worm.Win32.AutoRun.ctz Note: Located in \%WINDIR%\ Note: Do not remove the legitimate ctfmon.exe file which is always found in \%WINDIR%\%System%\ | X |
SetUp | ctfmon.exe | Added by the Trojan.Win32.Pasta.fuw Note: Located in \%Program Files%\Windows NT\ | X |
ctfmon | ctfmon.exe | Added by the Troj/SDBot-06 Trojan! which allows a remote user to access and control the computer via IRC channels. Note: Located in \%WINDIR%\ Note: Do not confuse with the MS Office file of the same name as described here | X |
Firewall | ctfmon.exe | Added by a variant of the IRCBOT Note: Located in \%WINDIR%\ Note: Use SDFix under supervision. Not to be confused by the original file in \%WINDIR%\%SYSTEM%\ folder. | X |
ctfnnon | ctfmon.exe | Identified as a variant of the Backdoor.Win32.Turkojan.ake malware. Note: located in \%WINDIR%\ Note: Use SDFix under supervision. Note: Please notethat C:\Windows\System32\ctfmon.exe is legitimate and should not be deleted. | X |
ctfmon.exe | ctfmon.exe | Added by the Trojan.Satiloler.D TROJAN! Note: Located in \%WINDIR%\System\ Note: do not confuse with the MS Office file of the same name as described here Note: Read the link, rootkit type stealth involved. | X |
CTFMON.EXE | ctfmon.exe | Added by the Troj/Bckdr-QF TROJAN! Note: Located in \%WINDIR%\System\ Note: Do not confuse with the MS Office file of the same name as described here Note: Read the link, rootkit type stealth involved. | X |
ctfmon.exe | ctfmon.exe | CTFMon is involved with the language/alternative input services in Office XP. CTFMON.exe will continue to put itself back into MSConfig when you run the Office XP apps as long as the Text Services and Speech applets in the Control Panel are enabled. Not required if you don't need these features. For more info on ctfmon See_Here ;en-us;282599 . CTFMON can be disabled from Control Panel, Text & Speech Services. Note: The file will always be located in the \%WINDIR%\System32\ folder. Note: If it is located elsewhere, it will likely be a worm or trojan! | U |
CTFMon | ctfmon.exe | Added by the Family Kelogger program. Found at hxxp://www.spyarsenal.com/familykeylogger/ (DO NOT GO THERE). The program lets you record to a special file and then view all the keystrokes typed by everyone using your computer. Note: Remember if you did not put this on your computer then someone else did! Note: This Keylogging file is located in \%WINDIR%\%System%\CTF\ | X |
ctfmon | ctfmon.exe | Adware responsible for tenmonkey.com popups Note: Located in \%WINDIR%\ Note: do not confuse with the MS Office file of the same name as described here | X |
ctfmon.exe | ctfmon.exe eminem.exe | Added by the BHARAT.A WORM! Note: Located in \%WINDIR%\System32\ Note: do not confuse with the MS Office file of the same name as described here Note: Read the link. | X |
hack1x2 | C:\WINDOWS\system32:hlpnod32.exe | A variant of the Backdoor.Bifrose Note: Located in \%WINDIR%\system32:hlpnod32.exe Note: Please note that this infection is an Alternate Data Stream file attached to the legitimate C:\Windows\System32 folder. Do not delete the C:\Windows\System32 folder as Windows will not operate correctly without it. To delete the Alternate Data Stream you should read this tutorial. Note: Use SDFix under supervision. | X |
CTFMON | wscript.exe /E:vbs C:\WINDOWS\system32\winjpg.jpg | Added by the W32/Autorun-ALB ADWARE! Note: Located in \%WINDIR%\%System%\ Note: Spreads via removable media. | X |
WinShowUpdate | copy C:\WINDOWS\winshow.new C:\WINDOWS\winshow.dll | Winshow parasiate related - from the "RunOnce" keys it replaces "winshow.dll" with a new version | X |
Winsock2 driver | SYSTEM32.EXE | Added by the W32/Spybot-EG WORM! | X |
system32 | system32.exe | Added by the Troj/Bancban-JD TROJAN! Note: The executable is system32.exe located in the C:\Windows (95/95/ME/XP) or C:\WINNT (NT/2000) directory-- this is not the system32 folder! | X |
system32.exe | system32.exe | Added by the Backdoor.Graybird.P TROJAN! Note: This worm/trojan file is found in the Windows or Winnt folder. | X |
SystemSAS | System32.exe | Added by the KWBOT.C VIRUS! | X |
Win32 | system32.vbs | Added by the VBS.SWERUN VIRUS! | X |
screw | system32.exe | Identified by Sophos as Worm W32/VB-DWN Note: Located in \%WINDIR%\ | X |
Windows Explorer | system32.exe | Added by the W32/Rbot-AJH WORM! | X |
Torrent Management Service | system32.exe | Added by a variant of the IRCBOT TROJAN! See here | X |
Windows System32 Kernel | system32.exe | Added by the W32/SDBOT-AAT WORM! | X |
Winsock32 driver | system32.exe | Troj/IRCBot-VT Note: Read the link, allows remote access | X |
Windows-System | System32.exe | Added by the LOGPOLE.C VIRUS! | X |
System32 | System32.exe | Added by the MARI, SYSXXX and other VIRUSES! | X |
System Support | system32.exe | Added by the W32/RBOT-AHA WORM! | X |
Sygate Personal Firewall | system32.exe | Added by the RBOT.VI WORM! | X |
DriverPath | system32.exe | Added by the Troj/Prorat-S TROJAN! Note: This trojan file is found in the Windows or Winnt folder. | X |
ioroxxo microsoft sux | system32.exe | Added by a variant of the Rbot family of worms and IRC backdoor Trojans. Note: Located in \%WINDIR%\System32\ | X |
Microsofot x386 System Monitor | system32.exe | WORM_WOOTBOT.M | X |
ruin | system32.exe | Added by the TROJ/DELF-JM TROJAN! | X |
Microsoft Update | system32.exe | Added by an unidentified TROJAN! of the Sdbot family. Note: This worm\trojan is located in C:\Windows\System (Win9x/Me), C:\%WINDIR%\System32 (XP/WinNT/2K) | X |
System32 | system32,1.exe | worm or trojan, as yet unidentified | X |
msn | system32.exe | Added by the KITRO.A VIRUS! | X |
svchosts | system32:svchosts.exe | Identified as a variant of the Trojan.Win32.VB.dqk Note: Located in \%WINDIR%\System32\ Note: ADS infection [note]Use SDFix under supervision. | X |
Poison.Ivy | system32:Poison Ivy.exe | A variant of the Backdoor.Win32.Poison.cpb Backdoor:W32/PoisonIvy is a family of backdoors that give a remote user extensive access to an infected computer. Note: Please note that this infection is an Alternate Data Stream file attached to the legitimate C:\Windows\system32 folder. Do not delete the C:\Windows\system32 folder as Windows will not operate correctly without it. Note: Use SDFix under supervision. | X |
xp v7.exe | system32:winxp7.exe | Added by the Backdoor:Win32/Poisonivy.H Note: Located in \%WINDIR%\%System%\ Note: This is an ADS - Alternate Data Streams DO NOT REMOVE the %System%\ folder. | X |
svehost | system32:svehost.exe | Identified as a Backdoor:Win32/Poison.M by Microsoft. Note: This is an alternate data streams. Note: Located in \%WINDIR%\%System%\ | X |
svchost | system32:svchost.exe | Identified as a variant of the Backdoor.Win32.Poison malware. This infection is a Alternate Data Stream file which requires certain tools to remove. Get help from a malware removal forum. Note: Use SDFix under supervision. | X |
Windows Services | windows.exe | Added by a variant of the IRCBOT Note: Located in \%WINDIR%\ Note: Use SDFix under supervision. | X |
windowspis | windows.exe | Added by the Trojan-Downloader.Win32.Genome.akll Note: Located in \%WINDIR%\%System%\ | X |
WRMVan | Windows.exe | Added by the W32/AutoRun-BGD WORM! Note: Located in \%Program Files%\ Note: Spreads via removable media. | X |
Microsoft IT Update | windows.exe | Added by the W32/Rbot-JM WORM! Note: Located in \%WINDIR%\System32\ | X |
WINDOWS SYSTEM | windows.exe | Added by the Worm:Win32/Gaobot] Note: Located in \%WINDIR%\%System%\ Note: The Hosts file may have been modified. | X |
Application | windows.exe | Added by the Trojan/Python.a Note: Located in \%Root%\Users\Public\Documents\ | X |
Windows Security Service | windows.pif | Added by the W32/Rbot-AMG WORM! Note: Located in \%WINDIR%\System32 Note: Use SDFix under supervision. | X |
Windows Update | windows.exe | Added by the W32/RBOT-RB WORM! Note: Located in \%WINDIR%\System32\ | X |
InternetExplorer2 | windows.exe | Added by the W32/Sdbot-CZP WORM! Note: Located in \%WINDIR%\System32\ Note: Use SDFix under supervision. | X |
Microsoft Windows Updata | windows.exe | Added by an unidentified TROJAN! of the Sdbot family. Note: Located in \%WINDIR%\System32 Note: Use SDFix under supervision. | X |
NDIS Adapter | windows.exe | Added by the W32/FORBOT-BR WORM! Note: Located in \%WINDIR%\System32\ | X |
Rundll32 | Windows.exe | Added by the Trojan.PWS.QQPass.E VIRUS! Note: Located in \%Program Files%\ | X |
Start | windows.vbs | Homepage hijacker | X |
WIN | windows.exe | Added by the W32.Reatle.C@mm WORM! Note: Located in \%WINDIR%\System32\ | X |
Windows | Windows.exe | Added by the KAZMOR, BOBBINS& ALADINZ.D VIRUSES! | X |
WINDOWS | \windows.exe | Added by the Troj/Monbot-A TROJAN! Note: Located in \%WINDIR%\System32\ | X |
Windows Load | windows.com | Note: ?? | ? |
Windows mod Verifier | Windows-mod.exe | Added by a variant of the IRCBOT Note: Located in \%WINDIR%\System32\ Note: Use SDFix under supervision. | X |
Windows modez Verifier | Windows-.exe | Added by the W32/Rbot-DIO WORM! Note: Located in \%WINDIR%\System32 Note: Use SDFix under supervision. | X |
Windows Clean-Up Pro | WINDOWS CLEAN-UP PRO.Exe | WINDOWS CLEAN-UP PRO Rogue anti-spyware program. | X |
WINDOWS HOST | Windows Host.exe | Added by the Windows Host.exe Malware. Note: Located in \%ProgramData%\Windows Host\ | X |
Docker for Windows | Docker for Windows.exe | Related to Docker Inc aN integrated container security for legacy and cloud-native applications. Note: Located in \%Program Files%\Docker\Docker\ | U |
Explorer | Windows Explorer.exe | Added by the W32/SillyFDC-I WORM! Note: This trojan is located in C:\%WINDIR%\ Note: copies itself to: (User)\Documents\Top Pictures.exe and (User)\My Documents\New Folder.exe. May also copy itself to drives A: and B:. | X |
Windows XP SP2 KeyGen | Windows XP SP2 KeyGen.exe | Added by the W32/Tibick-C WORM! Note: Located in \%WINDIR%\MSVIEW\ | X |
Microsoft Windows | Microsoft Windows.hta | HTA file which creates an executable on the hard drive which subsequently proceeds to download files from a malware site! | X |
Internet Explorer | WINDOWS.crypted.exe | Added by the Backdoor.Win32.Poison.pg Note: Located in \%ROOT%\ | X |
LiveUpdate | [Windows username]05.exe | Added by the LINEAGE TROJAN! | X |
Windows spyware remover | Windows-spyware.exe | Added by a variant of the IRCBOT Note: Located in \%WINDIR%\System32\ Note: Use SDFix under supervision. | X |
Windows 32 Update | Windows-Update.exe | Added by a variant of the Win32/Rbot Note: Located in \%WINDIR%\System32\ | X |
Windows Anti Verifier | Windows-Anti.exe | Added by the Win32/Rbot.ETT WORM! Note: Located in \%WINDIR%\System32\ | X |
iseeu.exe | WINDOWS:iseeu.exe | A variant of the Backdoor:W32/PoisonIvy Backdoor:W32/PoisonIvy is a family of backdoors that give a remote user extensive access to an infected computer. Note: Please note that this infection is an Alternate Data Stream file attached to the legitimate C:\Windows folder. Do not delete the C:\Windows\ folder as Windows will not operate correctly without it. Note: Use SDFix under supervision. | X |
Windows Service Agent | Windows Service Agent | Added by the Net-Worm.Win32.Kolab.fqg TROJAN! Note: Located in \%WINDIR%\%System%\ | X |
Windows Genuine Check | Windows Genuine Check.exe | Added by a variant of the RBot Note: Located in \%WINDIR%\System32\ Note: Use SDFix under supervision. | X |
DocFetcher-Daemon | docfetcher-daemon-windows.exe | Related to DocFetcher, an Open sourve program. It allows you to search the contents of files on your computer.. Note: Located in \%Program Files%\DocFetcher\ | U |
Windows host service | Windows host service.exe | Added by the Windows host service Tojan Miner or BitCoin Miner. Note: Located in \%AppData%\Roaming\scwcknzrjf\ | X |
Windows Updates Service | Windows Updates Service.vbe | Added by the Windows Updates Service Virus.vbs.qexvmc.1. Note: Located in \%AppData%\Roaming\Windows Updates Files\ | X |
system34 | Windows External Security Update.exe | Detected as IM-Worm.Win32.VB.ev. WORM! Note: Located in \%WINDIR%\SoftwareProtection\ | X |
WinUpdate | :Microsoft Office Update for Windows XP.sys | Identified by Sophos as VBS/AutoRun-UC Note: Located in \%WINDIR%\ | X |
BootRacer | BootRacer measures your Windows boot timebootrace.exe | Related to Greatis Software BootRacer measures your Windows boot time. Note: Located in \%Program Files%\BootRacer measures your Windows boot time. | N |
MMSystem | "%\Windows%\rundll32.exe "%System%\mmsystem.dll"", RunDll32" | Added by a FUNNER.A worm infection | X |