This is an undesirable program.This file has been identified as a program that is undesirable to have running on your computer. This consists of programs that are misleading, harmful, or undesirable.
If the description states that it is a piece of malware, you should immediately run an antivirus and antispyware program. If that does not help, feel free to ask us for assistance in the forums.
| Name: | Java Sun Scheduler |
| Filename: | jusched.exe |
| Command: | C:\Windows\jusched.exe |
| Description: |
Added by the W32/Sdbot-CQC worm and IRC backdoor.
W32/Sdbot-CQC spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: SRVSVC (MS06-040), WKS (MS03-049) (CAN-2003-0812), PNP (MS05-039) and ASN.1 (MS04-007). The worm may also spread via network shares and MSSQL servers protected by weak passwords. |
| File Location: | %WinDir% |
| Startup Type: | This startup entry is installed as a Windows service. |
| Service Name: | JUSCHED |
| Service Display Name: | Java Sun Scheduler |
| HijackThis Category: | O23 Entry |
| Note: | %Windir% refers to the Windows installation folder. By default, this is C:\Windows for Windows 95/98/ME/XP/Vista/7 or C:\Winnt for Windows NT/2000. |
| Removal Instructions: | How to remove a Trojan, Virus, Worm, or other Malware |
| Name: | ISUSPM Startup |
| Filename: | ISUSPM.exe |
| Command: | C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup |
| Description: |
InstallShield Update Service Scheduler.
Automatically searches for and performs any updates to the software so
you’re always working with the most current version
|
| File Location: | C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe |
| Startup Type: | This startup entry is started automatically from a Run, RunOnce, RunServices, or RunServicesOnce entry in the registry. |
| HijackThis Category: | O4 Entry |
| Name: | Windows Defender |
| Filename: | MSASCui.exe |
| Command: | "C:\Program Files\Windows Defender\MSASCui.exe" -hide |
| Description: |
Microsoft's Windows Defender Antispyware program.
|
| File Location: | C:\Program Files\Windows Defender\MSASCui.exe |
| Startup Type: | This startup entry is started automatically from a Run, RunOnce, RunServices, or RunServicesOnce entry in the registry. |
| HijackThis Category: | O4 Entry |
| Name: | SkyTel |
| Filename: | SkyTel.exe |
| Command: | SkyTel.exe |
| Description: |
Program related to the Realtek Voice Manager used by some of their audio chipsets.
|
| File Location: | %System% |
| Startup Type: | This startup entry is started automatically from a Run, RunOnce, RunServices, or RunServicesOnce entry in the registry. |
| HijackThis Category: | O4 Entry |
| Note: | %System% is a variable that refers to the Windows System folder. By default this is C:\Windows\System for Windows 95/98/ME, C:\Winnt\System32 for Windows NT/2000, or C:\Windows\System32 for Windows XP/Vista/7. |
| Name: | Logitech Hardware Abstraction Layer |
| Filename: | Khalmnpr.exe |
| Command: | Khalmnpr.exe |
| Description: |
Logitech Bluetooth mouse Hardware
Abstraction layer. A "hardware abstraction layer" is an interface that
enables adding support for new devices and new ways of connecting
devices to the computer, without modifying every application that uses
the device. "This process is Logitech's mouse sensitivity monitor. When
you enable Logitech's own sensitivity management, this process is
required. This will allow you to change sensitivity on a per program
level using their profile manager inside SetPoint."
|
| File Location: | C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE |
| Startup Type: | This startup entry is started automatically from a Run, RunOnce, RunServices, or RunServicesOnce entry in the registry. |
| HijackThis Category: | O4 Entry |
| Name: | IP |
| Filename: | IP.EXE |
| Command: | Unknown at this time. |
| Description: |
Added by a WORM, W32/Agobot-QO.
|
| File Location: | Unknown |
| Startup Type: | This startup entry is started automatically from a Run, RunOnce, RunServices, or RunServicesOnce entry in the registry. |
| HijackThis Category: | O4 Entry |
| Removal Instructions: | How to remove a Trojan, Virus, Worm, or other Malware |
| Name: | Intel® PROSet/Wireless Service |
| Filename: | S24EvMon.exe |
| Command: | C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe |
| Description: |
Event Monitor - supports driver extensions to NIC Driver for wireless adapters. Is it required?
|
| File Location: | C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe |
| Startup Type: | This startup entry is installed as a Windows service. |
| Service Name: | S24EventMonitor |
| Service Display Name: | Intel® PROSet/Wireless Service |
| HijackThis Category: | O23 Entry |
| Name: | DSBrokerService |
| Filename: | brkrsvc.exe |
| Command: | C:\Program Files\DellSupport\brkrsvc.exe |
| Description: |
Related to Dell computers.
|
| File Location: | C:\Program Files\DellSupport\brkrsvc.exe |
| Startup Type: | This startup entry is installed as a Windows service. |
| Service Name: | DSBrokerService |
| Service Display Name: | DSBrokerService |
| HijackThis Category: | O23 Entry |
| Name: | ttool |
| Filename: | 9129837.exe |
| Command: | C:\Windows\9129837.exe |
| Description: |
Added by the Troj/DwnLdr-FSA downloader Trojan.
|
| File Location: | %WinDir% |
| Startup Type: | This startup entry is started automatically from a Run, RunOnce, RunServices, or RunServicesOnce entry in the registry. |
| HijackThis Category: | O4 Entry |
| Note: | %Windir% refers to the Windows installation folder. By default, this is C:\Windows for Windows 95/98/ME/XP/Vista/7 or C:\Winnt for Windows NT/2000. |
| Removal Instructions: | How to remove a Trojan, Virus, Worm, or other Malware |
| Name: | DSBrokerService |
| Filename: | brkrsvc.exe |
| Command: | C:\Program Files\DellSupport\brkrsvc.exe |
| Description: |
Related to Dell computers.
|
| File Location: | C:\Program Files\DellSupport\brkrsvc.exe |
| Startup Type: | This startup entry is installed as a Windows service. |
| Service Name: | DSBrokerService |
| Service Display Name: | DSBrokerService |
| HijackThis Category: | O23 Entry |
| Name: | MSAdmin |
| Filename: | jdbgmrg.exe |
| Command: | Unknown at this time. |
| Description: | |
| File Location: | Unknown |
| Startup Type: | Currently being identified. |
| Removal Instructions: | How to remove a Trojan, Virus, Worm, or other Malware |
| Name: | swg |
| Filename: | GoogleToolbarNotifier.exe |
| Command: | C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe |
| Description: |
Added by the Google ToolBar for Internet Explorer.
This program will notify you when you attempt to change the Internet
Explorer search engine to something other than Google and asks if you
would like to allow the change. This program, when run, will also
connect to Google's servers and check for new updates to to the Google
Notifier.
Even if you disable the Notification option using the instructions below, it will still load at startup. To remove this, you can actually delete the file, which we do not recommend, or disable the setting in the Toolbar settings and then removing the autorun entry. If you do not enable/disable that setting again the autorun entry will not come back. Readme.txt file found in the GoogleToolbarNotifier directory states: "GoogleToolbarNotifier is a companion to the Google Toolbar. This executable is necessary to enable the Search Settings Notifier feature of the Toolbar. This feature lets you keep Google as your default search engine and prevents this setting (and others as we add new features) from being changed without your consent. To enable or disable this feature, please click the "Settings" button on your Toolbar and choose "Options." In the "More" section, check or un-check the box next to "Set and keep Search settings to Google." As long as this feature remains enabled, GoogleToolbarNotifier.exe will run silently in the background." The path to this file will change based on the version of the Notifer. |
| File Location: | C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe |
| Startup Type: | This startup entry is started automatically from a Run, RunOnce, RunServices, or RunServicesOnce entry in the registry. |
| HijackThis Category: | O4 Entry |
| Name: | NECMFK |
| Filename: | necmfk.exe |
| Command: | Unknown at this time. |
| Description: |
NEC wireless keyboard driver
|
| File Location: | Unknown |
| Startup Type: | Currently being identified. |
| Name: | sptd |
| Filename: | sptd.sys |
| Command: | System32\Drivers\sptd.sys |
| Description: |
Driver used by the CD Rom emulation program, Daemon Tools Version 4. There have been some reports of problems with this driver.
|
| File Location: | %System%\Drivers\sptd.sys |
| Startup Type: | This startup entry is installed as a Windows service. |
| Service Name: | sptd |
| Service Display Name: | sptd |
| HijackThis Category: | O23 Entry |
| Note: | %System% is a variable that refers to the Windows System folder. By default this is C:\Windows\System for Windows 95/98/ME, C:\Winnt\System32 for Windows NT/2000, or C:\Windows\System32 for Windows XP/Vista/7. |
| Name: | DSBrokerService |
| Filename: | brkrsvc.exe |
| Command: | C:\Program Files\DellSupport\brkrsvc.exe |
| Description: |
Related to Dell computers.
|
| File Location: | C:\Program Files\DellSupport\brkrsvc.exe |
| Startup Type: | This startup entry is installed as a Windows service. |
| Service Name: | DSBrokerService |
| Service Display Name: | DSBrokerService |
| HijackThis Category: | O23 Entry |
0 comments:
Post a Comment