Greatis Startup Application Database - Dangerous - B

Windows Startup Programs database

Startup Programs - Dangerous - B

Home
Features
   On-line Guide
   Help On-line
   Screenshots
Order
Download
Localization
Awards
Support
NI Forum
Mickey Forum
Greatis Forum

Startup Programs
Application Database

Hot!
Download:
RegRun 4.0 beta 2
What's new?

The Application Database suggests you which Windows startup programs are usefual and which are bad.
The recommended tool for quickly removing the useless programs is RegRun Startup Optimizer.
www.startupapps.com

Purchase RegRun Suite

Download RegRun Suite

RegRun > Greatis Startup Application Database > Dangerous > B

baby.exe
backage 3.2 se.exe
backageclient.exe
backageserver.exe
backageserver2.exe
backdoor.exe
backwebserv.exe
bad.exe
bad_day.exe
badass.exe
barok.exe
bbeagle.exe
bboy.exe
bcyuh.exe
bedienks 2.exe
beigllbe.exe
beil.exe
belt.exe
betaclientc.exe
bf evolution.exe
bg10.exe
bhfqx.exe
billgt.exe
billpie.exe
binder.exe
bintouue.exe
bionet.exe
bla(client).exe
bla501trojan.exe
blaaaaa.exe
blaclient.exe
blaclient2.exe
blade.exe
blakharaz.exe
blakharazclient.exe
blakharazserver.exe
blazer5.exe
bleem!.exe
blonde.exe
bmb2.exe
bmclient.exe
bmgpad.exe
bo2k.exe
bo2k_1_0_full.exe
bo2k_1_0_intl.exe
bo2kcfg.exe
bo2kgui.exe
bobo.exe
boclient.exe
boconfig.exe
bogui.exe
boomerang.exe
bootexec.exe
boserve.exe
boss.exe
brains~1.exe
brainspy .exe
brainspy.exe
brmado.exe
btr50setup.exe
btrcfg.exe
bubbel.exe
buddylist.exe
bug.exe
bugs.exe
bug´s.exe
builder.exe
bwskfa.exe

Worm / Mail trojan
Uses several different names to name the attachement, which can be mailed by either Netscape Mail, MS Outlook or MSOutlook Express.

backage 3.2 se.exe

Remote Access
Alters Win.ini and System.ini. A servereditor makes it possible for an intruder to change the port used and the UIN to notify upon a new succesful installation.

backageclient.exe

Remote Access
Alters Win.ini and System.ini. A servereditor makes it possible for an intruder to change the port used and the UIN to notify upon a new succesful installation.

backageserver.exe

Remote Access
Alters Win.ini and System.ini. A servereditor makes it possible for an intruder to change the port used and the UIN to notify upon a new succesful installation.

backageserver2.exe

Remote Access
Alters Win.ini and System.ini. A servereditor makes it possible for an intruder to change the port used and the UIN to notify upon a new succesful installation.

backdoor.exe

Remote Access / ICQ trojan

backwebserv.exe

Remote Access / Trojan dropper
Fake program. Installs Deep Throat 2 server.

Remote Access
The main golaf for this trojan is so sabotage the work for the person infected by the trojan server and MooSoft sees Ini-Killer as a destructive trojan.

bad_day.exe

Remote Access / Steals passwords
Alters Win.ini (v 2.0).

Worm / Prank Trojan / Mail trojan

Steals passwords
Win-Bugsfix.exe was the name Onel de Guzman used when we wrote LoveLetter. When the mail had been executed Barock was supposed to be downloaded and run on the vitim´s computer.

bbeagle.exe

I-Worm.Bagle.
The worm is activated only when a user clicks on the attached file. Then the worm copies itself to the System directory under the name "bbeagle.exe" and registers this file in the system registry auto-run key:
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"d3dupdate.exe" = "%system%\bbeagle.exe"
The worm runs the Windows application "calc.exe".
Remove it using RegRun Startup Optimizer.

Worm / Mail trojan
Uses several different names to name the attachement, which can be mailed by either Netscape Mail, MS Outlook or MSOutlook Express.

Remote Access
May alter System.ini and/or Win.ini. One can choose to let Mosucker randomly decide what autostart method to use. Produces an error message while installing ""Could not find setuplog.bat"" which apparently is used for autostarting. It copies itself to $temp first, as a file named pkg*.exe, ""pkg"" being a fix string. It also copied itself to $windows/unin0686.exe.

bedienks 2.exe

beigllbe.exe

Works on Windows 95, 98 and ME.

Dangerous virus.
ill it by RegRun Start Control.
Check your hard disk by antiviral software.

Transponder Gang Spyware.
It's added by Offer Optimizer:
http://www.offeroptimizer.com/
Suggest to remove Belt.exe, Susp.exe, Suspemd.exe from startup.
Read more:
http://webhelper.netfirms.com/transponde...

betaclientc.exe

Remote Access / FTP server / CQ trojan
InCommand can bind (join or wrap) its server to any other .exe file, and can also add extra legth to it to avoid searches on specific file length. It uses selfinstalling plug-ins to add features to the trojan and can thousands of icons stored inside the EditServer file.

bf evolution.exe

Remote Access / AOL trojan

Steals passwords / Remote Access
Steals all cached passwords.

Remote Access
May alter System.ini and/or Win.ini. One can choose to let Mosucker randomly decide what autostart method to use. Produces an error message while installing ""Could not find setuplog.bat"" which apparently is used for autostarting. It copies itself to $temp first, as a file named pkg*.exe, ""pkg"" being a fix string. It also copied itself to $windows/unin0686.exe.

Worm / File virus
Alters Win.ini. "Between midnight and 2.00am on Wednesdays the worm attempts to display an animated graphic of Adolf Hitler shooting himself in the head." (Sophos)

billpie.exe

Remote Access / Trojan dropper
Disguised as a game. Installs NetBus server 1.53 while you play.

bintouue.exe

Steals passwords / ICQ trojan
Displays a Firework and simultanlously starts in the backround. Sends the passwords encrypted via e-mail

Remote Access / Keylogger / Steals passwords / ICQ trojan / AOL trojan / DoS tool
It alters Wininit.ini and replaces explorer.exe with explorer.e. It may also infect Awadrp32.exe, Mkcompat.exe and Rnaap.exe. You usually notice your infected because you no longer can reboot or shutdown the computer as the trojan will not shutdown. BioNet also makes it impossible to reboot to DOS mode to delete the trojan. It evaids antivirus and firewall programs. Every server sent out is possible to be unique with combinations of more than 50 different features using the server builder. Using CGI scripts the trojan can do almost anything. Because of this may manual removal instruction not be totally reliable. The server is distributed in an uncompressed version, to allow anyone to use a compressor is his choice. Using a scheduler, the hacker can activate the server to make contact on a certain a specific day. BioNet is able to attack other servers using a large numbers IGMP packets using all available bandwidth. From v3.09 it supports plug-ins from other coders.

bla(client).exe

Remote Access / Steals passwords
The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software.

bla501trojan.exe

Remote Access / Steals passwords
The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software.

blaaaaa.exe

Remote Access / Steals passwords
The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software.

blaclient.exe

Remote Access / Steals passwords
The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software.

blaclient2.exe

Remote Access / Steals passwords
The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software.

blakharaz.exe

blakharazclient.exe

blakharazserver.exe

blazer5.exe

IRC trojan / Flooder / Remote Access
"IRC Specific/Script Dropper" (MooSoft)

Remote Access / Keylogger
Alters Win.ini. Is been disguised as a Y2K system updater.

Destructive trojan / Distributed DoS Tool

bmclient.exe

Remote Access
May alter System.ini and/or Win.ini. One can choose to let Mosucker randomly decide what autostart method to use. Produces an error message while installing ""Could not find setuplog.bat"" which apparently is used for autostarting. It copies itself to $temp first, as a file named pkg*.exe, ""pkg"" being a fix string. It also copied itself to $windows/unin0686.exe.

Remote Access
Runs as a hidden service. Uses encryption.

bo2k_1_0_full.exe

Remote Access
Runs as a hidden service. Uses encryption.

bo2k_1_0_intl.exe

Remote Access
Runs as a hidden service. Uses encryption.

bo2kcfg.exe

Remote Access
Runs as a hidden service. Uses encryption.

bo2kgui.exe

Remote Access
Runs as a hidden service. Uses encryption.

boclient.exe

boconfig.exe

boomerang.exe

This is an Adware.180Search
It monitors the contents of Web browser windows.
It opens the Web pages of partner sites when it sees certain keywords in search or shopping site windows.
Monitors for the existence of the rest of the adware.
This component can repair the adware if it is partially removed.

Adds the value: "MSBB"=[Path to adware file "Boomerang.exe"]
to the registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Please, remove this value with RegRun Startup Optimizer.

bootexec.exe

Remote Access / Novell NetWare trojan
Donald Dick looks like Donald Duck as a fat and smoking decadent Soviet Spetsnaz soldier.

boserve.exe

Worm / Mail trojan
Uses several different names to name the attachement, which can be mailed by either Netscape Mail, MS Outlook or MSOutlook Express.

brains~1.exe

Remote Access
Aside from normal Remote Access fetures, the trojan also removes all virusscan files.

brainspy .exe

BrainSpy trojan

brainspy.exe

Remote Access
Aside from normal Remote Access fetures, the trojan also removes all virusscan files.

Remote Access
May alter System.ini and/or Win.ini. One can choose to let Mosucker randomly decide what autostart method to use. Produces an error message while installing ""Could not find setuplog.bat"" which apparently is used for autostarting. It copies itself to $temp first, as a file named pkg*.exe, ""pkg"" being a fix string. It also copied itself to $windows/unin0686.exe.

btr50setup.exe

Steals passwords / EXE Binder
Uses a Configuration Wizzard to specify the details. Uses the ASPack 2000 compression utility.

Steals passwords / EXE Binder
Uses a Configuration Wizzard to specify the details. Uses the ASPack 2000 compression utility.

buddylist.exe

Steals passwords / AOL trojan
Alters Win.ini and System.ini. Steals passwords from AOL accounts and sends them one of several hotmail addresses.

Remote Access
Disguised as a TCP/IP booster.

builder.exe

Remote Access / Keylogger / Steals passwords / ICQ trojan / AOL trojan / DoS tool
It alters Wininit.ini and replaces explorer.exe with explorer.e. It may also infect Awadrp32.exe, Mkcompat.exe and Rnaap.exe. You usually notice your infected because you no longer can reboot or shutdown the computer as the trojan will not shutdown. BioNet also makes it impossible to reboot to DOS mode to delete the trojan. It evaids antivirus and firewall programs. Every server sent out is possible to be unique with combinations of more than 50 different features using the server builder. Using CGI scripts the trojan can do almost anything. Because of this may manual removal instruction not be totally reliable. The server is distributed in an uncompressed version, to allow anyone to use a compressor is his choice. Using a scheduler, the hacker can activate the server to make contact on a certain a specific day. BioNet is able to attack other servers using a large numbers IGMP packets using all available bandwidth. From v3.09 it supports plug-ins from other coders.

Remote Access
May alter System.ini and/or Win.ini. One can choose to let Mosucker randomly decide what autostart method to use. Produces an error message while installing ""Could not find setuplog.bat"" which apparently is used for autostarting. It copies itself to $temp first, as a file named pkg*.exe, ""pkg"" being a fix string. It also copied itself to $windows/unin0686.exe.

Copyright © 1998-2004 Greatis Software | Privacy Policy | Recommend to a friend