Wilders Security Forums  

Go Back   Wilders Security Forums > Other Security Topics > malware problems & news
Reload this Page What is TacOnlyOne?
User Name
Password
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

 
 
Thread Tools Search this Thread
  #1  
Old August 10th, 2008, 12:39 PM
Escalader's Avatar
Escalader Escalader is offline
Massive Poster
  
Join Date: Dec 2005
Location: Land of the Mooses
Posts: 3,636
Default What is TacOnlyOne?
When I ran CCleaner version 618 with the registry scan feature this AM I got the following:

Unused File Extension TacOnlyOne - HKCR\TacOnlyOne

This has occurred several days in a row so it regenerates it self.

SAS and Nod 32 report nothing.

Has anybody here got a clue as to what this is?
__________________
Escalader
i7 8 GB RAM Notebook, 1TB External Drive
Sandboxie, Nod32, OP FW Pro, KeyScrambler, MVPS HOSTS File
IE 9 Hardened Active X,SmartScreen,Tracking Protection
Paragon Backup and Imaging
  #2  
Old August 10th, 2008, 12:46 PM
emperordarius emperordarius is offline
Very Frequent Poster
  
Join Date: Apr 2008
Location: Who cares
Posts: 1,218
Default Re: What is TacOnlyOne?
Quote:
Originally Posted by Escalader
When I ran CCleaner version 618 with the registry scan feature this AM I got the following:

Unused File Extension TacOnlyOne - HKCR\TacOnlyOne

This has occurred several days in a row so it regenerates it self.

SAS and Nod 32 report nothing.

Has anybody here got a clue as to what this is?

A google search reveals that it could be a rogue.

See if there are the following processes and if yes terminate them:


MWLauncher.exe
Install1.exe

Find and delete these files:

MWLauncher.exe
Install1.exe


Search for and Remove the following MalWarrior registry keys:
HKEY_CLASSES_ROOT\TacOnlyOne\MalWarrior
HKEY_CURRENT_USER\Software\Adsl Software Limited\MalWarrior 2007
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TacOnlyOne\MalWarrior
  #3  
Old August 10th, 2008, 01:31 PM
Escalader's Avatar
Escalader Escalader is offline
Massive Poster
  
Join Date: Dec 2005
Location: Land of the Mooses
Posts: 3,636
Default Re: What is TacOnlyOne?
Quote:
Originally Posted by emperordarius
A google search reveals that it could be a rogue.

See if there are the following processes and if yes terminate them:


MWLauncher.exe
Install1.exe

Find and delete these files:

MWLauncher.exe
Install1.exe


Search for and Remove the following MalWarrior registry keys:
HKEY_CLASSES_ROOT\TacOnlyOne\MalWarrior
HKEY_CURRENT_USER\Software\Adsl Software Limited\MalWarrior 2007
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TacOnlyOne\MalWarrior


Thank you. I have searched for the exe's mentioned and they are not on my set up.

A search with jv16 PowerTools 2008 for these keys and programs shows they are NOT present.

I do have Lavasoft's digital lock SW and the registry search showed the entry relates to that SW. Lava must be using their encryption software.

I will run full Nod32 and SAS scans to be "sure".
__________________
Escalader
i7 8 GB RAM Notebook, 1TB External Drive
Sandboxie, Nod32, OP FW Pro, KeyScrambler, MVPS HOSTS File
IE 9 Hardened Active X,SmartScreen,Tracking Protection
Paragon Backup and Imaging
  #4  
Old August 11th, 2008, 02:44 AM
stapp's Avatar
stapp stapp is offline
Very Frequent Poster
  
Join Date: Jan 2006
Location: England
Posts: 2,241
Default Re: What is TacOnlyOne?
Also have a read here

http://www.donationcoder.com/Forums/...?topic=12805.0

it's a registry entry used so that a program knows it should only run
one copy of itself at a time, thus the name.

Hope that applies in your case and not any other reason.
 

Wilders Security Forums > Other Security Topics > malware problems & news « Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 08:12 AM.

Contact Us - SSL - Wilders Security - Archive - TOS/Privacy - Top

Powered by vBulletin® Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2013, Wilders Security Forums