Archive for the 'HijackThis' Category

« Previous Entries
Next Entries »

VDoca582.exe is main file of Virus Doctor

Saturday, May 2nd, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: VDoca582
Filename: VDoca582.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Virus Doctor

Command: C:\Documents and Settings\All Users\Application Data\927e\VDoca582.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Virus Doctor] “C:\Documents and Settings\All Users\Application Data\927e\VDoca582.exe” /s /d

Description: main file of Virus Doctor (rogue antivirus program)

How to remove: use the instructions How to remove Virus Doctor

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

TotalVirusProtection.exe is main file of Total Virus Protection

Friday, May 1st, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: TotalVirusProtection
Filename: TotalVirusProtection.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Total Virus Protection

Command: C:\Program Files\TotalVirusProtection\TotalVirusProtection.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [Total Virus Protection] C:\Program Files\TotalVirusProtection\TotalVirusProtection.exe

Description: main file of Total Virus Protection (rogue antispyware program)

How to remove: use the instructions How to remove Total Virus Protection (Delete instructions)

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

firewall.dll is a component of CoreGuard Antivirus 2009

Thursday, April 30th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: firewall
Filename: firewall.dll
Command: c:\program files\coreguard antivirus 2009\firewall.dll
Startup Type: Winsock LSP
HijackThis Category: O10
HijackThis Line:

O10 – Unknown file in Winsock LSP: c:\program files\coreguard antivirus 2009\firewall.dll

Description: component of CoreGuard Antivirus 2009

How to remove: use the instructions How to remove CoreGuard Antivirus 2009 (Uninstall instructions)

Posted in LSP, O10, Rogue Antispyware/Antivirus | No Comments »

Coreguard 2009.exe is main file of CoreGuard Antivirus 2009

Thursday, April 30th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: Coreguard 2009
Filename: Coreguard 2009.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Coreguard Antivirus 2009

Command: C:\Program Files\Coreguard Antivirus 2009\Coreguard 2009.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Coreguard Antivirus 2009] C:\Program Files\Coreguard Antivirus 2009\Coreguard 2009.exe

Description: main file of CoreGuard Antivirus 2009 (rogue antivirus/antispyware program)

How to remove: use the instructions How to remove CoreGuard Antivirus 2009 (Uninstall instructions)

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

pcam.exe is main file of PCAntiMalware

Thursday, April 30th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: pcam
Filename: pcam.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | PCAntiMalware

Command: c:\program files\pcantimalware\pcam.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [PCAntiMalware] “c:\program files\pcantimalware\pcam.exe” /min

Description: main file of PCAntiMalware (rogue antispyware program)

How to remove: use the instructions How to remove PCAntiMalware (Uninstall Guide)

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

VShield.exe is malware, main file of Virus Shield 2009

Thursday, April 30th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: VShield
Filename: VShield.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Virus Shield 2009

Command: C:\Documents and Settings\All Users\Application Data\f5bc4e8\VShield.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Virus Shield 2009] “C:\Documents and Settings\All Users\Application Data\f5bc4e8\VShield.exe” /s /d

Description: main file of Virus Shield 2009 – rogue antispyware program.

How to remove: use the instructions How to remove Virus Shield 2009 (Uninstall instructions)

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

sysguard.exe is main file of Spyware Protect 2009

Tuesday, April 28th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: sysguard
Filename: sysguard.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | system tool

Command: C:\WINDOWS\sysguard.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [system tool] C:\WINDOWS\sysguard.exe

Description: filename of main file of Spyware Protect 2009 and Antivirus System PRO. Both apps are rogue antispyware programs.

How to remove: use these Spyware Protect 2009 removal instructions or use these Antivirus System PRO removal instructions

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

iehelper.dll is a trojan bho

Tuesday, April 28th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: iehelper
Filename: iehelper.dll
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABD42510-9B22-41cd-9DCD-8182A2D07C63}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}

Command: C:\WINDOWS\system32\iehelper.dll
CLSID:

{ABD42510-9B22-41cd-9DCD-8182A2D07C63}
{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}

Startup Type: BHO
HijackThis Category: O2
HijackThis Line:

O2 – BHO: BHO – {ABD42510-9B22-41cd-9DCD-8182A2D07C63} – C:\WINDOWS\system32\iehelper.dll
O2 – BHO: BHO – {BAD4551D-9B24-42cb-9BCD-818CA2DA7B63} – C:\WINDOWS\system32\iehelper.dll

Description: trojan bho, installed with Spyware Protect 2009 and Antivirus System PRO

How to remove: use HijackThis or use these Spyware Protect 2009 removal instructions or use these Antivirus System PRO removal instructions.

Posted in BHO, O4, Rogue Antispyware/Antivirus, Trojan | No Comments »

msas2009.exe is main file MS Antispyware 2009

Tuesday, April 28th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: msas2009
Filename: msas2009.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | MS AntiSpyware 2009

Command: C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\msas2009.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [MS AntiSpyware 2009] “C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\msas2009.exe” /autorun

Description: main file MS Antispyware 2009 (rogue antispyware program)

How to remove: use the instructions How to remove MS Antispyware 2009

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

AntivirusPro2009.exe is main file Antivirus Pro 2009

Tuesday, April 28th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: AntivirusPro2009
Filename: AntivirusPro2009.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Antivirus Pro 2009

Command: C:\Program Files\AntivirusPro2009\AntivirusPro2009.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [Antivirus Pro 2009] “C:\Program Files\AntivirusPro2009\AntivirusPro2009.exe” /hide

Description: main file Antivirus Pro 2009 (rogue antispyware program)

How to remove: use the instructions How to remove Antivirus Pro 2009

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

« Previous Entries
Next Entries »