Archive for the 'HijackThis' Category
Sunday, March 1st, 2009
This is an harmful program.
Name: angpd
Filename: angpd.exe
Command: C:\Program Files\Common Files\System\mgnc\angpd.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [62964419826679261] C:\Program Files\Common Files\System\mgnc\angpd.exe
Description: component of ANG AntiVirus 09
How to remove: use the instructions How to remove ANG AntiVirus 09 (Delete instructions) or use HijackThis.
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Sunday, March 1st, 2009
This is an harmful program.
Name: WiniGuard
Filename: WiniGuard.exe
Command: c:\program files\winiguard software\winiguard\WiniGuard.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [WiniGuard] “c:\program files\winiguard software\winiguard\WiniGuard.exe” -min
Description: main component of WiniGuard (rogue antispyware)
How to remove: use these instructions How to remove WiniGuard (Delete instructions)
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Sunday, March 1st, 2009
This is an harmful program.
Name: baloon
Filename: baloon.exe
Command: c:\windows\system32\baloon.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [c:\windows\system32\baloon.exe] c:\windows\system32\baloon.exe
Description: trojan FakeAlert (Found with WiniGuard)
How to remove: use these instructions How to remove WiniGuard or Use HijackThis
Posted in O4, Run, Trojan | No Comments »
Sunday, March 1st, 2009
This is an harmful program.
Name: cfrog
Filename: cfrog.exe
Command: c:\windows\system32\cfrog.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [c:\windows\system32\cfrog.exe] c:\windows\system32\cfrog.exe
Description: component of WiniGuard
How to remove: Use HijackThis
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Sunday, March 1st, 2009
This is an harmful program.
Name: promo
Filename: promo.exe
Command: c:\windows\system32\promo.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [promo.exe] c:\windows\system32\promo.exe
Description: trojan (found with WiniGuard)
How to remove: How to remove WiniGuard (Delete instructions) or Use HijackThis.
Posted in O4, Run, Trojan | No Comments »
Saturday, February 28th, 2009
This is an harmful program.
Name: xivop
Filename: xivop.exe
Command: C:\WINDOWS\xivop.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [xivop] C:\WINDOWS\xivop.exe
Description: component of unknown malware
How to remove: Use HijackThis
Posted in Malware, O4, Run | No Comments »
Saturday, February 28th, 2009
This is an harmful program.
Name: qwbqgkxr
Filename: qwbqgkxr.exe
Command: C:\WINDOWS\qwbqgkxr.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [MaG78PfJs] C:\WINDOWS\qwbqgkxr.exe
Description: component of unknown malware
How to remove: Use HijackThis
Posted in Malware, O4, Run | No Comments »
Saturday, February 28th, 2009
This is an harmful program.
CLSID: {69135BDE-5FDC-4B61-98AA-82AD2091BCCC}
Startup Type: BHO
HijackThis Category: O2
HijackThis Line:
O2 – BHO: (no name) – {69135BDE-5FDC-4B61-98AA-82AD2091BCCC} – (no file)
Combofix/RSIT Line:
Description: part of SPYW_IMISERV.C, looks here
How to remove: Use HijackThis
Posted in BHO, Malware, O2 | No Comments »
Saturday, February 28th, 2009
This is an harmful program.
Name: wcpfvd
Filename: wcpfvd.dll
Startup Type: AppInit DLLs
HijackThis Category: O20
HijackThis Line:
O20 – AppInit_DLLs: wcpfvd.dll
Description: component of a trojan
How to remove: Use HijackThis
Posted in AppInit DLLs, O20, Trojan | No Comments »
Saturday, February 28th, 2009
This is an harmful program.
Name: ntdll64
Filename: ntdll64.dll
Command: c:\windows\temp\ntdll64.dll
Startup Type: LSP
HijackThis Category: O10
HijackThis Line:
O10 – Unknown file in Winsock LSP: c:\windows\temp\ntdll64.dll
Description: Trojan
How to remove: How to use LSP Fix to repair Winsock 2 settings
Posted in LSP, O10, Trojan | No Comments »
