Archive for the 'Startup Type' Category

« Previous Entries
Next Entries »

rwg.exe is component of Green AV

Sunday, September 20th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: rwg
Filename: rwg.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | RANDOM CHARACTERS

Command: C:\Documents and Settings\All Users\Application Data\gwr\rwg.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [RANDOM CHARACTERS] C:\Documents and Settings\All Users\Application Data\gwr\rwg.exe

Description: component of Green AV rogue antivirus program

How to remove: use these Green AV removal instructions

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

WStech.dll is trojan FakeAlert, component of Green AV

Sunday, September 20th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: WStech
Filename: WStech.dll
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5DBD8CB-DF8A-4992-A655-B155216F6AFB}

Command: C:\Documents and Settings\All Users\Application Data\gra\WStech.dll
CLSID: {A5DBD8CB-DF8A-4992-A655-B155216F6AFB}
Startup Type: BHO
HijackThis Category: O2
HijackThis Line:

O2 – BHO: WStechB – {A5DBD8CB-DF8A-4992-A655-B155216F6AFB} – C:\Documents and Settings\All Users\Application Data\gra\WStech.dll

Description: trojan FakeAlert that installed by Green AV rogue antispyware program

How to remove: use these Green AV removal instructions

Posted in BHO, O2, Rogue Antispyware/Antivirus, Trojan | No Comments »

What is TrustWarrior.exe, how to remove TrustWarrior.exe

Thursday, September 17th, 2009

TrustWarrior.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: TrustWarrior
Filename: TrustWarrior.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | TrustWarrior

Command: C:\Program Files\TrustWarrior Software\TrustWarrior\TrustWarrior.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [TrustWarrior] C:\Program Files\TrustWarrior Software\TrustWarrior\TrustWarrior.exe -min

Description: main component of TrustWarrior rogue antispyware software that detects false scan results and displays fake security alerts as a method of scaring you into buying the software.

How to remove: use these TrustWarrior removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

WIa5bc.exe – Windows PC Defender

Thursday, September 17th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: WIa5bc
Filename: WIa5bc.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Windows PC Defender

Command: C:\Documents and Settings\All Users\Application Data\a5bc4e8\WIa5bc.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Windows PC Defender] “C:\Documents and Settings\All Users\Application Data\a5bc4e8\WIa5bc.exe” /s /d

Description: WIa5bc.exe is a component of Windows PC Defender rogue antispyware program.

How to remove: use these Windows PC Defender removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is _ex-08.exe, How to remove _ex-08.exe

Monday, September 14th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: _ex-08
Filename: _ex-08.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | PromoReg

Command: C:\WINDOWS\Temp\_ex-08.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [PromoReg] C:\WINDOWS\Temp\_ex-08.exe

Description: Trojan.Agent

How to remove: use MalwareBytes Anti-malware.

Posted in O4, Run, Trojan | 4 Comments »

What is SoftSafeness.exe, How to remove SoftSafeness.exe

Monday, September 14th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SoftSafeness
Filename: SoftSafeness.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SoftSafeness

Command: C:\Program Files\SoftSafeness Software\SoftSafeness\SoftSafeness.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SoftSafeness] C:\Program Files\SoftSafeness Software\SoftSafeness\SoftSafeness.exe -min

Description: main component of SoftSafeness rogue antispyware program.

How to remove: use these SoftSafeness removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is SafetyKeeper.exe, How to remove SafetyKeeper.exe

Thursday, September 10th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SafetyKeeper
Filename: SafetyKeeper.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SafetyKeeper

Command: :\Program Files\SafetyKeeper Software\SafetyKeeper\SafetyKeeper.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SafetyKeeper] C:\Program Files\SafetyKeeper Software\SafetyKeeper\SafetyKeeper.exe -min

Description: SafetyKeeper.exe is main component of SafetyKeeper rogue antispyware program.

How to remove: use these SafetyKeeper removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is SaveKeeper.exe, How to remove SaveKeeper.exe

Wednesday, September 9th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SaveKeeper
Filename: SaveKeeper.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SaveKeeper

Command: C:\Program Files\SaveKeeper Software\SaveKeeper\SaveKeeper.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SaveKeeper] C:\Program Files\SaveKeeper Software\SaveKeeper\SaveKeeper.exe -min

Description: main component of SaveKeeper (rogue antispyware program)

How to remove: use these SaveKeeper removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is q1pdsdjx.exe, How to remove q1pdsdjx.exe

Wednesday, September 9th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: q1pdsdjx
Filename: q1pdsdjx.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | q1pdsdjx.exe

Command: C:\WINDOWS\system32\q1pdsdjx.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [q1pdsdjx.exe] C:\WINDOWS\system32\q1pdsdjx.exe

Description: component of SaveKeeper that shows fake Windows Security Center.
Notes:

How to remove: use these SaveKeeper removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is personalguard.exe, How to remove personalguard.exe

Tuesday, September 8th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: personalguard
Filename: personalguard.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | personalguard

Command: C:\Program Files\Personal Guard 2009\personalguard.exe
Startup Type:HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [personalguard] C:\Program Files\Personal Guard 2009\personalguard.exe

Description: added by Personal Guard 2009 rogue antispyware program.

How to remove: use these Personal Guard 2009 removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

« Previous Entries
Next Entries »