Archive for the 'Startup Type' Category

« Previous Entries
Next Entries »

6l6w8.com is a component of autorun.inf trojan

Saturday, February 14th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: 6l6w8
Filename: 6l6w8.com
Command: F:\6l6w8.com
CLSID: {95aa2c26-00d9-11dd-bc71-0011675aabad}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95aa2c26-00d9-11dd-bc71-0011675aabad}]
shell\AutoRun\command – F:\6l6w8.com
shell\explore\command – F:\6l6w8.com
shell\open\command – F:\6l6w8.com

Description: component of autorun.inf trojan

How to remove: How to remove 6l6w8.com – trojan that uses autorun.inf file

Posted in autorun.inf, Trojan | No Comments »

nlblkhq.com is a component of autorun.inf trojan

Saturday, February 14th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: nlblkhq
Filename: nlblkhq.com
Command: E:\nlblkhq.com
CLSID: {8c482e0e-71d8-11dc-bb4a-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8c482e0e-71d8-11dc-bb4a-00c09fcd8ea0}]
shell\AutoRun\command – E:\nlblkhq.com
shell\explore\command – E:\nlblkhq.com
shell\open\command – E:\nlblkhq.com

Description: component of autorun.inf trojan

How to remove: How to remove nlblkhq.com – trojan that uses autorun.inf file

Posted in autorun.inf, Trojan | No Comments »

RavMon.exe is a component of autorun.inf trojan

Saturday, February 14th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: RavMon
Filename: RavMon.exe
CLSID: {6aa9cf46-be16-11dc-bbe3-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6aa9cf46-be16-11dc-bbe3-00c09fcd8ea0}]
shell\AutoRun\command – RavMon.exe

Description: component of autorun.inf trojan

How to remove: How to remove trojans that uses autorun.inf file

Posted in autorun.inf, Trojan | No Comments »

xn1i9x.com is a component of autorun.inf trojan

Saturday, February 14th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: xn1i9x
Filename: xn1i9x.com
Command: E:\xn1i9x.com
CLSID: {553a93c0-a1bf-11dc-bb98-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{553a93c0-a1bf-11dc-bb98-00c09fcd8ea0}]
shell\AutoRun\command – E:\xn1i9x.com
shell\explore\command – E:\xn1i9x.com
shell\open\command – E:\xn1i9x.com

Description: component of autorun.inf trojan

How to remove: How to remove trojans that uses autorun.inf file

Posted in autorun.inf, Trojan | No Comments »

adp.exe is a component of autorun.inf trojan

Saturday, February 14th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: adp
Filename: adp.exe
Command: E:\adp.exe
CLSID: {0ba21128-2e71-11dc-b73f-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ba21128-2e71-11dc-b73f-00c09fcd8ea0}]
shell\Auto\command – E:\adp.exe
shell\AutoRun\command – C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe

Description: component of autorun.inf trojan

How to remove: How to remove trojans that uses autorun.inf file

Posted in autorun.inf, Trojan | No Comments »

wcs.exe a variant of the Adware/Netproject malware

Saturday, February 14th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: wcs
Filename: wcs.exe
Command: %programfiles%\Applications\wcs.exe
Startup Type: HKLM->Policies\Explorer\Run:
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Policies\Explorer\Run: [smile] C:\Program Files\Applications\wcs.exe

Description: variant of the Adware/Netproject malware

How to remove: Use HijackThis.

Posted in adware, O4, Policies\Explorer\Run | No Comments »

algg.exe is a trojan downloader

Saturday, February 14th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: algg
Filename: algg.exe
Registry key: key
Command: %windir%\system32\algg.exe
Startup Type: HKCU->run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [wblogon] C:\WINDOWS\system32\algg.exe

Description: trojan downloader

How to remove: Use HijackThis.

Posted in O4, Run, Trojan | No Comments »

VirusRL2009.exe is Virus Response Lab 2009 rogue antispyware

Saturday, February 14th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: VirusRL2009
Filename: VirusRL2009.exe
Command: %programfiles%\VirusRL2009\VirusRL2009.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [VirusRL2009] “C:\Program Files\VirusRL2009\VirusRL2009.exe”

Description: Virus Response Lab 2009 rogue antivirus component

How to remove: How to remove VirusResponseLab

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

lockx.exe is a W32/Sdbot-ADD worm

Saturday, February 14th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: lockx
Filename: lockx.exe
Command: %windir%\system32\lockx.exe
Startup Type: HKLM->RunServices, HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\RunServices: [strtas] lockx.exe
O4 – HKCU\..\Run: [strtas] lockx.exe

Description: W32/Sdbot-ADD worm

How to remove: Use HijackThis

Posted in O4, RunServices | No Comments »

bfgtoolbar.dll is adware

Saturday, February 14th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: bfgtoolbar
Filename: bfgtoolbar.dll
Command: [%PROGRAM_FILES%]\bfgtoolbar\bfgtoolbar.dll
CLSID: {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A}
Startup Type: BHO
HijackThis Category: O2
HijackThis Line:

O2 – BHO: (no name) – {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} – (no file)

Description: Adware OneToolBar
Notes: Big Fish Games Toolbar

How to remove: Use HijackThis.

Posted in BHO, O2 | No Comments »

« Previous Entries
Next Entries »