Archive for the 'Startup Type' Category
Monday, January 26th, 2009
This is an harmful program.
Name: systemguard
Filename: systemguard.exe
Command: C:\Program Files\System Guard 2009\systemguard.exe
Startup Type: registry run key
HijackThis Category: O4
Description: main file of System Guard 2009
How to remove: How to remove System Guard 2009 (Delete instructions)
Posted in O4, Run | No Comments »
Monday, January 19th, 2009
This is an harmful program.
Name: AntivirusXP
Filename: AntivirusXP.exe
Command: C:\Program Files\AntivirusXP\AntivirusXP.exe
Startup Type:HKCU->Run
HijackThis Category:O4
HijackThis log line: O4 – HKCU\..\Run: [AntivirusXP.exe] C:\Program Files\AntivirusXP\AntivirusXP.exe
Description: component of Antivirus XP Pro rogue antispyware
How to remove: How to remove Antivirus XP Pro
Posted in O4, Run | No Comments »
Monday, January 19th, 2009
This is an harmful program.
Name: takqx
Filename: takqx.exe
Command: c:\windows\system32\takqx.exe
Startup Type: driver
RSIT/Combofix log line: S4 takqx;takqx;c:\windows\system32\takqx.exe [2009-01-15 20480]
Description: unknown trojan
Posted in Driver, Trojan | No Comments »
Monday, January 19th, 2009
This is an harmful program.
Name: jtgk
Filename: jtgk.exe
Command: c:\windows\system32\jtgk.exe
Startup Type: driver
RSIT/Combofix log line: S4 jtgk;jtgk;c:\windows\system32\jtgk.exe [2009-01-1 24576]
Description: unknown trojan
Posted in Driver, Trojan | No Comments »
Monday, January 19th, 2009
This is an harmful program.
Name: jlgk
Filename: jlgk.exe
Command: c:\windows\system32\jlgk.exe
Startup Type: driver
RSIT/Combofix log line: S4 jlgk;jlgk;c:\windows\system32\jlgk.exe [2009-01-1 24576]
Description: unknown trojan
Posted in Driver, Trojan | No Comments »
Sunday, January 18th, 2009
This is an harmful program.
Name: sic32
Filename: sic32.exe
Registry key:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce5b3fc5-8964-11dc-8106-d519e4d51f80}\shell\AutoRun\command HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce5b3fc5-8964-11dc-8106-d519e4d51f80}\shell\open\command
Command: F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sic32.exe
CLSID {ce5b3fc5-8964-11dc-8106-d519e4d51f80}
Startup Type: autorun.inf
Description: autorun.inf trojan component
How to remove: How to remove trojans that uses autorun.inf file
Posted in autorun.inf, Trojan | No Comments »
Sunday, January 18th, 2009
This is an harmful program.
Name: oufddh
Filename: oufddh.exe
Registry key:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bf9cdffb-887f-11dd-83c9-b13a56a6fdb8}\shell\AutoRun\command HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bf9cdffb-887f-11dd-83c9-b13a56a6fdb8}\shell\explore\command HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bf9cdffb-887f-11dd-83c9-b13a56a6fdb8}\shell\open\command
Command: F:\oufddh.exe
CLSID {bf9cdffb-887f-11dd-83c9-b13a56a6fdb8}
Startup Type: autorun.inf
Description: autorun.inf trojan component
How to remove: How to remove trojans that uses autorun.inf file
Posted in autorun.inf, Trojan | No Comments »
Sunday, January 18th, 2009
This is an harmful program.
Name: MicrSoft
Filename: MicrSoft.exe
Registry key:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9b12973a-ba55-11dd-8480-00e04c5add14}shell\AutoRun\command HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9b12973a-ba55-11dd-8480-00e04c5add14}\shell\Explore\command HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9b12973a-ba55-11dd-8480-00e04c5add14}\shell\Open\command
Command: c:\MicrSoft.exe
CLSID {9b12973a-ba55-11dd-8480-00e04c5add14}
Startup Type: autorun.inf
Description: autorun.inf trojan component
How to remove: How to remove trojans that uses autorun.inf file
Posted in autorun.inf, Trojan | No Comments »
Sunday, January 18th, 2009
This is an harmful program.
Name: ise
Filename: ise.exe
Registry key:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9a8a5363-802a-11dd-83b5-b358442cdd6a}\shell\AutoRun\command
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9a8a5363-802a-11dd-83b5-b358442cdd6a}\shell\open\command
Description: autorun.inf trojan component
Startup Type: autorun.inf
Command: c:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe
CLSID: {9a8a5363-802a-11dd-83b5-b358442cdd6a}
How to remove: How to remove trojans that uses autorun.inf file
Posted in autorun.inf, Trojan | No Comments »
Sunday, January 18th, 2009
This is an harmful program.
Name: nideiect
Filename: nideiect.com
Registry key:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91f4a4f4-a12d-11dd-8410-00e04c5add14}\shell\AutoRun\command HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91f4a4f4-a12d-11dd-8410-00e04c5add14}\shell\explore\command HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91f4a4f4-a12d-11dd-8410-00e04c5add14}\shell\open\command
Startup Type: autorun.inf
Command: G:\nideiect.com
CLSID: {91f4a4f4-a12d-11dd-8410-00e04c5add14}
Description: autorun.inf trojan component
How to remove: How to remove trojans that uses autorun.inf file
Posted in autorun.inf, Trojan | No Comments »
