Archive for the 'Service' Category

svchasts.exe is a component of Windows Police Pro

Monday, August 31st, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: svchasts
Filename: svchasts.exe
Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\antippro2009_100

Command: C:\WINDOWS\svchasts.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: AntipPro2009_100 (AntipyProex) – Unknown owner – C:\WINDOWS\svchasts.exe

Combofix/RSIT Line:

R2 AntipPro2009_100;AntipyProex; C:\WINDOWS\svchasts.exe [2009-08-31 163840]

Description: component of Windows Police Pro (rogue antispyware program)

How to remove: use these Windows Police Pro removal instructions.

BlockDefenseSvc.exe is component of BlockDefense

Friday, August 28th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: BlockDefenseSvc
Filename: BlockDefenseSvc.exe
Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\blockdefensesvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\blockdefensesvc

Command: C:\Program Files\BlockDefense Software\BlockDefense\BlockDefenseSvc.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: BlockDefense Security Service (BlockDefenseSvc) – Unknown owner – C:\Program Files\BlockDefense Software\BlockDefense\BlockDefenseSvc.exe

Description: component of BlockDefense (rogue antispyware program)

How to remove: use these BlockDefense removal instructions.

SaveDefenseSvc.exe is component of SaveDefense

Thursday, August 27th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SaveDefenseSvc
Filename: SaveDefenseSvc.exe
Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SaveDefenseSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SaveDefenseSvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SaveDefenseSvc

Command: C:\Program Files\SaveDefense Software\SaveDefense\SaveDefenseSvc.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: SaveDefense Security Service (SaveDefenseSvc) – Unknown owner – C:\Program Files\SaveDefense Software\SaveDefense\SaveDefenseSvc.exe

Description: component of SaveDefense (rogue antispyware program)

How to remove: use these SaveDefense removal instructions.

TrustNinjaSvc.exe is component of TrustNinja

Thursday, August 27th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: TrustNinjaSvc
Filename: TrustNinjaSvc.exe
Command: C:\Program Files\TrustNinja Software\TrustNinja\TrustNinjaSvc.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: TrustNinja Security Service (TrustNinjaSvc) – Unknown owner – C:\Program Files\TrustNinja Software\TrustNinja\TrustNinjaSvc.exe

Description: component of TrustNinja (rogue antispyware program)

How to remove: use these TrustNinja removal instructions.

SaveSoldierSvc.exe is a component of SaveSoldier

Tuesday, August 25th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SaveSoldierSvc
Filename: SaveSoldierSvc.exe
Command: C:\Program Files\SaveSoldier Software\SaveSoldier\SaveSoldierSvc.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: SaveSoldier Security Service (SaveSoldierSvc) – Unknown owner – C:\Program Files\SaveSoldier Software\SaveSoldier\SaveSoldierSvc.exe

Description: component of SaveSoldier (rogue antispyware program)

How to remove: use these SaveSoldier removal instructions.

WiniShieldSvc.exe is a component of WiniShield

Saturday, August 15th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: WiniShieldSvc
Filename: WiniShieldSvc.exe
Command: C:\Program Files\WiniShield Software\WiniShield\WiniShieldSvc.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: WiniShield Security Service (WiniShieldSvc) – Unknown owner – C:\Program Files\WiniShield Software\WiniShield\WiniShieldSvc.exe

Description: component of WiniShield (rogue antispyware program)

How to remove: use these WiniShield removal instructions

svchast.exe is a component of Windows Antivirus Pro

Monday, July 27th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: svchast
Filename: svchast.exe
Command: C:\WINDOWS\svchast.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: AntipyPro_12 (AntipPro2009_12) – Unknown owner – C:\WINDOWS\svchast.exe

Combofix/RSIT Line:

S2 AntipPro2009_12;AntipyPro_12; C:\WINDOWS\svchast.exe

Description: component of Windows Antivirus Pro (fake antivirus program)

How to remove: use these Windows Antivirus Pro removal instructions.

WiniFighterSvc.exe is component of WiniFighter

Friday, July 10th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: WiniFighterSvc
Filename: WiniFighterSvc.exe
Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winifightersvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\winifightersvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winifightersvc

Command: C:\Program Files\WiniFighter Software\WiniFighter\WiniFighterSvc.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: WiniFighter Security Service (WiniFighterSvc) – Unknown owner – C:\Program Files\WiniFighter Software\WiniFighter\WiniFighterSvc.exe

How to remove: use these WiniFighter removal instructions.

drv.sys is worm Koobface

Saturday, July 4th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: drv
Filename: drv.sys
Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DRV
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\drv
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost | drv

Command: c:\program files\drv\drv.sys
Startup Type: driver, svchost
Combofix/RSIT Line:

R1 drvdrv;drvdrv;c:\program files\drv\drv.sys [7/1/2009 2:55 PM 9344]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
drv REG_MULTI_SZ drv

Description: worm Koobface also known as Win32.Agent.auoy, Trojan-Dropper.Agent

How to remove: use Malwarebytes Antimalware

msncache is a trojan component

Saturday, June 27th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: msncache
Startup Type: Service (svchost)
Combofix/RSIT Line:

R2 msncache;msncache; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]

Description: Unknown trojan component