HT Logs. Tips, FAQs, Analyze.

ccagent.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: ccagent
Filename: ccagent.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | ccagent.exe

Command: C:\Documents and Settings\user\Application Data\Control Components\ccagent.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [ccagent.exe] C:\Documents and Settings\user\Application Data\Control Components\ccagent.exe

DDS Line:

uRun: [ccagent.exe] C:\Documents and Settings\user\Application Data\Control Components\ccagent.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“ccagent.exe”=C:\Documents and Settings\user\Application Data\Control Components\ccagent.exe

Description: core component of Control Components (also known as Control Center). Control Components is a fake Windows optimization program.

How to remove: use these Control Components removal instructions.

Security Guard – SG[random].exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: SG[random]
Filename: SG[random].exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Security Guard

Command: C:\Documents and Settings\All Users\Application Data\17c1f\SGf9a.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Security Guard] “C:\Documents and Settings\All Users\Application Data\17c1f\SGf9a.exe” /s /d

DDS Line:

uRun: [Security Guard] C:\Documents and Settings\All Users\Application Data\17c1f\SGf9a.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Security Guard”=C:\Documents and Settings\All Users\Application Data\17c1f\SGf9a.exe

Description: core component of Security Guard. Security Guard is a rogue antispyware progrm.

How to remove: use these Security Guard removal instructions.

Virdef.net is a malicious website

The site was created to spread Antivirus Soft. If your browser is redirected to Virdef.net, then you should immediately check your PC using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 193.33.115.89
Site addess: Virdef.net
Description: Virdef.net is not related with legitimate security company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus Soft.

How to remove: use these Antivirus Soft removal instructions in order to remove this infection.

info-defender.com is a malicious website

The site was created to spread Antivirus Soft. If your browser is redirected to info-defender.com, then you should immediately check your PC using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 79.135.152.5
Site addess: info-defender.com
Description: info-defender.com is not related with Microsoft company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus Soft.

How to remove: use these Antivirus Soft removal instructions in order to remove this infection.

virus-cleaner.net is a malicious website

The site was created to spread Antivirus Soft. If your browser is redirected to virus-cleaner.net, then you should immediately check your PC using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 79.135.152.5
Site addess: virus-cleaner.net
Description: virus-cleaner.net is not related with legit security company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus Soft.

How to remove: use these Antivirus Soft removal instructions in order to remove this infection.

diskperfxp.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: diskperfxp
Filename: diskperfxp.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | diskperfxp.exe

Command: %UserProfile%\LOCALS~1\Temp\diskperfxp.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [diskperfxp.exe] C:\DOCUME~1\user\LOCALS~1\Temp\diskperfxp.exe

DDS Line:

uRun: [diskperfxp.exe] C:\DOCUME~1\user\LOCALS~1\Temp\diskperfxp.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“diskperfxp.exe”=C:\DOCUME~1\user\LOCALS~1\Temp\diskperfxp.exe

Description: trojan fakeAlert that displays a lot fake security alerts and downloads and installs User Protection onto your computer. User Protection is a rogue antispyware program.

How to remove: use these User Protection removal instructions.

usrprot.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: usrprot
Filename: usrprot.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | User Protection

Command: C:\Program Files\User Protection\usrprot.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [User Protection] “C:\Program Files\User Protection\usrprot.exe” -noscan

DDS Line:

uRun: [User Protection] C:\Program Files\User Protection\usrprot.exe

Combofix/RSIT Line:

<[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "User Protection"=C:\Program Files\User Protection\usrprot.exe

Description: core component of User Protection. User Protection is a rogue antispyware program.

How to remove: use these User Protection removal instructions.

ave.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: ave
Filename: ave.exe
Registry key:

HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\secfile

Command: %Appdata%\ave.exe
Startup Type: File associations
Description: core component of Total Vista Security (Vista Security Tool 2010). Total Vista Security (Vista Security Tool 2010) is a rogue antispyware program.

How to remove: use these ave.exe removal instructions.

infoprotector.net is a malicious website

The site was created to spread Antivirus Soft. If your browser is redirected to infoprotector.net, then you should immediately check your PC using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 195.88.190.54
Site addess: infoprotector.net
Description: infoprotector.net is not related with legitimate security company and can only be seen on infected computers. The site used to promote the rogue antispyware program called THREATNAME.

How to remove: use these Antivirus Soft removal instructions in order to remove this infection.

Info-protector.com is a malicious website

The site was created to spread Antivirus Soft. If your browser is redirected to Info-protector.com, then you should immediately check your PC using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 79.135.152.5
Site addess: Info-protector.com
Description: Info-protector.com is not related with legit Security company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus Soft.

How to remove: use these Antivirus Soft removal instructions in order to remove this infection.