Archive for the 'Rogue Antispyware/Antivirus' Category

« Previous Entries
Next Entries »

What is UpdateExplorer.dll, How to remove UpdateExplorer.dll

Friday, March 12th, 2010

UpdateExplorer.dll is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: UpdateExplorer
Filename: UpdateExplorer.dll
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E2BFE352-A303-4EA8-88FE-CE35361D7E8B}

Command: C:\Windows\System32\UpdateExplorer.dll
CLSID: {E2BFE352-A303-4EA8-88FE-CE35361D7E8B}
Startup Type: BHO
HijackThis Category: O2
HijackThis Line:

O2 – BHO: &UpdateCheck.dll – {E2BFE352-A303-4EA8-88FE-CE35361D7E8B} – C:\Windows\System32\UpdateExplorer.dll

DDS Line:

BHO: &UpdateCheck.dll: {E2BFE352-A303-4EA8-88FE-CE35361D7E8B} – C:\Windows\System32\UpdateExplorer.dll

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E2BFE352-A303-4EA8-88FE-CE35361D7E8B}]
UpdateCheck.dll – C:\Windows\System32\UpdateExplorer.dll

Description: malicious add-on to Internet Explorer that installed by Antivirus 7. Antivirus 7 is a rogue antispyware program.

How to remove: use these Antivirus 7 removal instructions.

Posted in BHO, O2, Rogue Antispyware/Antivirus | No Comments »

What is antivirus7.exe, How to remove antivirus7.exe

Friday, March 12th, 2010

antivirus7.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: antivirus7
Filename: antivirus7.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | AV7

Command: C:\Program Files\AV7\antivirus7.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [AV7] C:\Program Files\AV7\antivirus7.exe

DDS Line:

uRun: [AV7] C:\Program Files\AV7\antivirus7.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“AV7″=C:\Program Files\AV7\antivirus7.exe

Description: core component of Antivirus 7. Antivirus 7 is a rogue antispyware program.

How to remove: use these Antivirus 7 removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | 2 Comments »

What is pc-inspector.net, How to remove pc-inspector.net

Friday, March 12th, 2010

pc-inspector.net is a malicious website

remove The site was created to spread Antivirus Soft. If your browser is redirected to pc-inspector.net, then you should immediately check your PC using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 79.135.152.5
Site addess: pc-inspector.net
Description: pc-inspector.net is not related with legit company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus Soft.

How to remove: use these Antivirus Soft removal instructions in order to remove this infection.

Posted in Rogue Antispyware/Antivirus | Comments Off on What is pc-inspector.net, How to remove pc-inspector.net

What is av-2010.com, How to remove av-2010.com

Friday, March 12th, 2010

av-2010.com is a malicious website

remove The site was created to spread Antivirus Soft. If your browser is redirected to av-2010.com, then you should immediately check your PC using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 79.135.152.5
Site addess: av-2010.com
Description: av-2010.com is not related with legitimate security company and can only be seen on infected computers. The site used to promote the rogue antispyware program called THREATNAME.

How to remove: use these Antivirus Soft removal instructions in order to remove this infection.

Posted in Rogue Antispyware/Antivirus | No Comments »

What is protectsoft.net, How to remove protectsoft.net

Friday, March 12th, 2010

protectsoft.net is a malicious website

remove The site was created to spread Antivirus Soft. If your browser is redirected to protectsoft.net, then you should immediately check your PC using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 195.88.190.54
Site addess: protectsoft.net
Description: protectsoft.net is not related with legit security company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus Soft.

How to remove: use these Antivirus Soft removal instructions in order to remove this infection.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is SmartSecurity.exe, How to remove SmartSecurity.exe

Wednesday, March 10th, 2010

SmartSecurity is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SmartSecurity
Filename: SmartSecurity.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SmartSecurity

Command: C:\Program Files\Smart Security\SmartSecurity.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SmartSecurity] C:\Program Files\Smart Security\SmartSecurity.exe

DDS Line:

uRun: [SmartSecurity] C:\Program Files\Smart Security\SmartSecurity.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“SmartSecurity”=C:\Program Files\Smart Security\SmartSecurity.exe

Description: core component of SmartSecurity. SmartSecurity (Smart Security) is a rogue antispyware program.

How to remove: use these SmartSecurity removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

CleanUp Antivirus – CUA[random].exe

Wednesday, March 10th, 2010

CUA[random].exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: CleanUp Antivirus
Filename: CUA[random].exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | CleanUp Antivirus

Command: C:\Documents and Settings\All Users\Application Data\9be96\CU515.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [CleanUp Antivirus] “C:\Documents and Settings\All Users\Application Data\9be96\CU515.exe” /s /d

DDS Line:

uRun: [CleanUp Antivirus] C:\Documents and Settings\All Users\Application Data\9be96\CU515.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“CleanUp Antivirus”=C:\Documents and Settings\All Users\Application Data\9be96\CU515.exe

Description: core component of CleanUp Antivirus. CleanUp Antivirus is a fake antivirus program, that also known as rogue antispyware.

How to remove: use these CleanUp Antivirus removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is AV-Guru.net, How to remove AV-Guru.net

Sunday, March 7th, 2010

AV-Guru.net is a malicious website

remove The site was created to spread Antivirus Soft. If your browser is redirected to AV-Guru.net, then you should immediately check your PC using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 79.135.152.5
Site addess: AV-Guru.net
Description: AV-Guru.net is not related with legit security company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus Soft.

How to remove: use these Antivirus Soft removal instructions in order to remove this infection.

Posted in Rogue Antispyware/Antivirus | No Comments »

What is avcommand.net, How to remove avcommand.net

Monday, March 1st, 2010

avcommand.net is a malicious website

remove The site was created to spread Antivirus Soft. If your browser is redirected to avcommand.net, then you should immediately check your PC using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 79.135.152.5
Site addess: avcommand.net
Description: avcommand.net is not related with legitimate security company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus Soft.

How to remove: use these Antivirus Soft removal instructions in order to remove this infection.

Posted in Rogue Antispyware/Antivirus | No Comments »

What is drguard.exe, How to remove drguard.exe

Sunday, February 28th, 2010

drguard.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: drguard
Filename: drguard.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Dr. Guard

Command: C:\Program Files\Dr. Guard\drguard.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Dr. Guard] “C:\Program Files\Dr. Guard\drguard.exe” -noscan

DDS Line:

uRun: [Dr. Guard] C:\Program Files\Dr. Guard\drguard.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Dr. Guard”=C:\Program Files\Dr. Guard\drguard.exe

Description: core component of Dr. Guard. Dr. Guard is a rogue antispyware program.

How to remove: use these Dr. Guard removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

« Previous Entries
Next Entries »