HT Logs. Tips, FAQs, Analyze.

mdefense.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: mdefense
Filename: mdefense.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Malware Defense

Command: C:\Program Files\Malware Defense\mdefense.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Malware Defense] “C:\Program Files\Malware Defense\mdefense.exe” -noscan

DDS Line:

uRun: [Malware Defense] C:\Program Files\Malware Defense\mdefense.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Malware Defense”=C:\Program Files\Malware Defense\mdefense.exe [2009-12-20 1756088]

Description: core component of Malware Defense. Malware Defense is a rogue antispyware program.

How to remove: use these Malware Defense removal instructions.

SysDefence.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: SysDefence
Filename: SysDefence.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SysDefence.exe

Command: C:\Program Files\SysDefence Software\SysDefence\SysDefence.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SysDefence.exe] C:\Program Files\SysDefence Software\SysDefence\SysDefence.exe

DDS Line:

uRun: [SysDefence.exe] C:\Program Files\SysDefence Software\SysDefence\SysDefence.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“SysDefence.exe”=C:\Program Files\SysDefence Software\SysDefence\SysDefence.exe [2009-12-17 1638912]

Description: core component of SysDefence. SysDefence is positioned as an anti-spyware software, but in reality it is a malicious program, which must be removed immediately after getting on the computer!

How to remove: use these SysDefence removal instructions.

TheDefend.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: TheDefend
Filename: TheDefend.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | TheDefend.exe

Command: C:\Program Files\TheDefend Software\TheDefend\TheDefend.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [TheDefend.exe] C:\Program Files\TheDefend Software\TheDefend\TheDefend.exe

DDS Line:

uRun: [TheDefend.exe] C:\Program Files\TheDefend Software\TheDefend\TheDefend.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“TheDefend.exe”=C:\Program Files\TheDefend Software\TheDefend\TheDefend.exe [2009-12-17 1638912]

Description: core component of TheDefend. TheDefend is positioned as a program to remove malware, but in reality it is a malicious program, which must be removed immediately after getting on the computer!

How to remove: use these TheDefend removal instructions.

winsecurepro2010.microsoft.com is a malicious website

The site was created to spread Antivirus Live. If your browser is redirected to winsecurepro2010.microsoft.com, then you should immediately check your PC using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Site addess: winsecurepro2010.microsoft.com
Description: winsecurepro2010.microsoft.com is not related with Microsoft company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus Live.

How to remove: use these Antivirus Live removal instructions in order to remove this infection.

GuardPcs.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: GuardPcs
Filename: GuardPcs.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | GuardPcs.exe

Command: C:\Program Files\GuardPcs Software\GuardPcs\GuardPcs.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [GuardPcs.exe] C:\Program Files\GuardPcs Software\GuardPcs\GuardPcs.exe

DDS Line:

uRun: [GuardPcs.exe] C:\Program Files\GuardPcs Software\GuardPcs\GuardPcs.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“GuardPcs.exe”=C:\Program Files\GuardPcs Software\GuardPcs\GuardPcs.exe [2009-12-15 1638912]

Description: core component of GuardPcs. GuardPcs is a rogue antispyware program.

How to remove: use these GuardPcs removal instructions.

IGuardPc.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: IGuardPc
Filename: IGuardPc.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | IGuardPc.exe

Command: C:\Program Files\IGuardPc Software\IGuardPc\IGuardPc.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [IGuardPc.exe] C:\Program Files\IGuardPc Software\IGuardPc\IGuardPc.exe

DDS Line:

uRun: [IGuardPc.exe] C:\Program Files\IGuardPc Software\IGuardPc\IGuardPc.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“IGuardPc.exe”=C:\Program Files\IGuardPc Software\IGuardPc\IGuardPc.exe [2009-12-12 1798144]

Description: core component of IGuardPc. IGuardPc is a rogue antispyware program.

How to remove: use these IGuardPc removal instructions.

IS2010.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: IS2010
Filename: IS2010.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Internet Security 2010

Command: C:\Program Files\InternetSecurity2010\IS2010.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe

DDS Line:

uRun: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Internet Security 2010″=C:\Program Files\InternetSecurity2010\IS2010.exe [2009-12-11 1391616]

Description: core component of Internet Security 2010. Internet Security 2010 is a rogue antispyware program.

How to remove: use these Internet Security 2010 removal instructions.

SiteAdware.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: SiteAdware
Filename: SiteAdware.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SiteAdware.exe

Command: C:\Program Files\SiteAdware Software\SiteAdware\SiteAdware.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SiteAdware.exe] C:\Program Files\SiteAdware Software\SiteAdware\SiteAdware.exe

DDS Line:

uRun: [SiteAdware.exe] C:\Program Files\SiteAdware Software\SiteAdware\SiteAdware.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“SiteAdware.exe”=C:\Program Files\SiteAdware Software\SiteAdware\SiteAdware.exe [2009-12-11 1638912]

Description: core component of SiteAdware. SiteAdware is a rogue antispyware program.

How to remove: use these SiteAdware removal instructions.

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: name
Filename: filename
Registry key:

Command: C:\Documents and Settings\All Users\Application Data\RANDOM_NUMBERS\RANDOM_NUMBERS.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [RANDOM_NUMBERS] C:\Documents and Settings\All Users\Application Data\RANDOM_NUMBERS\RANDOM_NUMBERS.exe

DDS Line:

mRun: [RANDOM_NUMBERS] C:\Documents and Settings\All Users\Application Data\RANDOM_NUMBERS\RANDOM_NUMBERS.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“RANDOM_NUMBERS”=C:\Documents and Settings\All Users\Application Data\RANDOM_NUMBERS\RANDOM_NUMBERS.exe

Description: core component of Security Tool. Security Tool is a rogue antispyware program.

How to remove: use these Security Tool removal instructions.

AntiTroy.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: AntiTroy
Filename: AntiTroy.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | antitroy.exe

Command: C:\Program Files\AntiTroy Software\AntiTroy\AntiTroy.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [antitroy.exe] C:\Program Files\AntiTroy Software\AntiTroy\AntiTroy.exe

DDS Line:

uRun: [antitroy.exe] C:\Program Files\AntiTroy Software\AntiTroy\AntiTroy.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“antitroy.exe”=C:\Program Files\AntiTroy Software\AntiTroy\AntiTroy.exe

Description: core component of AntiTroy. AntiTroy is a rogue antispyware program.

How to remove: use these AntiTroy removal instructions.