HT Logs. Tips, FAQs, Analyze.

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: SecuritySoldier
Filename: SecuritySoldier.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SecuritySoldier

Command: C:\Program Files\SecuritySoldier Software\SecuritySoldier\SecuritySoldier.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SecuritySoldier] C:\Program Files\SecuritySoldier Software\SecuritySoldier\SecuritySoldier.exe -min

Description: main component of SecuritySoldier rogue antispyware program

How to remove: use these SecuritySoldier removal instructions

SecurityFighter.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: SecurityFighter
Filename: SecurityFighter.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SecurityFighter

Command: C:\Program Files\SecurityFighter Software\SecurityFighter\SecurityFighter.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SecurityFighter] C:\Program Files\SecurityFighter Software\SecurityFighter\SecurityFighter.exe -min

Description: main file of SecurityFighter fake antispyware program

How to remove: use these SecurityFighter removal instructions

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: wsn
Filename: wsn.bat
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | RANDOM NUMBERS

Command: C:\ProgramData\gra\wsn.bat
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [RANDOM NUMBERS] C:\ProgramData\gwr\wsn.bat
O4 – HKCU\..\Run: [RANDOM NUMBERS] C:\ProgramData\gra\wsn.bat

Description: component of Green AV rogue antivirus/antispyware program

How to remove: use these Green AV removal instructions

wsga05.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: wsga05
Filename: wsga05.exe
Command: C:\ProgramData\gra\wsga05.exe
Description: trojan Agent installed by Green AV fake antivirus program

How to remove: use these Green AV removal instructions

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: SaveArmor
Filename: SaveArmor.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SaveArmor

Command: C:\Program Files\SaveArmor Software\SaveArmor\SaveArmor.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SaveArmor] C:\Program Files\SaveArmor Software\SaveArmor\SaveArmor.exe -min

Description: main component of SaveArmor rogue antispyware program

How to remove: use these SaveArmor removal instructions

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: SaveDefender
Filename: SaveDefender.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SaveDefender

Command: C:\Program Files\SaveDefender Software\SaveDefender\SaveDefender.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SaveDefender] C:\Program Files\SaveDefender Software\SaveDefender\SaveDefender.exe -min

Description: main file of SaveDefender rogue antispyware program

How to remove: use these SaveDefender removal instructions

mradll.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: mradll
Filename: mradll.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | RANDOM CHARACTERS

Command: C:\Documents and Settings\All Users\Application Data\gra\mradll.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [RANDOM CHARACTERS] C:\Documents and Settings\All Users\Application Data\gra\mradll.exe

Description: component of Green AV also known as Green Antivirus (rogue antispyware program)

How to remove: use these Green AV removal instructions

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: rwg
Filename: rwg.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | RANDOM CHARACTERS

Command: C:\Documents and Settings\All Users\Application Data\gwr\rwg.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [RANDOM CHARACTERS] C:\Documents and Settings\All Users\Application Data\gwr\rwg.exe

Description: component of Green AV rogue antivirus program

How to remove: use these Green AV removal instructions

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: WStech
Filename: WStech.dll
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5DBD8CB-DF8A-4992-A655-B155216F6AFB}

Command: C:\Documents and Settings\All Users\Application Data\gra\WStech.dll
CLSID: {A5DBD8CB-DF8A-4992-A655-B155216F6AFB}
Startup Type: BHO
HijackThis Category: O2
HijackThis Line:

O2 – BHO: WStechB – {A5DBD8CB-DF8A-4992-A655-B155216F6AFB} – C:\Documents and Settings\All Users\Application Data\gra\WStech.dll

Description: trojan FakeAlert that installed by Green AV rogue antispyware program

How to remove: use these Green AV removal instructions

TrustWarrior.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: TrustWarrior
Filename: TrustWarrior.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | TrustWarrior

Command: C:\Program Files\TrustWarrior Software\TrustWarrior\TrustWarrior.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [TrustWarrior] C:\Program Files\TrustWarrior Software\TrustWarrior\TrustWarrior.exe -min

Description: main component of TrustWarrior rogue antispyware software that detects false scan results and displays fake security alerts as a method of scaring you into buying the software.

How to remove: use these TrustWarrior removal instructions.