HT Logs. Tips, FAQs, Analyze.

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: QuickHealCleaner
Filename: QuickHealCleaner.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | QuickHealCleaner

Command: C:\Program Files\QuickHealCleaner Software\QuickHealCleaner\QuickHealCleaner.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [QuickHealCleaner] C:\Program Files\QuickHealCleaner Software\QuickHealCleaner\QuickHealCleaner.exe -min

Description: main file of QuickHealCleaner. QuickHealCleaner is a rogue antispyware program that designed to scam people.

How to remove: use these QuickHealCleaner.exe removal instructions.

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: SystemCopSvc
Filename: SystemCopSvc.exe
Registry key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SystemCopSvc

Command: C:\Program Files\SystemCop Software\SystemCop\SystemCopSvc.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: SystemCop Security Service (SystemCopSvc) – Unknown owner – C:\Program Files\SystemCop Software\SystemCop\SystemCopSvc.exe

Description: component of SystemCop (rogue antispyware program)

How to remove: use these SystemCop removal instructions.

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: SystemCop
Filename: SystemCop.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SystemCop

Command: C:\Program Files\SystemCop Software\SystemCop\SystemCop.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SystemCop] C:\Program Files\SystemCop Software\SystemCop\SystemCop.exe -min

Description: main file of SystemCop (rogue antispyware program)

How to remove: use these SystemCop removal instructions.

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: svchasts
Filename: svchasts.exe
Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\antippro2009_100

Command: C:\WINDOWS\svchasts.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: AntipPro2009_100 (AntipyProex) – Unknown owner – C:\WINDOWS\svchasts.exe

Combofix/RSIT Line:

R2 AntipPro2009_100;AntipyProex; C:\WINDOWS\svchasts.exe [2009-08-31 163840]

Description: component of Windows Police Pro (rogue antispyware program)

How to remove: use these Windows Police Pro removal instructions.

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: desote
Filename: desote.exe
Registry key:

HKEY_CLASSES_ROOT\exefile\shell\open\command

Command: c:\windows\system32\desote.exe
Startup Type: File associations

.exe – open – C:\WINDOWS\system32\desote.exe “%1″ %*

Description: component of Windows Police Pro (rogue antispyware program) that blocks ability to run any programs.

How to remove: use these Windows Police Pro removal instructions.

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: SM205
Filename: SM205.exe (Smart Virus Eliminator uses random file name to hide itself)
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Smart Virus Eliminator

Command: C:\Documents and Settings\All Users\Application Data\7d189\SM205.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Smart Virus Eliminator] “C:\Documents and Settings\All Users\Application Data\7d189\SM205.exe” /s /d

Description: main file of Smart Virus Eliminator

How to remove: use these Smart Virus Eliminator removal instructions.

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: WIa9ca
Filename: WIa9ca.exe (uses random filenames to hide itself)
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Windows Protection Suite

Command: C:\Documents and Settings\All Users\Application Data\a91c29\WIa9ca.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Windows Protection Suite] “C:\Documents and Settings\All Users\Application Data\a91c29\WIa9ca.exe” /s /d

Description: main file of Windows Protection Suite (rogue antispyware software)

How to remove: use these Windows Protection Suite removal instructions.

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: BlockDefenseSvc
Filename: BlockDefenseSvc.exe
Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\blockdefensesvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\blockdefensesvc

Command: C:\Program Files\BlockDefense Software\BlockDefense\BlockDefenseSvc.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: BlockDefense Security Service (BlockDefenseSvc) – Unknown owner – C:\Program Files\BlockDefense Software\BlockDefense\BlockDefenseSvc.exe

Description: component of BlockDefense (rogue antispyware program)

How to remove: use these BlockDefense removal instructions.

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: BlockDefense
Filename: BlockDefense.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | BlockDefense

Command: C:\Program Files\BlockDefense Software\BlockDefense\BlockDefense.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [BlockDefense] C:\Program Files\BlockDefense Software\BlockDefense\BlockDefense.exe -min

Description: main file of BlockDefense (rogue antispyware program)

How to remove: use these BlockDefense removal instructions.

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: SaveDefenseSvc
Filename: SaveDefenseSvc.exe
Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SaveDefenseSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SaveDefenseSvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SaveDefenseSvc

Command: C:\Program Files\SaveDefense Software\SaveDefense\SaveDefenseSvc.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: SaveDefense Security Service (SaveDefenseSvc) – Unknown owner – C:\Program Files\SaveDefense Software\SaveDefense\SaveDefenseSvc.exe

Description: component of SaveDefense (rogue antispyware program)

How to remove: use these SaveDefense removal instructions.