Archive for the 'Rogue Antispyware/Antivirus' Category
Thursday, August 27th, 2009
This is a harmful program.
Name: SaveDefense
Filename: SaveDefense.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SaveDefense
Command: C:\Program Files\SaveDefense Software\SaveDefense\SaveDefense.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [SaveDefense] C:\Program Files\SaveDefense Software\SaveDefense\SaveDefense.exe -min
Description: main file of SaveDefense (rogue antispyware software)
How to remove: use these SaveDefense removal instructions.
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Thursday, August 27th, 2009
This is a harmful program.
Name: TrustNinjaSvc
Filename: TrustNinjaSvc.exe
Command: C:\Program Files\TrustNinja Software\TrustNinja\TrustNinjaSvc.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:
O23 – Service: TrustNinja Security Service (TrustNinjaSvc) – Unknown owner – C:\Program Files\TrustNinja Software\TrustNinja\TrustNinjaSvc.exe
Description: component of TrustNinja (rogue antispyware program)
How to remove: use these TrustNinja removal instructions.
Posted in O23, Rogue Antispyware/Antivirus, Service | No Comments »
Tuesday, August 25th, 2009
This is a harmful program.
Name: TrustNinja
Filename: TrustNinja.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | TrustNinja
Command: C:\Program Files\TrustNinja Software\TrustNinja\TrustNinja.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [TrustNinja] C:\Program Files\TrustNinja Software\TrustNinja\TrustNinja.exe -min
Description: main file of TrustNinja (rogue antispyware software)
How to remove: use these TrustNinja removal instructions.
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Tuesday, August 25th, 2009
This is a harmful program.
Name: SaveSoldierSvc
Filename: SaveSoldierSvc.exe
Command: C:\Program Files\SaveSoldier Software\SaveSoldier\SaveSoldierSvc.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:
O23 – Service: SaveSoldier Security Service (SaveSoldierSvc) – Unknown owner – C:\Program Files\SaveSoldier Software\SaveSoldier\SaveSoldierSvc.exe
Description: component of SaveSoldier (rogue antispyware program)
How to remove: use these SaveSoldier removal instructions.
Posted in O23, Rogue Antispyware/Antivirus, Service | No Comments »
Tuesday, August 25th, 2009
This is a harmful program.
Name: SaveSoldier
Filename: SaveSoldier.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SaveSoldier
Command: C:\Program Files\SaveSoldier Software\SaveSoldier\SaveSoldier.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [SaveSoldier] C:\Program Files\SaveSoldier Software\SaveSoldier\SaveSoldier.exe -min
Description: main file of SaveSoldier (rogue antispyware program)
How to remove: use these SaveSoldier removal instructions.
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Tuesday, August 25th, 2009
This is a harmful program.
Name: brey1eza
Filename: brey1eza.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | brey1eza.exe
Command: %UserProfile%\LOCALS~1\Temp\brey1eza.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [brey1eza.exe] C:\DOCUME~1\PEDROA~1\LOCALS~1\Temp\brey1eza.exe
Description: trojan that installed with SaveSoldier (rogue antispyware program)
How to remove: use these SaveSoldier removal instructions.
Posted in O4, Rogue Antispyware/Antivirus, Run, Trojan | No Comments »
Saturday, August 15th, 2009
This is a harmful program.
Name: WiniShieldSvc
Filename: WiniShieldSvc.exe
Command: C:\Program Files\WiniShield Software\WiniShield\WiniShieldSvc.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:
O23 – Service: WiniShield Security Service (WiniShieldSvc) – Unknown owner – C:\Program Files\WiniShield Software\WiniShield\WiniShieldSvc.exe
Description: component of WiniShield (rogue antispyware program)
How to remove: use these WiniShield removal instructions
Posted in O23, Rogue Antispyware/Antivirus, Service | No Comments »
Saturday, August 15th, 2009
This is a harmful program.
Name: WiniShield
Filename: WiniShield.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | WiniShield
Command: C:\Program Files\WiniShield Software\WiniShield\WiniShield.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [WiniShield] C:\Program Files\WiniShield Software\WiniShield\WiniShield.exe -min
Description: main component of WiniShield (rogue antispyware program)
How to remove: use these WiniShield removal instructions
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Monday, August 3rd, 2009
This is a harmful program.
Name: PC_Antispyware2010
Filename: PC_Antispyware2010.exe
Registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | PC Antispyware 2010
Command: C:\Program Files\PC_Antispyware2010\PC_Antispyware2010.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [PC Antispyware 2010] “C:\Program Files\PC_Antispyware2010\PC_Antispyware2010.exe” /hide
Description: main file of PC Antispyware 2010 (rogue antispyware program)
How to remove: use these PC Antispyware 2010 removal instructions.
Posted in O4, Rogue Antispyware/Antivirus, Run | 3 Comments »
Monday, July 27th, 2009
This is a harmful program.
Name: desot
Filename: desot.exe
Registry key:
HKEY_CLASSES_ROOT\exefile\shell\open\command
Command: D:\WINDOWS\system32\desot.exe
Startup Type: File associations
Combofix/RSIT Line:
.exe – open – D:\WINDOWS\system32\desot.exe “%1” %*
Description: component of Windows Antivirus Pro (rogue antivirus program)
How to remove: use these Windows Antivirus Pro removal instructions.
Posted in File associations, Rogue Antispyware/Antivirus | 16 Comments »
