Archive for the 'Rogue Antispyware/Antivirus' Category
Monday, July 27th, 2009
This is a harmful program.
Name: svchast
Filename: svchast.exe
Command: C:\WINDOWS\svchast.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:
O23 – Service: AntipyPro_12 (AntipPro2009_12) – Unknown owner – C:\WINDOWS\svchast.exe
Combofix/RSIT Line:
S2 AntipPro2009_12;AntipyPro_12; C:\WINDOWS\svchast.exe
Description: component of Windows Antivirus Pro (fake antivirus program)
How to remove: use these Windows Antivirus Pro removal instructions.
Posted in O23, Rogue Antispyware/Antivirus, Service | No Comments »
Sunday, July 26th, 2009
This is a harmful program.
Name: AVCare
Filename: AVCare.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | AV Care
Command: C:\Program Files\AV Care\AvCare.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [AV Care] C:\Program Files\AV Care\AvCare.exe
Description: main file of AVCare (rogue antispyware program)
How to remove: use Malwarebytes` Anti-malware or use these AVCare removal instructions.
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Sunday, July 19th, 2009
This is a harmful program.
Name: HomeAntivirus2010
Filename: HomeAntivirus2010.exe
Registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Home Antivirus 2010
Command: C:\Program Files\HomeAntivirus2010\HomeAntivirus2010.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [Home Antivirus 2010] “C:\Program Files\HomeAntivirus2010\HomeAntivirus2010.exe” /hide
Description: main file of Home Antivirus 2010 (rogue antispyware program)
How to remove: use these Home Antivirus 2010 removal instructions.
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Thursday, July 16th, 2009
This is a harmful program.
Name: MalwareRemoval
Filename: MalwareRemoval.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | MalwareRemoval
Command: C:\Program Files\MalwareRemoval\MalwareRemoval.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [MalwareRemoval] C:\Program Files\MalwareRemoval\MalwareRemoval.exe
Description: main file of Fake Microsoft Windows Malicious Software Removal Tool
How to remove: use Malwarebytes Antimalware
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Thursday, July 16th, 2009
This is a harmful program.
Name: AntiVirus_Pro
Filename: AntiVirus_Pro.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | AntiVirus_ProNET
Command: C:\Program Files\AntiVirus_Pro\AntiVirus_Pro.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [AntiVirus_ProNET] C:\Program Files\AntiVirus_Pro\AntiVirus_Pro.exe
Description: main file of AntiVirusPro (fake antivirus software)
How to remove: use these AntiVirusPro removal instructions.
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Sunday, July 12th, 2009
This is a harmful program.
Name: PC_Security2009
Filename: PC_Security2009.exe
Registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | PC Security 2009
Command: C:\Program Files\PC_Security2009\PC_Security2009.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [PC Security 2009] “C:\Program Files\PC_Security2009\PC_Security2009.exe” /hide
Description: main file of PC Security 2009 (rogue antispyware program)
How to remove: use these PC Security 2009 removal instructions.
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Friday, July 10th, 2009
This is a harmful program.
Name: WiniFighterSvc
Filename: WiniFighterSvc.exe
Registry key:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winifightersvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\winifightersvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winifightersvc
Command: C:\Program Files\WiniFighter Software\WiniFighter\WiniFighterSvc.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:
O23 – Service: WiniFighter Security Service (WiniFighterSvc) – Unknown owner – C:\Program Files\WiniFighter Software\WiniFighter\WiniFighterSvc.exe
How to remove: use these WiniFighter removal instructions.
Posted in O23, Rogue Antispyware/Antivirus, Service | No Comments »
Friday, July 10th, 2009
This is a harmful program.
Name: WiniFighter
Filename: WiniFighter.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | WiniFighter
Command: C:\Program Files\WiniFighter Software\WiniFighter\WiniFighter.exe -min
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [WiniFighter] C:\Program Files\WiniFighter Software\WiniFighter\WiniFighter.exe -min
Description: main file of WiniFighter (rogue antispyware program)
How to remove: use these WiniFighter removal instructions.
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Thursday, July 9th, 2009
This is a harmful program.
Name: smrtdefp
Filename: smrtdefp.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Smart Defender PRO
Command: %appdata%\Smart Defender PRO\smrtdefp.exe
Startup Type: HKCU
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [Smart Defender PRO] %appdata%\Smart Defender PRO\smrtdefp.exe
Description: main file of Smart Defender PRO (rogue antispyware software)
How to remove: use these Smart Defender PRO removal instructions
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Tuesday, July 7th, 2009
This is a harmful program.
Name: systemdb
Filename: systemdb.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | system
Command: C:\Windows\systemdb.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [system] C:\Windows\systemdb.exe
Description: main file of Barracuda Antivirus (rogue antispyware program)
How to remove: use Malwarebytes Antimalware
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
