Archive for the 'Rogue Antispyware/Antivirus' Category
Tuesday, March 10th, 2009
This is an harmful program.
Name: install
Filename: install.exe
Registry key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“updater”=”C:\Documents and Settings\All Users\Application Data\Microsoft\Network\install.exe /u”
Command: C:\Documents and Settings\All Users\Application Data\Microsoft\Network\install.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [updater] C:\Documents and Settings\All Users\Application Data\Microsoft\Network\install.exe /u
Description: component of Malware Defender 2009
How to remove: use the instructions How to remove Malware Defender 2009 (Uninstall instructions)
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Tuesday, March 10th, 2009
This is an harmful program.
Name: malwaredef
Filename: malwaredef.exe
Command: %programfiles%\Malware Defender 2009\malwaredef.exe
Startup Type:HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [malwaredef] C:\Program Files\Malware Defender 2009\malwaredef.exe
Combofix/RSIT Line:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“malwaredef”=”C:\Program Files\Malware Defender 2009\malwaredef.exe”
Description: main component of Malware Defender 2009
How to remove: use the instructions How to remove Malware Defender 2009 (Uninstall instructions)
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Friday, March 6th, 2009
This is an harmful program.
Name: proas2009
Filename: proas2009.exe
Command: C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\proas2009.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [Pro Antispyware 2009] “C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\proas2009.exe” /autorun
Description: main file of Pro Antispyware 2009
Notes: Pro Antispyware 2009 is a rogue antispyware program
How to remove: use the instructions How to remove Pro Antispyware 2009 (Antispyware Pro 2009) Delete instructions
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Friday, March 6th, 2009
This is an harmful program.
Name: AntiSpyware Pro
Filename: AntiSpyware Pro.exe
Command: C:\Program Files\AntiSpyware Pro\AntiSpyware Pro.exe
Startup Type: HKLM->run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [AntiSpyware Pro] “C:\Program Files\AntiSpyware Pro\AntiSpyware Pro.exe” hide
Description: main file Antispyware Pro 2009
Notes: Antispyware Pro 2009 is a rogue antispyware
How to remove: use the instructions How to remove Pro Antispyware 2009 (Antispyware Pro 2009) Delete instructions
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Friday, March 6th, 2009
This is an harmful program.
Name: winconfig
Filename: winconfig.dll
Command: C:\Windows\System32\winconfig.dll
CLSID: {D263FA6D-84CC-48A8-9AF6-C664362B7A5B}
Startup Type: BHO
HijackThis Category: O2
HijackThis Line:
O2 – BHO: (no name) – {D263FA6D-84CC-48A8-9AF6-C664362B7A5B} – C:\Windows\System32\winconfig.dll
Description: trojan fake-alert, component of Antivirus 360
How to remove: use the instructions How to remove Antivirus 360
Posted in BHO, O2, Rogue Antispyware/Antivirus, Trojan | No Comments »
Sunday, March 1st, 2009
This is an harmful program.
Name: rkgnd
Filename: rkgnd.exe
Command: C:\Program Files\Common Files\System\mgnc\rkgnd.exe
Startup Type:HKLM->RunOnce
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\RunOnce: [39173992539183281] C:\Program Files\Common Files\System\mgnc\rkgnd.exe
Description: component of ANG AntiVirus 09
How to remove: use these instructions How to remove ANG AntiVirus 09 or use HijackThis
Posted in O4, Rogue Antispyware/Antivirus, RunOnce | No Comments »
Sunday, March 1st, 2009
This is an harmful program.
Name: angpd
Filename: angpd.exe
Command: C:\Program Files\Common Files\System\mgnc\angpd.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [62964419826679261] C:\Program Files\Common Files\System\mgnc\angpd.exe
Description: component of ANG AntiVirus 09
How to remove: use the instructions How to remove ANG AntiVirus 09 (Delete instructions) or use HijackThis.
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Sunday, March 1st, 2009
This is an harmful program.
Name: WiniGuard
Filename: WiniGuard.exe
Command: c:\program files\winiguard software\winiguard\WiniGuard.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [WiniGuard] “c:\program files\winiguard software\winiguard\WiniGuard.exe” -min
Description: main component of WiniGuard (rogue antispyware)
How to remove: use these instructions How to remove WiniGuard (Delete instructions)
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Sunday, March 1st, 2009
This is an harmful program.
Name: cfrog
Filename: cfrog.exe
Command: c:\windows\system32\cfrog.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [c:\windows\system32\cfrog.exe] c:\windows\system32\cfrog.exe
Description: component of WiniGuard
How to remove: Use HijackThis
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Saturday, February 28th, 2009
This is an harmful program.
Name: ExtSecurityCenter
Filename: ExtSecurityCenter.exe
Command: %programfiles%\VirusRemover2009\ExtSecurityCenter.exe
Description: component of VirusRemover2009
Notes:
ExtSecurityCenter.exe generates fake alerts, and the XP Security Center screen that looks like legitimate Windows Security Center
How to remove: How to remove VirusRemover2009 (Delete instructions)
Posted in Rogue Antispyware/Antivirus | No Comments »
