What is advanceddefender.exe, How to remove advanceddefender.exe

Comments
February 9th, 2010 O4, Rogue Antispyware/Antivirus, Run

advanceddefender.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: advanceddefender
Filename: advanceddefender.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | advanceddefender

Command: C:\Program Files\Advanced Defender\advanceddefender.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [advanceddefender] C:\Program Files\Advanced Defender\advanceddefender.exe

DDS Line:

mRun: [advanceddefender] C:\Program Files\Advanced Defender\advanceddefender.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“advanceddefender”=C:\Program Files\Advanced Defender\advanceddefender.exe

Description: core component of Advanced Defender. Advanced Defender is a rogue antispyware program.

How to remove: use these Advanced Defender removal instructions.

What is pav.exe, How to remove pav.exe

Comments
February 8th, 2010 O4, Rogue Antispyware/Antivirus, Run

pav.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: pav
Filename: pav.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Paladin Antivirus

Command: C:\Program Files\Paladin Antivirus\pav.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Paladin Antivirus] “C:\Program Files\Paladin Antivirus\pav.exe” -noscan

DDS Line:

uRun: [Paladin Antivirus] “C:\Program Files\Paladin Antivirus\pav.exe” -noscan

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Paladin Antivirus”=C:\Program Files\Paladin Antivirus\pav.exe

Description: core component of Paladin Antivirus. Paladin Antivirus is a rogue antispyware program.

How to remove: use these Paladin Antivirus removal instructions.

What is freddy84.exe, How to remove freddy84.exe

Comments
February 7th, 2010 O4, Run, Worm

freddy84.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: freddy84
Filename: freddy84.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: C:\windows\freddy84.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\freddy84.exe

DDS Line:

mRun: [sysfbtray] C:\windows\freddy84.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\freddy84.exe

Description: part of koobface worm

How to remove: use these koobface removal instructions.

What is Livesoftrock.microsoft.com, How to remove Livesoftrock.microsoft.com

Comments
February 7th, 2010 Rogue Antispyware/Antivirus

Livesoftrock.microsoft.com is a malicious website

remove The site was created to spread Antivirus Soft. If your browser is redirected to Livesoftrock.microsoft.com, then you should immediately check your PC using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Site addess: Livesoftrock.microsoft.com
Description: Livesoftrock.microsoft.com is not related with Microsoft company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus Soft. Antivirus Soft is a rogue antispyware program.

How to remove: use these Antivirus Soft removal instructions in order to remove this infection.

What is netuza32.exe, How to remove netuza32.exe

1 Comment
February 7th, 2010 O4, Startup folder, Trojan

netuza32.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: netuza32
Filename: netuza32.exe
Command: %UserProfile%\start menu\programs\startup\netuza32.exe
Startup Type: Startup Folder
HijackThis Category: O4
HijackThis Line:

O4 – Startup: netuza32.exe

DDS Line:

StartupFolder: c:\documents and settings\user\start menu\programs\startup\netuza32.exe

Combofix/RSIT Line:

C:\Documents and Settings\user\Start Menu\Programs\Startup
netuza32.exe

Description: trojan

How to remove: use HijackThis + Kaspersky virus removal tool

What is SafePcAv.exe, How to remove SafePcAv.exe

Comments
February 5th, 2010 O4, Rogue Antispyware/Antivirus, Run

SafePcAv.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SafePcAv
Filename: SafePcAv.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SafePcAv

Command: C:\Program Files\SafePcAv Software\SafePcAv\SafePcAv.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SafePcAv] C:\Program Files\SafePcAv Software\SafePcAv\SafePcAv.exe -min

DDS Line:

uRun: [SafePcAv] C:\Program Files\SafePcAv Software\SafePcAv\SafePcAv.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“SafePcAv”=C:\Program Files\SafePcAv Software\SafePcAv\SafePcAv.exe

Description: core part of SafePcAv. SafePcAv is a rogue antispyware program.

How to remove: use these SafePcAv removal instructions.

What is adgamma.exe, How to remove adgamma.exe

Comments
February 3rd, 2010 O4, Rogue Antispyware/Antivirus, Run

adgamma.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: adgamma
Filename: adgamma.exe
Registry key:

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run | Adobe Loader

Command: C:\Program Files\adgamma.exe
Startup Type: HKUS->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKUS\S-1-5-18\..\Run: [Adobe Loader] C:\Program Files\adgamma.exe (User ‘SYSTEM’)
O4 – HKUS\.DEFAULT\..\Run: [Adobe Loader] C:\Program Files\adgamma.exe (User ‘Default user’)

Combofix/RSIT Line:

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“Adobe Loader”=”c:\program files\adgamma.exe” [2010-02-02 39936]

Description: trojan-downloader that installed with Your PC Protector. Your PC Protector is a rogue antispyware program.

How to remove: use these Your PC Protector removal instructions.

What is alggui.exe, How to remove alggui.exe

Comments
February 3rd, 2010 File associations, Rogue Antispyware/Antivirus

alggui.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: alggui
Filename: alggui.exe
Registry key:

HKEY_CLASSES_ROOT\exefile\shell\open\command

Command: C:\Program Files\alggui.exe
Startup Type: File associations
DDS/Combofix/RSIT Line:

.exe – open – C:\Program Files\alggui.exe “%1” %*

Description: component of Your PC Protector. Your PC Protector is a rogue antispyware program.

How to remove: use these Your PC Protector removal instructions.

What is adc32.dll, How to remove adc32.dll

Comments
February 3rd, 2010 BHO, O2, Rogue Antispyware/Antivirus

adc32.dll is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: adc32
Filename: adc32.dll
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77DC0Baa-3235-4ba9-8BE8-aa9EB678FA02}

Command: C:\Program Files\adc32.dll
CLSID: {77DC0Baa-3235-4ba9-8BE8-aa9EB678FA02}
Startup Type: BHO
HijackThis Category: O2
HijackThis Line:

O2 – BHO: ICQSys (ADC PlugIn) – {77DC0Baa-3235-4ba9-8BE8-aa9EB678FA02} – C:\Program Files\adc32.dll

DDS Line:

BHO: ADC PlugIn: {77DC0Baa-3235-4ba9-8BE8-aa9EB678FA02} – C:\Program Files\adc32.dll

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77DC0Baa-3235-4ba9-8BE8-aa9EB678FA02}]
ADC PlugIn – C:\Program Files\adc32.dll [2010-02-04 958464]

Description: malicious BHO addon to Internet Explorer that installed by Your PC Protector. Your PC Protector is a rogue antispyware program.

How to remove: use these Your PC Protector removal instructions.

What is Your PC Protector.exe, How to remove Your PC Protector.exe

Comments
February 3rd, 2010 Rogue Antispyware/Antivirus

Your PC Protector.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: Your PC Protector
Filename: Your PC Protector.exe
Command: C:\Program Files\Your PC Protector\Your PC Protector.exe
Description: core part of Your PC Protector. Your PC Protector is a rogue antispyware program.

How to remove: use these Your PC Protector removal instructions.

« Previous Entries
Next Entries »