What is sysguard2010.microsoft.com, How to remove sysguard2010.microsoft.com

2 Comments
November 28th, 2009 Rogue Antispyware/Antivirus

sysguard2010.microsoft.com is a malicious website

remove The site was created to spread Antivirus System Pro. If your browser is redirected to sysguard2010.microsoft.com, then you should immediately check your PC using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Site addess: sysguard2010.microsoft.com
Description: sysguard2010.microsoft.com is not related with Microsoft company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus System Pro.

How to remove: use these Antivirus System Pro removal instructions in order to remove this infection.

What is RESpyWare.exe, How to remove RESpyWare.exe

Comments
November 27th, 2009 O4, Rogue Antispyware/Antivirus, Run

RESpyWare.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: RESpyWare
Filename: RESpyWare.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | RESpyWare.exe

Command: C:\Program Files\RESpyWare Software\RESpyWare\RESpyWare.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [RESpyWare.exe] C:\Program Files\RESpyWare Software\RESpyWare\RESpyWare.exe

DDS Line:

uRun: [RESpyWare.exe] C:\Program Files\RESpyWare Software\RESpyWare\RESpyWare.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“RESpyWare.exe”=C:\Program Files\RESpyWare Software\RESpyWare\RESpyWare.exe [2009-11-28 1637888]

Description: core component of RESpyWare. RESpyWare is a rogue antispyware program.

How to remove: use these RESpyWare removal instructions.

What is Antivir.exe, How to remove Antivir.exe

3 Comments
November 27th, 2009 O4, Rogue Antispyware/Antivirus, Run

Antivir.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: Antivir
Filename: Antivir.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | AV

Command: C:\Program Files\AV\Antivir.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [AV] C:\Program Files\AV\Antivir.exe

DDS Line:

uRun: [AV] C:\Program Files\AV\Antivir.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“AV”=C:\Program Files\AV\Antivir.exe

Description: core part of Antivir. Antivir is a rogue antispyware program.

How to remove: use these Antivir removal instructions.

What is REAnti.exe, How to remove REAnti.exe

Comments
November 26th, 2009 O4, Rogue Antispyware/Antivirus, Run

REAnti.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: REAnti
Filename: REAnti.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | REAnti.exe

Command: C:\Program Files\REAnti Software\REAnti\REAnti.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [REAnti.exe] C:\Program Files\REAnti Software\REAnti\REAnti.exe

DDS Line:

uRun: [REAnti.exe] C:\Program Files\REAnti Software\REAnti\REAnti.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“REAnti.exe”=C:\Program Files\REAnti Software\REAnti\REAnti.exe [2009-11-27 1638400]

Description: core component of REAnti. REAnti is a rogue antispyware program

How to remove: use these REAnti removal instructions.

What is KeepCop.exe, How to remove KeepCop.exe

Comments
November 24th, 2009 O4, Rogue Antispyware/Antivirus, Run

KeepCop.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: KeepCop
Filename: KeepCop.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | KeepCop

Command: C:\Program Files\KeepCop Software\KeepCop\KeepCop.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [KeepCop] C:\Program Files\KeepCop Software\KeepCop\KeepCop.exe -min

DDS Line:

uRun: [KeepCop] C:\Program Files\KeepCop Software\KeepCop\KeepCop.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“KeepCop”=C:\Program Files\KeepCop Software\KeepCop\KeepCop.exe

Description: core component of KeepCop. KeepCop is a rogue antispyware program.

How to remove: use these KeepCop removal instructions.

What is alpha.exe, How to remove alpha.exe

Comments
November 23rd, 2009 O4, Rogue Antispyware/Antivirus, Run

alpha.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: alpha
Filename: alpha.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | AAntivirus

Command: C:\Program Files\AAntivirus\alpha.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [AAntivirus] C:\Program Files\AAntivirus\alpha.exe

DDS Line:

uRun: [AAntivirus] C:\Program Files\AAntivirus\alpha.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“AAntivirus”=C:\Program Files\AAntivirus\alpha.exe

Description: core component of Alpha Antivirus. Alpha Antivirus is a rogue antispyware program.

How to remove: use these Alpha Antivirus removal instructions.

What is ExplorerImages.dll, How to remove ExplorerImages.dll

Comments
November 23rd, 2009 BHO, O2, Rogue Antispyware/Antivirus

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: ExplorerImages
Filename: ExplorerImages.dll
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}

Command: C:\WINDOWS\system32\ExplorerImages.dll
CLSID: {35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}
Startup Type: BHO
HijackThis Category: O2
HijackThis Line:

O2 – BHO: &Advanced Explorer Editor – {35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC} – C:\WINDOWS\system32\ExplorerImages.dll

DDS Line:

BHO: &Advanced Explorer Editor – {35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC} – C:\WINDOWS\system32\ExplorerImages.dll

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}

Description: component of Alpha Antivirus that hijacks InternetExplorer. Alpha Antivirus is a rogue antispyware program.

How to remove: use these Alpha Antivirus removal instructions.

What is vec.exe, How to remove vec.exe

Comments
November 23rd, 2009 O4, Rogue Antispyware/Antivirus, Run

vec.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: vec
Filename: vec.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | mxcll

Command: C:\Documents and Settings\All Users\Application Data\eca\vec.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [mxcll] C:\Documents and Settings\All Users\Application Data\eca\vec.exe

DDS Line:

mRun: [mxcll] C:\Documents and Settings\All Users\Application Data\eca\vec.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“mxcll”=C:\Documents and Settings\All Users\Application Data\eca\vec.exe

Description: core component of Eco AntiVirus 2010. Eco AntiVirus 2010 is a rogue antispyware program.

How to remove: use these Eco AntiVirus 2010 removal instructions.

What is mstre24.exe, How to remove mstre24.exe

Comments
November 22nd, 2009 O4, Run, Worm

mstre24.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: mstre24
Filename: mstre24.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SySmstray

Command: C:\windows\mstre24.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [SySmstray] C:\windows\mstre24.exe

DDS Line:

mRun: [SySmstray] c:\windows\mstre24.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SySmstray”=c:\windows\mstre24.exe

Description: component of Koobface worm

How to remove: use HijackThis + Malwarebytes` Anti-malware

What is Win.exe, How to remove Win.exe

Comments
November 20th, 2009 F3, Trojan, win.ini

Win.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: Win
Filename: Win.exe
Command: C:\WINDOWS\system32\config\Win.exe
Startup Type: win.ini
HijackThis Category: F3
HijackThis Line:

F3 – REG:win.ini: run=C:\WINDOWS\system32\config\Win.exe

Description: trojan downloader

How to remove: use HijackThis + Malwarebytes` Anti-malware

« Previous Entries
Next Entries »