winlogon.exe is a trojan, component of Personal Antivirus

Comments
March 18th, 2009 O4, Rogue Antispyware/Antivirus, Run

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: winlogon
Filename: winlogon.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Microsoft Windows logon process

Command: C:\Documents and Settings\lab\Application Data\Microsoft\Windows\winlogon.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Microsoft Windows logon process] C:\Documents and Settings\lab\Application Data\Microsoft\Windows\winlogon.exe

Description: trojan, component of Personal Antivirus

How to remove: use the instructions How to remove Personal Antivirus (Uninstall instructions)

PerAvir.exe is a main component of Personal Antivirus

Comments
March 18th, 2009 O4, Rogue Antispyware/Antivirus, Run

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: PerAvir
Filename: PerAvir.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Personal Antivirus

Command: C:\Program Files\Personal Antivirus\PerAvir.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Personal Antivirus] “C:\Program Files\Personal Antivirus\PerAvir.exe” /s

Description: main component of Personal Antivirus (rogue antivirus/antispyware program)

How to remove: use the instructions How to remove Personal Antivirus (Uninstall instructions)

wmptray.exe is a malware, component of WinCodecPro trojan

Comments
March 17th, 2009 Fake codec, O4, Run

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: wmptray
Filename: wmptray.exe

Command: C:\Program Files\MediaSystem\wmptray.exe
Startup Type: HKLM->run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [WmpTray] C:\Program Files\MediaSystem\wmptray.exe

Description: component of WinCodecPro trojan

How to remove: use the instructions How to remove WinCodecPro trojan and wmptray.exe (fake media codec)

AutoPlay.exe is a autorun.inf trojan component

Comments
March 13th, 2009 O4, Startup folder, Trojan

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: AutoPlay
Filename: AutoPlay.exe
Startup Type: Startup folder
HijackThis Category: O4
HijackThis Line:

O4 – S-1-5-18 Startup: AutoPlay.exe (User ‘SYSTEM’)
O4 – .DEFAULT Startup: AutoPlay.exe (User ‘Default user’)
O4 – .DEFAULT User Startup: AutoPlay.exe (User ‘Default user’)

Description: autorun.inf trojan component

How to remove: Use HijackThis + use the instructions How to remove trojans that uses autorun.inf file

diarprof.exe is a malware

Comments
March 13th, 2009 Malware, O4, Run

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: diarprof
Filename: diarprof.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [bo0pRSZ3e] diarprof.exe

Description: Unknown malware component

How to remove: Use HijackThis

qtplugin.exe is Trojan-Downloader.Win32.Agent.hmz Trojan

Comments
March 13th, 2009 O4, Run, Trojan

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: qtplugin
Filename: qtplugin.exe
Command: C:\WINDOWS\system32\qtplugin.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [RegistryMonitor1] C:\WINDOWS\system32\qtplugin.exe

Description: Trojan-Downloader.Win32.Agent.hmz Trojan

How to remove: Use HijackThis

distus40.exe is a malware

Comments
March 13th, 2009 Malware, O4, Run

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: distus40
Filename: distus40.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [qFrf32V] distus40.exe

Description: Unknown malware component

How to remove: Use HijackThis

hdddriver.dll is a component of Malware Defender 2009

Comments
March 10th, 2009 O21, Rogue Antispyware/Antivirus, ShellServiceObjectDelayLoad

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: hdddriver
Filename: hdddriver.dll
Command: C:\Documents and Settings\All Users\Application Data\Microsoft\Media Index\Drivers\hdddriver.dll
CLSID: {8B2C743A-D44A-4A93-8233-ABEE8BF8ED62}
Startup Type: ShellServiceObjectDelayLoad
HijackThis Category: O21
HijackThis Line:

O21 – SSODL: HardwareDrivers – {8B2C743A-D44A-4A93-8233-ABEE8BF8ED62} – C:\Documents and Settings\All Users\Application Data\Microsoft\Media Index\Drivers\hdddriver.dll

Description: component of Malware Defender 2009

How to remove: use the instructions How to remove Malware Defender 2009 (Uninstall instructions)

install.exe is a component of Malware Defender 2009

Comments
March 10th, 2009 O4, Rogue Antispyware/Antivirus, Run

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: install
Filename: install.exe
Registry key:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“updater”=”C:\Documents and Settings\All Users\Application Data\Microsoft\Network\install.exe /u”

Command: C:\Documents and Settings\All Users\Application Data\Microsoft\Network\install.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [updater] C:\Documents and Settings\All Users\Application Data\Microsoft\Network\install.exe /u

Description: component of Malware Defender 2009

How to remove: use the instructions How to remove Malware Defender 2009 (Uninstall instructions)

malwaredef.exe is main component of Malware Defender 2009

Comments
March 10th, 2009 O4, Rogue Antispyware/Antivirus, Run

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: malwaredef
Filename: malwaredef.exe
Command: %programfiles%\Malware Defender 2009\malwaredef.exe
Startup Type:HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [malwaredef] C:\Program Files\Malware Defender 2009\malwaredef.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“malwaredef”=”C:\Program Files\Malware Defender 2009\malwaredef.exe”

Description: main component of Malware Defender 2009

How to remove: use the instructions How to remove Malware Defender 2009 (Uninstall instructions)

« Previous Entries
Next Entries »