HT Logs. Tips, FAQs, Analyze.

msansspc.dll is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: msansspc
Filename: msansspc.dll
Registry key:

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders | “SecurityProviders”=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, msansspc.dll

Command: C:\WINDOWS\system32\msansspc.dll
Startup Type: SecurityProviders
Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
“SecurityProviders”=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, msansspc.dll

Description: trojan

How to remove: use Malwarebytes Anti-malware.

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: vdac
Filename: vdac.cmd
Registry key: HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{781ab33f-85fd-11dd-98e0-0015afe71045}
Command: J:\vdac.cmd
Startup Type: autorun.inf
Description: autorun.inf trojan component

How to remove: How to remove trojans that uses autorun.inf file

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: nqecmus
Filename: nqecmus.exe
Registry key: HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{30f0e414-95d0-11dd-992b-001f3ad30b24}
Startup Type: autorun.inf
Description: autorun.inf trojan component
Threat Alias:

Generic.dx [McAfee]
Packed/NSPack [PC Tools]
WORM_NSPACK.AG [Trend Micro]

How to remove: How to remove trojans that uses autorun.inf file

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: y82td3td
Filename: y82td3td.com
Registry key: HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{156348aa-6f7d-11dd-a36f-ffb4bd6902f1}
Command: G:\y82td3td.com
Startup Type: autorun.inf
Description: autorun.inf trojan component
Threat Aliases:

Trojan.Lineage.Gen!Pac.3 [PC Tools]
Mal/EncPk-CE [Sophos]
PWS-Gamania.gen.a [McAfee]
PWS-LegMir.gen.k [McAfee]
PWS:Win32/Frethog.gen!L [Microsoft]
Trojan.Packed.NsAnti [Symantec]
Worm.Win32.AutoRun.cva [Kaspersky Lab]
Mal_NSAnti-1 [Trend Micro]
Packed.Win32.PolyCrypt.h [Kaspersky Lab]
PE_SALITY.M [Trend Micro]
TSPY_ONLINEG.CTR [Trend Micro]
W32.Gammima.AG [Symantec]
W32/Sality.ae [McAfee]
Win32.Sality.AK [PC Tools]
Worm:Win32/Taterf.gen!C [Microsoft]

How to remove: How to remove trojans that uses autorun.inf file

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: systemguard
Filename: systemguard.exe
Command: C:\Program Files\System Guard 2009\systemguard.exe
Startup Type: registry run key
HijackThis Category: O4
Description: main file of System Guard 2009

How to remove: How to remove System Guard 2009 (Delete instructions)

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: AntivirusXP
Filename: AntivirusXP.exe
Command: C:\Program Files\AntivirusXP\AntivirusXP.exe
Startup Type:HKCU->Run
HijackThis Category:O4
HijackThis log line: O4 – HKCU\..\Run: [AntivirusXP.exe] C:\Program Files\AntivirusXP\AntivirusXP.exe
Description: component of Antivirus XP Pro rogue antispyware

How to remove: How to remove Antivirus XP Pro

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: takqx
Filename: takqx.exe
Command: c:\windows\system32\takqx.exe
Startup Type: driver
RSIT/Combofix log line: S4 takqx;takqx;c:\windows\system32\takqx.exe [2009-01-15 20480]
Description: unknown trojan

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: jtgk
Filename: jtgk.exe
Command: c:\windows\system32\jtgk.exe
Startup Type: driver
RSIT/Combofix log line: S4 jtgk;jtgk;c:\windows\system32\jtgk.exe [2009-01-1 24576]
Description: unknown trojan

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: jlgk
Filename: jlgk.exe
Command: c:\windows\system32\jlgk.exe
Startup Type: driver
RSIT/Combofix log line: S4 jlgk;jlgk;c:\windows\system32\jlgk.exe [2009-01-1 24576]
Description: unknown trojan

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: smss
Filename: smss.exe
Command: c:\windows\system32\Performance\smss.exe
RSIT/Combofix log line: R4 NetSharing;NetTcp Port Sharing Service;c:\windows\system32\Performance\smss.exe [2009-01-01 10240]
Startup Type: driver
Description: unknown trojan