Archive for January, 2009

« Previous Entries
Next Entries »

AntivirusXP.exe

Monday, January 19th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: AntivirusXP
Filename: AntivirusXP.exe
Command: C:\Program Files\AntivirusXP\AntivirusXP.exe
Startup Type:HKCU->Run
HijackThis Category:O4
HijackThis log line: O4 – HKCU\..\Run: [AntivirusXP.exe] C:\Program Files\AntivirusXP\AntivirusXP.exe
Description: component of Antivirus XP Pro rogue antispyware

How to remove: How to remove Antivirus XP Pro

Posted in O4, Run | No Comments »

takqx.exe

Monday, January 19th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: takqx
Filename: takqx.exe
Command: c:\windows\system32\takqx.exe
Startup Type: driver
RSIT/Combofix log line: S4 takqx;takqx;c:\windows\system32\takqx.exe [2009-01-15 20480]
Description: unknown trojan

Posted in Driver, Trojan | No Comments »

jtgk.exe

Monday, January 19th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: jtgk
Filename: jtgk.exe
Command: c:\windows\system32\jtgk.exe
Startup Type: driver
RSIT/Combofix log line: S4 jtgk;jtgk;c:\windows\system32\jtgk.exe [2009-01-1 24576]
Description: unknown trojan

Posted in Driver, Trojan | No Comments »

jlgk.exe

Monday, January 19th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: jlgk
Filename: jlgk.exe
Command: c:\windows\system32\jlgk.exe
Startup Type: driver
RSIT/Combofix log line: S4 jlgk;jlgk;c:\windows\system32\jlgk.exe [2009-01-1 24576]
Description: unknown trojan

Posted in Driver, Trojan | No Comments »

smss.exe

Sunday, January 18th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: smss
Filename: smss.exe
Command: c:\windows\system32\Performance\smss.exe
RSIT/Combofix log line: R4 NetSharing;NetTcp Port Sharing Service;c:\windows\system32\Performance\smss.exe [2009-01-01 10240]
Startup Type: driver
Description: unknown trojan

Posted in Trojan | No Comments »

tcpsr.sys

Sunday, January 18th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: tcpsr
Filename: tcpsr.sys
Registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcpsr
Command: C:\WINDOWS\System32\drivers\tcpsr.sys
Startup Type: services
RSIT/Combofix log line: S3 tcpsr;tcpsr; \??\C:\WINDOWS\System32\drivers\tcpsr.sys []
Description: Rootkit.MailGrab also known as TROJ_PANDEX.CHL, looks here

How to remove: Use SDFix free trojan remover tool

Posted in Rootkit | No Comments »

sic32.exe

Sunday, January 18th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: sic32
Filename: sic32.exe
Registry key:

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce5b3fc5-8964-11dc-8106-d519e4d51f80}\shell\AutoRun\command HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce5b3fc5-8964-11dc-8106-d519e4d51f80}\shell\open\command

Command: F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sic32.exe
CLSID {ce5b3fc5-8964-11dc-8106-d519e4d51f80}
Startup Type: autorun.inf
Description: autorun.inf trojan component

How to remove: How to remove trojans that uses autorun.inf file

Posted in autorun.inf, Trojan | No Comments »

oufddh.exe

Sunday, January 18th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: oufddh
Filename: oufddh.exe
Registry key:

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bf9cdffb-887f-11dd-83c9-b13a56a6fdb8}\shell\AutoRun\command HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bf9cdffb-887f-11dd-83c9-b13a56a6fdb8}\shell\explore\command HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bf9cdffb-887f-11dd-83c9-b13a56a6fdb8}\shell\open\command

Command: F:\oufddh.exe
CLSID {bf9cdffb-887f-11dd-83c9-b13a56a6fdb8}
Startup Type: autorun.inf
Description: autorun.inf trojan component

How to remove: How to remove trojans that uses autorun.inf file

Posted in autorun.inf, Trojan | No Comments »

MicrSoft.exe

Sunday, January 18th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: MicrSoft
Filename: MicrSoft.exe
Registry key:

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9b12973a-ba55-11dd-8480-00e04c5add14}shell\AutoRun\command HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9b12973a-ba55-11dd-8480-00e04c5add14}\shell\Explore\command HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9b12973a-ba55-11dd-8480-00e04c5add14}\shell\Open\command

Command: c:\MicrSoft.exe
CLSID {9b12973a-ba55-11dd-8480-00e04c5add14}
Startup Type: autorun.inf
Description: autorun.inf trojan component

How to remove: How to remove trojans that uses autorun.inf file

Posted in autorun.inf, Trojan | No Comments »

ise.exe

Sunday, January 18th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: ise
Filename: ise.exe
Registry key:

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9a8a5363-802a-11dd-83b5-b358442cdd6a}\shell\AutoRun\command
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9a8a5363-802a-11dd-83b5-b358442cdd6a}\shell\open\command

Description: autorun.inf trojan component
Startup Type: autorun.inf
Command: c:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe
CLSID: {9a8a5363-802a-11dd-83b5-b358442cdd6a}

How to remove: How to remove trojans that uses autorun.inf file

Posted in autorun.inf, Trojan | No Comments »

« Previous Entries
Next Entries »