Archive for February, 2009
Sunday, February 15th, 2009
This is an harmful program.
Name: eneticab
Filename: eneticab.dll
Command: %windir%\eneticab.dll
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [Hqefudivosogike] rundll32.exe “C:\WINDOWS\eneticab.dll”,e
Description: component of trojan Vundo
How to remove: How to remove Trojan Vundo
Posted in O4, Run, Trojan | No Comments »
Sunday, February 15th, 2009
This is an harmful program.
Name: Uguguyirog
Filename: Uguguyirog.dll
Command: %windir%\Uguguyirog.dll”
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [Bvaduyokuyepe] rundll32.exe “C:\WINDOWS\Uguguyirog.dll”,e
Description: component of trojan Vundo
How to remove: How to remove Trojan Vundo
Posted in O4, Run, Trojan | No Comments »
Sunday, February 15th, 2009
This is an harmful program.
Name: prunnet
Filename: prunnet.exe
Command: %windir%\system32\prunnet.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [prunnet] “C:\WINDOWS\system32\prunnet.exe”
Description: trojan downloader
How to remove: Use Malwarebytes Antimalware
Posted in O4, Run, Trojan | No Comments »
Sunday, February 15th, 2009
This is an harmful program.
Name: lkxcqdb
Filename: lkxcqdb.bat
Command: E:\lkxcqdb.bat
CLSID: {df709192-1538-11dd-bc9a-0011675aabad}
Startup Type: autorun.inf
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df709192-1538-11dd-bc9a-0011675aabad}]
shell\AutoRun\command – E:\lkxcqdb.bat
shell\explore\command – E:\lkxcqdb.bat
shell\open\command – E:\lkxcqdb.bat
Description: component of autorun.inf virus
How to remove: How to remove lkxcqdb.bat – trojan that uses autorun.inf file
Posted in autorun.inf, Virus | No Comments »
Saturday, February 14th, 2009
This is an harmful program.
Name: gy
Filename: gy.cmd
CLSID: {b75b8d74-94b1-11dc-bb7c-00c09fcd8ea0}
Startup Type: autorun.inf
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b75b8d74-94b1-11dc-bb7c-00c09fcd8ea0}]
shell\AutoRun\command – gy.cmd
shell\explore\command – gy.cmd
shell\open\command – gy.cmd
Description: component of autorun.inf virus
How to remove: How to remove gy.cmd – trojan that uses autorun.inf file
Posted in autorun.inf, Virus | No Comments »
Saturday, February 14th, 2009
This is an harmful program.
Name: itsduel
Filename: itsduel.exe
Command: E:\itsduel.exe
CLSID: {98ffd239-a6ee-11dd-bd91-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98ffd239-a6ee-11dd-bd91-00c09fcd8ea0}]
shell\AutoRun\command – E:\itsduel.exe
shell\explore\command – E:\itsduel.exe
shell\open\command – E:\itsduel.exe
Description: component of autorun.inf virus
How to remove: How to remove itsduel.exe – trojan that uses autorun.inf file
Posted in autorun.inf, Virus | No Comments »
Saturday, February 14th, 2009
This is an harmful program.
Name: 6l6w8
Filename: 6l6w8.com
Command: F:\6l6w8.com
CLSID: {95aa2c26-00d9-11dd-bc71-0011675aabad}
Startup Type: autorun.inf
Combofix/RSIT Line:
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95aa2c26-00d9-11dd-bc71-0011675aabad}]
shell\AutoRun\command – F:\6l6w8.com
shell\explore\command – F:\6l6w8.com
shell\open\command – F:\6l6w8.com
Description: component of autorun.inf trojan
How to remove: How to remove 6l6w8.com – trojan that uses autorun.inf file
Posted in autorun.inf, Trojan | No Comments »
Saturday, February 14th, 2009
This is an harmful program.
Name: nlblkhq
Filename: nlblkhq.com
Command: E:\nlblkhq.com
CLSID: {8c482e0e-71d8-11dc-bb4a-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8c482e0e-71d8-11dc-bb4a-00c09fcd8ea0}]
shell\AutoRun\command – E:\nlblkhq.com
shell\explore\command – E:\nlblkhq.com
shell\open\command – E:\nlblkhq.com
Description: component of autorun.inf trojan
How to remove: How to remove nlblkhq.com – trojan that uses autorun.inf file
Posted in autorun.inf, Trojan | No Comments »
Saturday, February 14th, 2009
This is an harmful program.
Name: RavMon
Filename: RavMon.exe
CLSID: {6aa9cf46-be16-11dc-bbe3-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6aa9cf46-be16-11dc-bbe3-00c09fcd8ea0}]
shell\AutoRun\command – RavMon.exe
Description: component of autorun.inf trojan
How to remove: How to remove trojans that uses autorun.inf file
Posted in autorun.inf, Trojan | No Comments »
Saturday, February 14th, 2009
This is an harmful program.
Name: xn1i9x
Filename: xn1i9x.com
Command: E:\xn1i9x.com
CLSID: {553a93c0-a1bf-11dc-bb98-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{553a93c0-a1bf-11dc-bb98-00c09fcd8ea0}]
shell\AutoRun\command – E:\xn1i9x.com
shell\explore\command – E:\xn1i9x.com
shell\open\command – E:\xn1i9x.com
Description: component of autorun.inf trojan
How to remove: How to remove trojans that uses autorun.inf file
Posted in autorun.inf, Trojan | No Comments »
