Archive for March, 2009

« Previous Entries
Next Entries »

svchost.exe is a trojan

Monday, March 30th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: svchost
Filename: svchost.exe
Command: C:\Program Files\Outlook Express\svchost.exe
Startup Type: Service
HijackThis Category: O23
HijackThis Line:

O23 – Service: Window Net Dns (MyDNS) – Unknown owner – C:\Program Files\Outlook Express\svchost.exe

Description: unknown trojan component

How to remove: Use HijackThis + Use Malwarebytes Antimalware

Posted in O23, Service, Trojan | No Comments »

DisableRegedit=1, result of trojan activity

Monday, March 30th, 2009

This is a signature of trojan activity.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name of trojan activity: DisableRegedit
HijackThis Category: O7
HijackThis Line:

O7 – HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

Description: Disabled Regedit tools is a signature of trojan activity

How to remove: Use HijackThis or Use Malwarebytes Antimalware

Posted in O7, Trojan | 3 Comments »

XP-4A87B914.EXE is a trojan

Monday, March 30th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: XP-4A87B914
Filename: XP-4A87B914.EXE
Command: C:\WINDOWS\system32\XP-4A87B914.EXE
Startup Type: Startup folder
HijackThis Category: O4
HijackThis Line:

O4 – Startup: ¡¡¡¡¡¡.lnk = C:\WINDOWS\system32\XP-4A87B914.EXE

Description: unknown trojan

How to remove: Use HijackThis

Posted in O4, Startup folder, Trojan | No Comments »

regsvr.exe is a trojan

Monday, March 30th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: regsvr
Filename: regsvr.exe
Startup Type: system.ini
HijackThis Category: F2
HijackThis Line:

F2 – REG:system.ini: Shell=Explorer.exe regsvr.exe

Description: regsvr.exe is a trojan

How to remove: Use HijackThis + Use Malwarebytes Antimalware

Posted in F2, system.ini, Trojan | No Comments »

uxdeiect.com is malware, autorun.inf trojan

Monday, March 30th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: uxdeiect
Filename: uxdeiect.com
CLSID: {8e508249-a76f-11dd-8359-001e4cf19625}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e508249-a76f-11dd-8359-001e4cf19625}]
shell\AutoRun\command – uxdeiect.com
shell\explore\command – uxdeiect.com
shell\open\command – uxdeiect.com

Description: malware (autorun.inf trojan)

How to remove: use the instructions How to remove trojans that uses autorun.inf file + manually remove the file.

Posted in autorun.inf, Trojan | No Comments »

printer.exe is a malware, autorun.inf trojan

Monday, March 30th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: printer
Filename: printer.exe
CLSID: {86d2e059-9871-11dd-94d9-001e4cf19625}
Startup Type: autorun.inf

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86d2e059-9871-11dd-94d9-001e4cf19625}]
shell\Auto\command – F:\printer.exe
shell\AutoRun\command – C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\printer.exe

Description: malware (autorun.inf trojan)

How to remove: use the instructions How to remove trojans that uses autorun.inf file + manually remove the file.

Posted in autorun.inf, Trojan | No Comments »

semo2x.exe is a malware, autorun.inf trojan

Monday, March 30th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: semo2x
Filename: semo2x.exe
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{638d42eb-be6f-11dd-a9f6-001e4cf19625}]
shell\AutoRun\command – semo2x.exe
shell\explore\command – semo2x.exe
shell\open\command – semo2x.exe

Description: malware (autorun.inf trojan)

How to remove: use the instructions How to remove trojans that uses autorun.inf file + manually remove the file

Posted in autorun.inf, Trojan | No Comments »

VAlarm.exe is a malware, main file of Virus Alarm

Thursday, March 26th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: VAlarm
Filename: VAlarm.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Virus Alarm

Command: C:\Documents and Settings\All Users\Application Data\a023\VAlarm.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Virus Alarm] “C:\Documents and Settings\All Users\Application Data\a023\VAlarm.exe” /s

Description: main file of Virus Alarm (rogue antispyware program)

How to remove: Use HijackThis or use the instructions How to remove Virus Alert (Uninstall instructions)

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

spbho.dll is a malware, component of Privacy center

Thursday, March 26th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: spbho
Filename: spbho.dll
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D032570A-5F63-4812-A094-87D007C23012}

Command: C:\Program Files\Privacy center\tools\sp\spbho.dll
CLSID: {D032570A-5F63-4812-A094-87D007C23012}
Startup Type: BHO
HijackThis Category: O2
HijackThis Line:

O2 – BHO: (no name) – {D032570A-5F63-4812-A094-87D007C23012} – C:\Program Files\Privacy center\tools\sp\spbho.dll

Description: Internet Explorer BHO module, component of Privacy center

How to remove: Use HijackThis or Use Malwarebytes Antimalware

Posted in BHO, O2, Rogue Antispyware/Antivirus | No Comments »

agent.exe is a component of Privacy center

Thursday, March 26th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: agent
Filename: agent.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | agent.exe

Command: C:\Program Files\Privacy center\agent.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [agent.exe] C:\Program Files\Privacy center\agent.exe

Description: component of Privacy center

How to remove: Use HijackThis or Use Malwarebytes Antimalware

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

« Previous Entries
Next Entries »