Archive for January, 2010

« Previous Entries
Next Entries »

What is mshlps.dll, How to remove mshlps.dll

Sunday, January 10th, 2010

mshlps.dll is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: mshlps
Filename: mshlps.dll
Registry key|value:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls | AppSecDll = “C:\Windows\System32\mshlps.dll”
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls | AppSecDll = “C:\Windows\System32\mshlps.dll”

Command: %WinDir%\System32\mshlps.dll
Startup Type: AppCertDlls
Description: trojan also known as Trojan.Win32.Agent.deou [Kaspersky Lab]. Its installed with kbdsock.dll trojan.

How to remove: use Windows Registry editor + Kaspersky virus removal tool

Posted in AppCertDlls, Trojan | No Comments »

What is kbdsock.dll, How to remove kbdsock.dll

Sunday, January 10th, 2010

kbdsock.dll is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: kbdsock
Filename: kbdsock.dll
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows | AppInit_DLLS

Command: C:\WINDOWS\system32\kbdsock.dll
Startup Type: AppInit_DLLs
HijackThis Category: O20
HijackThis Line:

O20 – AppInit_DLLs: C:\WINDOWS\system32\kbdsock.dll

DDS Line:

AppInit_DLLs: C:\WINDOWS\system32\kbdsock.dll

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
“AppInit_DLLS”=”C:\WINDOWS\system32\kbdsock.dll”

Description: trojan also known as Trojan.Win32.Agent.deot [Kaspersky Lab]

How to remove: use HijackThis + Kaspersky virus removal tool

Posted in O4, Run, Trojan | No Comments »

What is PR19.DLL, How to remove PR19.DLL

Saturday, January 9th, 2010

PR19.DLL is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: PR19
Filename: PR19.DLL
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows |AppInit_DLLS

Command: C:\WINDOWS\system32\PR19.DLL
Startup Type: AppInit_Dlls
HijackThis Category: O20
HijackThis Line:

O20 – AppInit_DLLs: C:\WINDOWS\system32\PR19.DLL

DDS Line:

AppInit_DLLs: C:\WINDOWS\system32\PR19.DLL

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
“AppInit_DLLS”=”C:\WINDOWS\system32\PR19.DLL”

Description: trojan that installed with adobemedia.exe trojan.

How to remove: use HijackThis + Kaspersky virus removal tool

Posted in AppInit DLLs, O4, Trojan | No Comments »

What is PR15.DLL, How to remove PR15.DLL

Saturday, January 9th, 2010

PR15.DLL is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: PR15
Filename: PR15.DLL
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows | AppInit_DLLS

Command: C:\WINDOWS\system32\PR15.DLL
Startup Type: AppInit Dlls
HijackThis Category: O20
HijackThis Line:

O20 – AppInit_DLLs: C:\WINDOWS\system32\PR15.DLL

DDS Line:

AppInit_DLLs: C:\WINDOWS\system32\PR15.DLL

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
“AppInit_DLLS”=”C:\WINDOWS\system32\PR15.DLL”

Description: trojan that installed with adobemedia.exe trojan.

How to remove: use HijackThis + Kaspersky virus removal tool

Posted in AppInit DLLs, O20, Trojan | No Comments »

What is adobemedia.exe, How to remove adobemedia.exe

Saturday, January 9th, 2010

adobemedia.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: adobemedia
Filename: adobemedia.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | adobemedia.exe

Command: C:\WINDOWS\system32\adobemedia.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [adobemedia.exe] C:\WINDOWS\system32\adobemedia.exe

DDS Line:

uRun: [adobemedia.exe] C:\WINDOWS\system32\adobemedia.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“adobemedia.exe”=C:\WINDOWS\system32\adobemedia.exe

Description: trojan

How to remove: use HijackThis + Kaspersky virus removal tool

Posted in O4, Run, Trojan | No Comments »

What is apocalyps32.exe, How to remove apocalyps32.exe

Saturday, January 9th, 2010

apocalyps32.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: apocalyps32
Filename: apocalyps32.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | apocalyps32

Command: C:\Windows\apocalyps32.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [apocalyps32] C:\Windows\apocalyps32.exe

DDS Line:

mRun: [apocalyps32] C:\Windows\apocalyps32.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“apocalyps32″=C:\Windows\apocalyps32.exe

Description: malware also known as Mal/Behav-328, Mal/Dropper-G, Mal/Behav-053 [Sophos]

How to remove: use HijackThis + Kaspersky virus removal tool

Posted in Malware, O4, Run | No Comments »

What is InSysSecure.exe, How to remove InSysSecure.exe

Saturday, January 9th, 2010

InSysSecure.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: InSysSecure
Filename: InSysSecure.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | InSysSecure

Command: C:\Program Files\InSysSecure Software\InSysSecure\InSysSecure.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [InSysSecure] C:\Program Files\InSysSecure Software\InSysSecure\InSysSecure.exe

DDS Line:

mRun: [InSysSecure] C:\Program Files\InSysSecure Software\InSysSecure\InSysSecure.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“InSysSecure”=C:\Program Files\InSysSecure Software\InSysSecure\InSysSecure.exe

Description: core component of InSysSecure. InSysSecure is a rogue antispyware program.

How to remove: use these InSysSecure removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is SysProtector.exe, How to remove SysProtector.exe

Friday, January 8th, 2010

SysProtector.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SysProtector
Filename: SysProtector.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SysProtector

Command: C:\Program Files\SysProtector Software\SysProtector\SysProtector.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [SysProtector] C:\Program Files\SysProtector Software\SysProtector\SysProtector.exe -min

DDS Line:

mRun: [SysProtector] C:\Program Files\SysProtector Software\SysProtector\SysProtector.exe -min

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SysProtector”=C:\Program Files\SysProtector Software\SysProtector\SysProtector.exe -min

Description: core part of SysProtector. SysProtector is a rogue antispyware program.

How to remove: use these SysProtector removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is helper32.dll, How to remove helper32.dll

Thursday, January 7th, 2010

helper32.dll is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: helper32
Filename: helper32.dll
Command: c:\windows\system32\helper32.dll
Startup Type: LSP
HijackThis Category: O10
HijackThis Line:

O10 – Unknown file in Winsock LSP: c:\windows\system32\helper32.dll

DDS Line:

LSP: c:\windows\system32\helper32.dll

Description: component of trojan FakeAlert

How to remove: use these helper32.dll removal instructions.

Posted in LSP, O10, Trojan | No Comments »

What is winlogon32.exe, How to remove winlogon32.exe

Thursday, January 7th, 2010

winlogon32.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: winlogon32
Filename: winlogon32.exe
Registry key|value:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon | Userinit = “C:\WINDOWS\system32\winlogon32.exe”

Command: C:\WINDOWS\system32\winlogon32.exe
Startup Type: WinLogon->UserInit
HijackThis Category: F2
HijackThis Line:

F2 – REG:system.ini: UserInit=C:\WINDOWS\system32\winlogon32.exe

Description: component of trojan FakeAlert

How to remove: use these winlogon32.exe removal instructions.

Posted in F2, Trojan, Winlogon\UserInit | No Comments »

« Previous Entries
Next Entries »