Archive for the 'O20' Category

Next Entries »

WinCtrl32.dll is a trojan downloader

Sunday, May 31st, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: WinCtrl32
Filename: WinCtrl32.dll
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WinCtrl32

Startup Type: Winlogon->Notify
Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WinCtrl32]
WinCtrl32.dll

Description: trojan downloader

How to remove: manually or use Malwarebytes Anti-malware

Posted in O20, Trojan, Winlogon\Notify | No Comments »

tazeyubo.dll is a trojan Vundo

Tuesday, April 28th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: tazeyubo
Filename: tazeyubo.dll
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows | AppInit_DLLS

Command: C:\WINDOWS\system32\tazeyubo.dll
Startup Type: AppInit DLLs
HijackThis Category: O20
HijackThis Line:

O20 – AppInit_DLLs: C:\WINDOWS\system32\tazeyubo.dll

Description: trojan Vundo component

How to remove: use the instructions How to remove Trojan Vundo

Posted in AppInit DLLs, O20, Trojan | No Comments »

vitamine.dll is a trojan

Monday, March 30th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: vitamine
Filename: vitamine.dll
Command: c:\windows\system32\vitamine.dll
CLSID: {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}
Startup Type: HKLM->Run, AppInit DLL, SSODL, SharedTaskScheduler
HijackThis Category: O4, O20, O21, O22
HijackThis Line:

O4 – HKLM\..\Run: [CPMfbaed640] Rundll32.exe “c:\windows\system32\vitamine.dll”,a
O20 – AppInit_DLLs: c:\windows\system32\vitamine.dll
O21 – SSODL: SSODL – {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} – c:\windows\system32\vitamine.dll
O22 – SharedTaskScheduler: STS – {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} – c:\windows\system32\vitamine.dll

Description: trojan (Vundo)

How to remove: Use HijackThis + Use Malwarebytes Antimalware

Posted in AppInit DLLs, O20, O21, O22, O4, Run, SharedTaskScheduler, ShellServiceObjectDelayLoad, Trojan | No Comments »

wcpfvd.dll is trojan

Saturday, February 28th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: wcpfvd
Filename: wcpfvd.dll
Startup Type: AppInit DLLs
HijackThis Category: O20
HijackThis Line:

O20 – AppInit_DLLs: wcpfvd.dll

Description: component of a trojan

How to remove: Use HijackThis

Posted in AppInit DLLs, O20, Trojan | No Comments »

Next Entries »