Archive for the 'O4' Category

« Previous Entries
Next Entries »

What is sr882388.exe, How to remove sr882388.exe

Tuesday, January 5th, 2010

sr882388.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: sr882388
Filename: sr882388.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | ttool

Command: C:\Windows\sr882388.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [ttool] C:\Windows\sr882388.exe

DDS Line:

uRun: [ttool] C:\Windows\sr882388.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“ttool”=C:\Windows\sr882388.exe

Description: trojan agent

How to remove: use HijackThis + Kaspersky virus removal tool

Posted in O4, Run, Trojan | No Comments »

What is PcsProtector.exe, How to remove PcsProtector.exe

Monday, January 4th, 2010

PcsProtector.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: PcsProtector
Filename: PcsProtector.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | PcsProtector

Command: C:\Program Files\PcsProtector Software\PcsProtector\PcsProtector.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [PcsProtector] C:\Program Files\PcsProtector Software\PcsProtector\PcsProtector.exe -min

DDS Line:

mRun: [PcsProtector] C:\Program Files\PcsProtector Software\PcsProtector\PcsProtector.exe -min

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“PcsProtector”=C:\Program Files\PcsProtector Software\PcsProtector\PcsProtector.exe -min

Description: core component of PcsProtector. PcsProtector is a rogue antispyware program.

How to remove: use these PcsProtector removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is settdebugx.exe, How to remove settdebugx.exe

Wednesday, December 30th, 2009

settdebugx.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: settdebugx
Filename: settdebugx.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | settdebugx.exe

Command: %Temp%\settdebugx.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [settdebugx.exe] C:\DOCUME~1\user\LOCALS~1\Temp\settdebugx.exe

DDS Line:

uRun: [settdebugx.exe] C:\DOCUME~1\user\LOCALS~1\Temp\settdebugx.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“settdebugx.exe”=C:\DOCUME~1\user\LOCALS~1\Temp\settdebugx.exe

Description: variant of trojan FakeAlert

How to remove: use these settdebugx.exe removal instructions.

Posted in O4, Run, Trojan | No Comments »

What is avpc2009.exe, How to remove avpc2009.exe

Wednesday, December 30th, 2009

avpc2009.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: avpc2009.exe
Filename: avpc2009.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Antivirus PC 2009
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Antivirus PC 2009

Command: C:\Program Files\Antivirus PC 2009\avpc2009.exe
Startup Type: HKLM->Run, HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [Antivirus PC 2009] cmd /C cd “C:\Program Files\Antivirus PC 2009” && start avpc2009.exe
O4 – HKCU\..\Run: [Antivirus PC 2009] cmd /C cd “C:\Program Files\Antivirus PC 2009” && start avpc2009.exe

DDS Line:

mRun: [Antivirus PC 2009] cmd /C cd C:\Program Files\Antivirus PC 2009 && start avpc2009.exe
uRun: [Antivirus PC 2009] cmd /C cd C:\Program Files\Antivirus PC 2009 && start avpc2009.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“Antivirus PC 2009″=cmd /C cd C:\Program Files\Antivirus PC 2009 && start avpc2009.exe
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Antivirus PC 2009″=cmd /C cd C:\Program Files\Antivirus PC 2009 && start avpc2009.exe

Description: core part of Antivirus PC 2009. Antivirus PC 2009 is a rogue antispyware program.

How to remove: use these Antivirus PC 2009 removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is GreatDefender.exe, How to remove GreatDefender.exe

Tuesday, December 29th, 2009

GreatDefender.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: GreatDefender
Filename: GreatDefender.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | GreatDefender.exe

Command: C:\Program Files\GreatDefender Software\GreatDefender\GreatDefender.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [GreatDefender.exe] C:\Program Files\GreatDefender Software\GreatDefender\GreatDefender.exe

DDS Line:

uRun: [GreatDefender.exe] C:\Program Files\GreatDefender Software\GreatDefender\GreatDefender.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“GreatDefender.exe”=C:\Program Files\GreatDefender Software\GreatDefender\GreatDefender.exe

Description: core component of GreatDefender. GreatDefender is a rogue antispyware program.

How to remove: use these GreatDefender removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is sysclpro.exe, How to remove sysclpro.exe

Tuesday, December 29th, 2009

sysclpro.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: sysclpro
Filename: sysclpro.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SystemCleanerPRO

Command: C:\Program Files\SystemCleanerPRO\sysclpro.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SystemCleanerPRO] “C:\Program Files\SystemCleanerPRO\sysclpro.exe” /autorun

DDS Line:

uRun: [SystemCleanerPRO] C:\Program Files\SystemCleanerPRO\sysclpro.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“SystemCleanerPRO”=C:\Program Files\SystemCleanerPRO\sysclpro.exe [2009-04-01 931840]

Description: core component of SystemCleanerPRO. SystemCleanerPRO is a rogue antispyware program.

How to remove: use these SystemCleanerPRO removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is restore.exe, How to remove restore.exe

Tuesday, December 29th, 2009

restore.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: restore
Filename: restore.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Restore

Command: C:\Documents and Settings\All Users\Application Data\F\restore.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Restore] C:\Documents and Settings\All Users\Application Data\F\restore.exe

DDS Line:

uRun: [Restore] C:\Documents and Settings\All Users\Application Data\F\restore.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Restore”=C:\Documents and Settings\All Users\Application Data\F\restore.exe [2009-12-29 22528]

Description: core components of Antispyware Shield Pro. Antispyware Shield Pro is a rogue antispyware program.

How to remove: use these Antispyware Shield Pro removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is Total PC Defender.exe, How to remove Total PC Defender.exe

Sunday, December 27th, 2009

Total PC Defender.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: Total PC Defender
Filename: Total PC Defender.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Total PC Defender

Command: C:\Program Files\Total PC Defender\Total PC Defender.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [Total PC Defender] C:\Program Files\Total PC Defender\Total PC Defender.exe

DDS Line:

mRun: [Total PC Defender] C:\Program Files\Total PC Defender\Total PC Defender.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“Total PC Defender”=C:\Program Files\Total PC Defender\Total PC Defender.exe [2009-12-27 1247744]

Description: core component of Total PC Defender. Total PC Defender is a rogue antispyware program.

How to remove: use these Total PC Defender removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is pp14.exe, How to remove pp14.exe

Saturday, December 26th, 2009

pp14.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: pp14
Filename: pp14.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | pp

Command: C:\Windows\pp14.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [pp] C:\Windows\pp14.exe

DDS Line:

mRun: [pp] C:\Windows\pp14.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“pp”=C:\Windows\pp14.exe

Description: component of Koobface worm

How to remove: use these Koobface removal instructions.

Posted in O4, Run, Worm | No Comments »

What is APCProtect.exe, How to remove APCProtect.exe

Thursday, December 24th, 2009

APCProtect.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: APCProtect
Filename: APCProtect.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | APCProtect.exe

Command: C:\Program Files\APCProtect Software\APCProtect\APCProtect.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [APCProtect.exe] C:\Program Files\APCProtect Software\APCProtect\APCProtect.exe

DDS Line:

uRun: [APCProtect.exe] C:\Program Files\APCProtect Software\APCProtect\APCProtect.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“APCProtect.exe”=C:\Program Files\APCProtect Software\APCProtect\APCProtect.exe [2009-12-25 1798144]

Description: core component of APCProtect. APCProtect is a rogue antispyware program.

How to remove: use these APCProtect removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

« Previous Entries
Next Entries »