Archive for the 'O4' Category
Wednesday, June 3rd, 2009
This is a harmful program.
Name: WinBlueSoft
Filename: WinBlueSoft.exe
Registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | WinBlueSoft
Command: C:\Program Files\WinBlueSoft Software\WinBlueSoft\WinBlueSoft.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [WinBlueSoft] C:\Program Files\WinBlueSoft Software\WinBlueSoft\WinBlueSoft.exe -min
Description: WinBlueSoft.exe is a main component of WinBlueSoft rogue antispyware program
How to remove: use these WinBlueSoft removal instructions
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Tuesday, June 2nd, 2009
This is a harmful program.
Name: windef
Filename: windef.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | WinDefender2009
Command: c:\Program Files\WinDefender\windef.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [WinDefender2009] c:\Program Files\WinDefender\windef.exe
Description: windef.exe is a main file of WinDefender2009 (rogue antispyware program)
How to remove: use Malwarebytes Antimalware
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Sunday, May 31st, 2009
This is a harmful program.
Name: PrestoTuneUp
Filename: PrestoTuneUp.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Presto TuneUp
Command: C:\Documents and Settings\All Users\Application Data\b1529a0\PrestoTuneUp.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [Presto TuneUp] “C:\Documents and Settings\All Users\Application Data\b1529a0\PrestoTuneUp.exe” /s /d
Description: Presto Tuneup is a scareware program that uses false system errors to trick you into buying the software.
How to remove: use Malwarebytes Antimalware
Posted in Malware, O4, Run | No Comments »
Sunday, May 24th, 2009
This is a harmful program.
Name: FastAV
Filename: FastAV.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Fast Antivirus 2009
Command: C:\Documents and Settings\All Users\Application Data\d0aef09\FastAV.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [Fast Antivirus 2009] “C:\Documents and Settings\All Users\Application Data\d0aef09\FastAV.exe” /s /d
Description: main file of Fast Antivirus 2009 (rogue antipyware program)
How to remove: use the instructions How to remove Fast Antivirus 2009
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Monday, May 18th, 2009
This is a harmful program.
Name: AV
Filename: AV.EXE
Registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Secure AntiVirus Pro
Command: C:\WINDOWS\AV.EXE
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [Secure AntiVirus Pro] C:\WINDOWS\AV.EXE
Description: main file of Secure Antivirus Pro (rogue antispyware program)
How to remove: use the Secure Antivirus Pro removal instructions
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Friday, May 8th, 2009
This is a harmful program.
Name: MCatcher
Filename: MCatcher.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Malware Catcher 2009
Command: C:\Documents and Settings\All Users\Application Data\f5bc4e8\MCatcher.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [Malware Catcher 2009] “C:\Documents and Settings\All Users\Application Data\f5bc4e8\MCatcher.exe” /s /d
Description: main file of Malware Catcher 2009 (rogue antispyware program)
How to remove: use Malwarebytes Antimalware
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Thursday, May 7th, 2009
This is a harmful program.
Name: pav
Filename: pav.exe
Registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | PAV
Command: c:\program files\pav\pav.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [PAV] c:\program files\pav\pav.exe
Description: main file of Personal Antivirus (rogue antispyware program)
How to remove: use these instructions How to remove Personal Antivirus
Posted in BHO, O4, Rogue Antispyware/Antivirus | No Comments »
Monday, May 4th, 2009
This is a harmful program.
Name: agent
Filename: agent.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | agent.exe
Command: C:\Program Files\PCenter\agent.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [agent.exe] C:\Program Files\PCenter\agent.exe
Description: component of Privacy Center (rogue privacy program)
How to remove: use the instructions How to remove Privacy Center
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Monday, May 4th, 2009
This is a harmful program.
Name: spywareguard
Filename: spywareguard.exe
Registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | spywareguard
Command: c:\program files\spyware guard 2009\spywareguard.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [spywareguard] c:\program files\spyware guard 2009\spywareguard.exe
Description: main file of Spyware Guard 2009 (rogue antispyware program)
How to remove: use these instructions How to remove Spyware Guard 2009
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Saturday, May 2nd, 2009
This is a harmful program.
Name: VDoca582
Filename: VDoca582.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Virus Doctor
Command: C:\Documents and Settings\All Users\Application Data\927e\VDoca582.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [Virus Doctor] “C:\Documents and Settings\All Users\Application Data\927e\VDoca582.exe” /s /d
Description: main file of Virus Doctor (rogue antivirus program)
How to remove: use the instructions How to remove Virus Doctor
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
