HT Logs. Tips, FAQs, Analyze.

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: higudivo
Filename: higudivo.dll
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | wawusavasi

Command: C:\WINDOWS\System32\higudivo.dll
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [wawusavasi] Rundll32.exe “C:\WINDOWS\System32\higudivo.dll”,s
O4 – HKUS\S-1-5-19\..\Run: [wawusavasi] Rundll32.exe “C:\WINDOWS\System32\higudivo.dll”,s (User ‘LOCAL SERVICE’)
O4 – HKUS\S-1-5-20\..\Run: [wawusavasi] Rundll32.exe “C:\WINDOWS\System32\higudivo.dll”,s (User ‘NETWORK SERVICE’)

Description: component of trojan Vundo

How to remove: Use HijackThis + Use Malwarebytes Antimalware

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: zenonabi
Filename: zenonabi.dll
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | f89de5dc

Command: C:\WINDOWS\System32\zenonabi.dll
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [f89de5dc] rundll32.exe “C:\WINDOWS\System32\zenonabi.dll”,b

Description: trojan Vundo component

How to remove: Use HijackThis + Use Malwarebytes Antimalware

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: XP-4A87B914
Filename: XP-4A87B914.EXE
Command: C:\WINDOWS\system32\XP-4A87B914.EXE
Startup Type: Startup folder
HijackThis Category: O4
HijackThis Line:

O4 – Startup: ¡¡¡¡¡¡.lnk = C:\WINDOWS\system32\XP-4A87B914.EXE

Description: unknown trojan

How to remove: Use HijackThis

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: VAlarm
Filename: VAlarm.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Virus Alarm

Command: C:\Documents and Settings\All Users\Application Data\a023\VAlarm.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Virus Alarm] “C:\Documents and Settings\All Users\Application Data\a023\VAlarm.exe” /s

Description: main file of Virus Alarm (rogue antispyware program)

How to remove: Use HijackThis or use the instructions How to remove Virus Alert (Uninstall instructions)

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: agent
Filename: agent.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | agent.exe

Command: C:\Program Files\Privacy center\agent.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [agent.exe] C:\Program Files\Privacy center\agent.exe

Description: component of Privacy center

How to remove: Use HijackThis or Use Malwarebytes Antimalware

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: pcdefender
Filename: pcdefender.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | sysav

Command: %UserProfile%\Application Data\pcdefender.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [sysav] %UserProfile%\Application Data\pcdefender.exe

Description: main component of WinPC Defender

How to remove: use the instructions How to remove WinPC Defender

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: iv
Filename: iv.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | iv

Command: C:\Documents and Settings\lab\Local Settings\Application Data\Microsoft\Internet Explorer\iv.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Policies\Explorer\Run: [iv] “C:\Documents and Settings\lab\Local Settings\Application Data\Microsoft\Internet Explorer\iv.exe”

Description: trojan, component of Personal Antivirus

How to remove: use the instructions How to remove Personal Antivirus (Uninstall instructions)

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: winlogon
Filename: winlogon.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Microsoft Windows logon process

Command: C:\Documents and Settings\lab\Application Data\Microsoft\Windows\winlogon.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Microsoft Windows logon process] C:\Documents and Settings\lab\Application Data\Microsoft\Windows\winlogon.exe

Description: trojan, component of Personal Antivirus

How to remove: use the instructions How to remove Personal Antivirus (Uninstall instructions)

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: PerAvir
Filename: PerAvir.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Personal Antivirus

Command: C:\Program Files\Personal Antivirus\PerAvir.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Personal Antivirus] “C:\Program Files\Personal Antivirus\PerAvir.exe” /s

Description: main component of Personal Antivirus (rogue antivirus/antispyware program)

How to remove: use the instructions How to remove Personal Antivirus (Uninstall instructions)

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: wmptray
Filename: wmptray.exe

Command: C:\Program Files\MediaSystem\wmptray.exe
Startup Type: HKLM->run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [WmpTray] C:\Program Files\MediaSystem\wmptray.exe

Description: component of WinCodecPro trojan

How to remove: use the instructions How to remove WinCodecPro trojan and wmptray.exe (fake media codec)