Archive for the 'autorun.inf' Category

semo2x.exe is a malware, autorun.inf trojan

Monday, March 30th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: semo2x
Filename: semo2x.exe
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{638d42eb-be6f-11dd-a9f6-001e4cf19625}]
shell\AutoRun\command – semo2x.exe
shell\explore\command – semo2x.exe
shell\open\command – semo2x.exe

Description: malware (autorun.inf trojan)

How to remove: use the instructions How to remove trojans that uses autorun.inf file + manually remove the file

m9ma.exe is Trojan/Win32.Inject.ldi (W32/Backdoor2)

Saturday, February 28th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: m9ma
Filename: m9ma.exe
Registry key:

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f2e1c83a-e730-11dd-80d2-001731eea33c}

CLSID: {f2e1c83a-e730-11dd-80d2-001731eea33c}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f2e1c83a-e730-11dd-80d2-001731eea33c}]
shell\AutoRun\command – m9ma.exe
shell\explore\command – m9ma.exe
shell\open\command – m9ma.exe

Description: Trojan/Win32.Inject.ldi (W32/Backdoor2)

How to remove: How to remove trojans that uses autorun.inf file

nfdmg.com is Trojan.Win32.VB (virus)

Saturday, February 28th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: nfdmg
Filename: nfdmg.com
Registry key:

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a0b9b731-e792-11dd-80d3-001731eea33c}

CLSID: {a0b9b731-e792-11dd-80d3-001731eea33c}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a0b9b731-e792-11dd-80d3-001731eea33c}]
shell\AutoRun\command – nfdmg.com
shell\explore\command – nfdmg.com
shell\open\command – nfdmg.com

Description: Trojan.Win32.VB (virus)

How to remove: How to remove nfdmg.com – trojan that uses autorun.inf file

lkxcqdb.bat is a component of autorun.inf virus

Sunday, February 15th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: lkxcqdb
Filename: lkxcqdb.bat
Command: E:\lkxcqdb.bat
CLSID: {df709192-1538-11dd-bc9a-0011675aabad}
Startup Type: autorun.inf

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df709192-1538-11dd-bc9a-0011675aabad}]
shell\AutoRun\command – E:\lkxcqdb.bat
shell\explore\command – E:\lkxcqdb.bat
shell\open\command – E:\lkxcqdb.bat

Description: component of autorun.inf virus

How to remove: How to remove lkxcqdb.bat – trojan that uses autorun.inf file

gy.cmd is a component of autorun.inf virus

Saturday, February 14th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: gy
Filename: gy.cmd
CLSID: {b75b8d74-94b1-11dc-bb7c-00c09fcd8ea0}
Startup Type: autorun.inf

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b75b8d74-94b1-11dc-bb7c-00c09fcd8ea0}]
shell\AutoRun\command – gy.cmd
shell\explore\command – gy.cmd
shell\open\command – gy.cmd

Description: component of autorun.inf virus

How to remove: How to remove gy.cmd – trojan that uses autorun.inf file

itsduel.exe is a component of autorun.inf virus

Saturday, February 14th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: itsduel
Filename: itsduel.exe
Command: E:\itsduel.exe
CLSID: {98ffd239-a6ee-11dd-bd91-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98ffd239-a6ee-11dd-bd91-00c09fcd8ea0}]
shell\AutoRun\command – E:\itsduel.exe
shell\explore\command – E:\itsduel.exe
shell\open\command – E:\itsduel.exe

Description: component of autorun.inf virus

How to remove: How to remove itsduel.exe – trojan that uses autorun.inf file

6l6w8.com is a component of autorun.inf trojan

Saturday, February 14th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: 6l6w8
Filename: 6l6w8.com
Command: F:\6l6w8.com
CLSID: {95aa2c26-00d9-11dd-bc71-0011675aabad}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95aa2c26-00d9-11dd-bc71-0011675aabad}]
shell\AutoRun\command – F:\6l6w8.com
shell\explore\command – F:\6l6w8.com
shell\open\command – F:\6l6w8.com

Description: component of autorun.inf trojan

How to remove: How to remove 6l6w8.com – trojan that uses autorun.inf file

nlblkhq.com is a component of autorun.inf trojan

Saturday, February 14th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: nlblkhq
Filename: nlblkhq.com
Command: E:\nlblkhq.com
CLSID: {8c482e0e-71d8-11dc-bb4a-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8c482e0e-71d8-11dc-bb4a-00c09fcd8ea0}]
shell\AutoRun\command – E:\nlblkhq.com
shell\explore\command – E:\nlblkhq.com
shell\open\command – E:\nlblkhq.com

Description: component of autorun.inf trojan

How to remove: How to remove nlblkhq.com – trojan that uses autorun.inf file

RavMon.exe is a component of autorun.inf trojan

Saturday, February 14th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: RavMon
Filename: RavMon.exe
CLSID: {6aa9cf46-be16-11dc-bbe3-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6aa9cf46-be16-11dc-bbe3-00c09fcd8ea0}]
shell\AutoRun\command – RavMon.exe

Description: component of autorun.inf trojan

How to remove: How to remove trojans that uses autorun.inf file

xn1i9x.com is a component of autorun.inf trojan

Saturday, February 14th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: xn1i9x
Filename: xn1i9x.com
Command: E:\xn1i9x.com
CLSID: {553a93c0-a1bf-11dc-bb98-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{553a93c0-a1bf-11dc-bb98-00c09fcd8ea0}]
shell\AutoRun\command – E:\xn1i9x.com
shell\explore\command – E:\xn1i9x.com
shell\open\command – E:\xn1i9x.com

Description: component of autorun.inf trojan

How to remove: How to remove trojans that uses autorun.inf file