Archive for the 'Run' Category

« Previous Entries
Next Entries »

What is GhostAV.exe, How to remove GhostAV.exe

Wednesday, January 13th, 2010

GhostAV.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: GhostAV
Filename: GhostAV.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Ghost Antivirus

Command: c:\program files\Ghost Antivirus\GhostAV.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Ghost Antivirus] “c:\program files\Ghost Antivirus\GhostAV.exe” /s

DDS Line:

uRun: [Ghost Antivirus] “c:\program files\ghost antivirus\GhostAV.exe” /s

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Ghost Antivirus”=c:\program files\Ghost Antivirus\GhostAV.exe [2010-01-10 1608192]

Description: core component of Ghost Antivirus. Ghost Antivirus is a rogue antispyware program.

How to remove: use these Ghost Antivirus removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is SysDefenders.exe, How to remove SysDefenders.exe

Tuesday, January 12th, 2010

SysDefenders.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SysDefenders
Filename: SysDefenders.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SysDefenders

Command: C:\Program Files\SysDefenders Software\SysDefenders\SysDefenders.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [SysDefenders] C:\Program Files\SysDefenders Software\SysDefenders\SysDefenders.exe

DDS Line:

mRun: [SysDefenders] C:\Program Files\SysDefenders Software\SysDefenders\SysDefenders.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SysDefenders”=C:\Program Files\SysDefenders Software\SysDefenders\SysDefenders.exe

Description: core part of SysDefenders. SysDefenders is a rogue antispyware program.

How to remove: use these SysDefenders removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is kbdsock.dll, How to remove kbdsock.dll

Sunday, January 10th, 2010

kbdsock.dll is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: kbdsock
Filename: kbdsock.dll
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows | AppInit_DLLS

Command: C:\WINDOWS\system32\kbdsock.dll
Startup Type: AppInit_DLLs
HijackThis Category: O20
HijackThis Line:

O20 – AppInit_DLLs: C:\WINDOWS\system32\kbdsock.dll

DDS Line:

AppInit_DLLs: C:\WINDOWS\system32\kbdsock.dll

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
“AppInit_DLLS”=”C:\WINDOWS\system32\kbdsock.dll”

Description: trojan also known as Trojan.Win32.Agent.deot [Kaspersky Lab]

How to remove: use HijackThis + Kaspersky virus removal tool

Posted in O4, Run, Trojan | No Comments »

What is adobemedia.exe, How to remove adobemedia.exe

Saturday, January 9th, 2010

adobemedia.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: adobemedia
Filename: adobemedia.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | adobemedia.exe

Command: C:\WINDOWS\system32\adobemedia.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [adobemedia.exe] C:\WINDOWS\system32\adobemedia.exe

DDS Line:

uRun: [adobemedia.exe] C:\WINDOWS\system32\adobemedia.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“adobemedia.exe”=C:\WINDOWS\system32\adobemedia.exe

Description: trojan

How to remove: use HijackThis + Kaspersky virus removal tool

Posted in O4, Run, Trojan | No Comments »

What is apocalyps32.exe, How to remove apocalyps32.exe

Saturday, January 9th, 2010

apocalyps32.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: apocalyps32
Filename: apocalyps32.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | apocalyps32

Command: C:\Windows\apocalyps32.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [apocalyps32] C:\Windows\apocalyps32.exe

DDS Line:

mRun: [apocalyps32] C:\Windows\apocalyps32.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“apocalyps32″=C:\Windows\apocalyps32.exe

Description: malware also known as Mal/Behav-328, Mal/Dropper-G, Mal/Behav-053 [Sophos]

How to remove: use HijackThis + Kaspersky virus removal tool

Posted in Malware, O4, Run | No Comments »

What is InSysSecure.exe, How to remove InSysSecure.exe

Saturday, January 9th, 2010

InSysSecure.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: InSysSecure
Filename: InSysSecure.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | InSysSecure

Command: C:\Program Files\InSysSecure Software\InSysSecure\InSysSecure.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [InSysSecure] C:\Program Files\InSysSecure Software\InSysSecure\InSysSecure.exe

DDS Line:

mRun: [InSysSecure] C:\Program Files\InSysSecure Software\InSysSecure\InSysSecure.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“InSysSecure”=C:\Program Files\InSysSecure Software\InSysSecure\InSysSecure.exe

Description: core component of InSysSecure. InSysSecure is a rogue antispyware program.

How to remove: use these InSysSecure removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is SysProtector.exe, How to remove SysProtector.exe

Friday, January 8th, 2010

SysProtector.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SysProtector
Filename: SysProtector.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SysProtector

Command: C:\Program Files\SysProtector Software\SysProtector\SysProtector.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [SysProtector] C:\Program Files\SysProtector Software\SysProtector\SysProtector.exe -min

DDS Line:

mRun: [SysProtector] C:\Program Files\SysProtector Software\SysProtector\SysProtector.exe -min

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SysProtector”=C:\Program Files\SysProtector Software\SysProtector\SysProtector.exe -min

Description: core part of SysProtector. SysProtector is a rogue antispyware program.

How to remove: use these SysProtector removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is smss32.exe, How to remove smss32.exe

Thursday, January 7th, 2010

smss32.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: smss32
Filename: smss32.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | smss32.exe

Command: c:\windows\system32\smss32.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe

DDS Line:

mRun: [smss32.exe] c:\windows\system32\smss32.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“smss32.exe”=c:\windows\system32\smss32.exe

Description: component of trojan FakeAlert.

How to remove: use these smss32.exe removal instructions.

Posted in O4, Run, Trojan | No Comments »

What is APcDefender.exe, How to remove APcDefender.exe

Thursday, January 7th, 2010

APcDefender.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: APcDefender
Filename: APcDefender.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | APcDefender

Command: C:\Program Files\APcDefender Software\APcDefender\APcDefender.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [APcDefender] C:\Program Files\APcDefender Software\APcDefender\APcDefender.exe -min

DDS Line:

mRun: [APcDefender] C:\Program Files\APcDefender Software\APcDefender\APcDefender.exe -min

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“APcDefender”=C:\Program Files\APcDefender Software\APcDefender\APcDefender.exe -min

Description: core part of APcDefender. APcDefender is a rogue antispyware program.

How to remove: use these APcDefender removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is PCprotectar.exe, How to remove PCprotectar .exe

Wednesday, January 6th, 2010

PCprotectar.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: PCprotectar
Filename: PCprotectar.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | PCprotectar.exe

Command: C:\Program Files\PCprotectar Software\PCprotectar\PCprotectar.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [PCprotectar.exe] C:\Program Files\PCprotectar Software\PCprotectar\PCprotectar.exe

DDS Line:

uRun: [PCprotectar.exe] C:\Program Files\PCprotectar Software\PCprotectar\PCprotectar.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“PCprotectar.exe”=C:\Program Files\PCprotectar Software\PCprotectar\PCprotectar.exe

Description: core part of PCprotectar. PCprotectar is a rogue antispyware program.

How to remove: use these PCprotectar removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

« Previous Entries
Next Entries »