Archive for the 'Threats' Category

« Previous Entries
Next Entries »

malwaredef.exe is main component of Malware Defender 2009

Tuesday, March 10th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: malwaredef
Filename: malwaredef.exe
Command: %programfiles%\Malware Defender 2009\malwaredef.exe
Startup Type:HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [malwaredef] C:\Program Files\Malware Defender 2009\malwaredef.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“malwaredef”=”C:\Program Files\Malware Defender 2009\malwaredef.exe”

Description: main component of Malware Defender 2009

How to remove: use the instructions How to remove Malware Defender 2009 (Uninstall instructions)

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

proas2009.exe is main file of Pro Antispyware 2009

Friday, March 6th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: proas2009
Filename: proas2009.exe
Command: C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\proas2009.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Pro Antispyware 2009] “C:\Documents and Settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\proas2009.exe” /autorun

Description: main file of Pro Antispyware 2009
Notes: Pro Antispyware 2009 is a rogue antispyware program

How to remove: use the instructions How to remove Pro Antispyware 2009 (Antispyware Pro 2009) Delete instructions

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

AntiSpyware Pro.exe is main file Antispyware Pro 2009

Friday, March 6th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: AntiSpyware Pro
Filename: AntiSpyware Pro.exe
Command: C:\Program Files\AntiSpyware Pro\AntiSpyware Pro.exe
Startup Type: HKLM->run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [AntiSpyware Pro] “C:\Program Files\AntiSpyware Pro\AntiSpyware Pro.exe” hide

Description: main file Antispyware Pro 2009
Notes: Antispyware Pro 2009 is a rogue antispyware

How to remove: use the instructions How to remove Pro Antispyware 2009 (Antispyware Pro 2009) Delete instructions

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

wdmaud.sys is a trojan/google redirect

Friday, March 6th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: wdmaud
Filename: wdmaud.sys
Registry key:

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
“aux2″=”wdmaud.sys”

Command: C:\Windows\system32\wdmaud.sys
Startup Type: Sound drivers
Description: C:\Windows\system32\wdmaud.sys is a trojan/Google redirect also known as Rootkit.Win32.Agent.fwt. The legitimate wdmaud.sys actually exists at C:\Windows\system32\drivers\

How to remove: use the instructions How to remove Google searches redirect virus 7.7.7.0 (remove Rootkit.Win32.Agent.fwt)

Posted in Sound drivers, Trojan | No Comments »

winconfig.dll is a trojan fake-alert, component of Antivirus 360

Friday, March 6th, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: winconfig
Filename: winconfig.dll
Command: C:\Windows\System32\winconfig.dll
CLSID: {D263FA6D-84CC-48A8-9AF6-C664362B7A5B}
Startup Type: BHO
HijackThis Category: O2
HijackThis Line:

O2 – BHO: (no name) – {D263FA6D-84CC-48A8-9AF6-C664362B7A5B} – C:\Windows\System32\winconfig.dll

Description: trojan fake-alert, component of Antivirus 360

How to remove: use the instructions How to remove Antivirus 360

Posted in BHO, O2, Rogue Antispyware/Antivirus, Trojan | No Comments »

winscenter.exe is Trojan FakeAlert

Sunday, March 1st, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: winscenter
Filename: winscenter.exe
Command: %windir%\System32\winscenter.exe
Description: Trojan FakeAlert

How to remove: Use Malwarebytes Antimalware

Posted in Trojan | No Comments »

SysLoader.exe is trojan FakeAlert

Sunday, March 1st, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SysLoader
Filename: SysLoader.exe
Command: %programfiles%\SysLoader.exe
Description: trojan FakeAlert

How to remove: Use Malwarebytes Antimalware

Posted in Trojan | No Comments »

rkgnd.exe is component of ANG AntiVirus 09

Sunday, March 1st, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: rkgnd
Filename: rkgnd.exe
Command: C:\Program Files\Common Files\System\mgnc\rkgnd.exe
Startup Type:HKLM->RunOnce
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\RunOnce: [39173992539183281] C:\Program Files\Common Files\System\mgnc\rkgnd.exe

Description: component of ANG AntiVirus 09

How to remove: use these instructions How to remove ANG AntiVirus 09 or use HijackThis

Posted in O4, Rogue Antispyware/Antivirus, RunOnce | No Comments »

angpd.exe is a component of ANG AntiVirus 09

Sunday, March 1st, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: angpd
Filename: angpd.exe
Command: C:\Program Files\Common Files\System\mgnc\angpd.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [62964419826679261] C:\Program Files\Common Files\System\mgnc\angpd.exe

Description: component of ANG AntiVirus 09

How to remove: use the instructions How to remove ANG AntiVirus 09 (Delete instructions) or use HijackThis.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

WiniGuard.exe is main component of WiniGuard (rogue antispyware)

Sunday, March 1st, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: WiniGuard
Filename: WiniGuard.exe
Command: c:\program files\winiguard software\winiguard\WiniGuard.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [WiniGuard] “c:\program files\winiguard software\winiguard\WiniGuard.exe” -min

Description: main component of WiniGuard (rogue antispyware)

How to remove: use these instructions How to remove WiniGuard (Delete instructions)

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

« Previous Entries
Next Entries »