HT Logs. Tips, FAQs, Analyze.

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: nlblkhq
Filename: nlblkhq.com
Command: E:\nlblkhq.com
CLSID: {8c482e0e-71d8-11dc-bb4a-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8c482e0e-71d8-11dc-bb4a-00c09fcd8ea0}]
shell\AutoRun\command – E:\nlblkhq.com
shell\explore\command – E:\nlblkhq.com
shell\open\command – E:\nlblkhq.com

Description: component of autorun.inf trojan

How to remove: How to remove nlblkhq.com – trojan that uses autorun.inf file

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: RavMon
Filename: RavMon.exe
CLSID: {6aa9cf46-be16-11dc-bbe3-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6aa9cf46-be16-11dc-bbe3-00c09fcd8ea0}]
shell\AutoRun\command – RavMon.exe

Description: component of autorun.inf trojan

How to remove: How to remove trojans that uses autorun.inf file

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: xn1i9x
Filename: xn1i9x.com
Command: E:\xn1i9x.com
CLSID: {553a93c0-a1bf-11dc-bb98-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{553a93c0-a1bf-11dc-bb98-00c09fcd8ea0}]
shell\AutoRun\command – E:\xn1i9x.com
shell\explore\command – E:\xn1i9x.com
shell\open\command – E:\xn1i9x.com

Description: component of autorun.inf trojan

How to remove: How to remove trojans that uses autorun.inf file

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: adp
Filename: adp.exe
Command: E:\adp.exe
CLSID: {0ba21128-2e71-11dc-b73f-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ba21128-2e71-11dc-b73f-00c09fcd8ea0}]
shell\Auto\command – E:\adp.exe
shell\AutoRun\command – C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe

Description: component of autorun.inf trojan

How to remove: How to remove trojans that uses autorun.inf file

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: wcs
Filename: wcs.exe
Command: %programfiles%\Applications\wcs.exe
Startup Type: HKLM->Policies\Explorer\Run:
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Policies\Explorer\Run: [smile] C:\Program Files\Applications\wcs.exe

Description: variant of the Adware/Netproject malware

How to remove: Use HijackThis.

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: algg
Filename: algg.exe
Registry key: key
Command: %windir%\system32\algg.exe
Startup Type: HKCU->run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [wblogon] C:\WINDOWS\system32\algg.exe

Description: trojan downloader

How to remove: Use HijackThis.

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: VirusRL2009
Filename: VirusRL2009.exe
Command: %programfiles%\VirusRL2009\VirusRL2009.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [VirusRL2009] “C:\Program Files\VirusRL2009\VirusRL2009.exe”

Description: Virus Response Lab 2009 rogue antivirus component

How to remove: How to remove VirusResponseLab

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: TDSStkdv
Filename: TDSStkdv.log
Command: c:\windows\system32\TDSStkdv.log
Description: Trojan TDSSserv component

How to remove: How to remove trojan TDSSserv (TDSSserv.sys), clbdriver.sys and seneka.sys

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: TDSSosvn
Filename: TDSSosvn.dat
Command: c:\windows\system32\TDSSosvn.dat
Description: Trojan TDSSserv component

How to remove: How to remove trojan TDSSserv (TDSSserv.sys), clbdriver.sys and seneka.sys

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: lrpfwl
Filename: lrpfwl.dll
Command: %appdata%\Google\lrpfwl.dll
Description: trojan fakealert component
Notes: The trojan uses fake Security Center Alert to trick you into purchasing rogue antispyware

How to remove: How to remove Spyware.ISpynow, win32.zafi.b, Win32.Netsky.Q, Trojan.Zlob.G (Fake Security Center Alert)