Archive for the 'Threats' Category

« Previous Entries
Next Entries »

Setup.pif

Sunday, February 1st, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: Setup
Filename: Setup.pif
Registry key:

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{acd4847d-9849-11dc-b2f6-9d22d1eb4b51}

Command: C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Setup.pif
CLSID: acd4847d-9849-11dc-b2f6-9d22d1eb4b51
Startup Type: autorun.inf
Description: autorun.inf trojan component, Troj/DownLd-AAP Trojan [sophos]

How to remove: How to remove trojans that uses autorun.inf file

Posted in autorun.inf, Trojan | No Comments »

cmcfg3n.dll

Sunday, February 1st, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: cmcfg3n
Filename: cmcfg3n.dll
Registry key:

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91754c08-fbce-11dc-b351-00c09fa32033}

Command: rundll32.exe .\\cmcfg3n.dll,InstallM
CLSID: 91754c08-fbce-11dc-b351-00c09fa32033
Startup Type: autorun.inf
Description: unknown autorun.inf trojan component

How to remove: How to remove trojans that uses autorun.inf file

Posted in autorun.inf, Trojan | No Comments »

kbdyl.dll is a backdoor trojan

Sunday, February 1st, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: kbdyl
Filename: kbdyl.dll
Registry key:

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{89e65cc6-517d-11dd-b402-00c09fa32033}

Command: rundll32.exe .\\kbdyl.dll,InstallM
CLSID: 89e65cc6-517d-11dd-b402-00c09fa32033
Startup Type: autorun.inf
Description: autorun.inf trojan component, Backdoor.Darkmoon.C [Symantec]

How to remove: How to remove trojans that uses autorun.inf file

Posted in autorun.inf, Trojan | No Comments »

av360.exe is main file of Antivirus 360

Sunday, February 1st, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: av360
Filename: av360.exe
HijackThis line:

O4 – HKCU\..\Run: [17365052150289783265263418007005] C:\Program Files\A360\av360.exe

Command: C:\Program Files\A360\av360.exe
HijackThis Category: O4
Description: main component of Antivirus 360 (rogue antivirus)

How to remove: How to remove Antivirus 360 (Delete instructions)

Posted in Malware, O4 | No Comments »

MS32DLL.dll.vbs

Saturday, January 31st, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: MS32DLL.dll
Filename: MS32DLL.dll.vbs
Registry key:

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{665e2d89-b71e-11dc-b303-a1d3c996a05f}

Command: C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe .MS32DLL.dll.vbs
CLSID: 665e2d89-b71e-11dc-b303-a1d3c996a05f
Startup Type: autorun.inf
Description: autorun.inf trojan, VBS.Zodgila [Symantec]

How to remove: How to remove trojans that uses autorun.inf file

Posted in autorun.inf, Trojan | No Comments »

tel.xls.exe

Saturday, January 31st, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: tel.xls
Filename: tel.xls.exe
Registry key:

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4f4d33b2-3b87-11dc-a66c-db09a7dc4b52}

Command: C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL tel.xls.exe
CLSID: 4f4d33b2-3b87-11dc-a66c-db09a7dc4b52
Startup Type: autorun.inf
Description: autorun.inf trojan component
Threat Alias:

Backdoor.VB.ESE [PC Tools]
W32/USBAgent [McAfee]
W32.SillyFDC [Symantec]
WORM_VB.ERF [Trend Micro]
Trojan.Win32.VB.atg [Kaspersky Lab]

How to remove: How to remove trojans that uses autorun.inf file

Posted in autorun.inf, Trojan | No Comments »

d.com

Saturday, January 31st, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: d
Filename: d.com
Registry key:

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10219a1d-d86f-11dc-b316-a69dd264945f}

Command: F:\d.com
Startup Type: autorun.inf
Description: autorun.inf trojan component

How to remove: How to remove trojans that uses autorun.inf file

Posted in autorun.inf, Trojan | No Comments »

QW2010i.exe

Saturday, January 31st, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: QW2010i
Filename: QW2010i.exe
HijackThis line:

O4 – HKLM\..\Run: [Monitor calibrator] %CommonAppData%\QW2010\QW2010i.exe

Command: %CommonAppData%\QW2010\QW2010i.exe
Startup Type: HKLM->run
HijackThis Category: O4
Description: trojan fakealert, Antivirus 2010 component

How to remove: Use Malwarebytes Anti-malware

Posted in O4, Trojan | No Comments »

winsystems.dll is a trojan FakeAlert, component of Antivirus 360

Saturday, January 31st, 2009

This is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: winsystems
Filename: winsystems.dll
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0B014B81-4E12-46F9-806F-55867AF8FD3C}

Command: C:\WINDOWS\system32\winsystems.dll
CLSID: 0B014B81-4E12-46F9-806F-55867AF8FD3C
Startup Type: BHO
HijackThis Category: O2
Description: trojan FakeAlert, component of Antivirus 360

How to remove: Manually remove the file + use the instructions How to remove Antivirus 360

Posted in O2, Trojan | No Comments »

What is msansspc.dll, How to remove msansspc.dll

Saturday, January 31st, 2009

msansspc.dll is an harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: msansspc
Filename: msansspc.dll
Registry key:

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders | “SecurityProviders”=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, msansspc.dll

Command: C:\WINDOWS\system32\msansspc.dll
Startup Type: SecurityProviders
Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
“SecurityProviders”=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, msansspc.dll

Description: trojan

How to remove: use Malwarebytes Anti-malware.

Posted in SecurityProviders, Trojan | No Comments »

« Previous Entries
Next Entries »