HT Logs. Tips, FAQs, Analyze.

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: Uguguyirog
Filename: Uguguyirog.dll
Command: %windir%\Uguguyirog.dll”
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [Bvaduyokuyepe] rundll32.exe “C:\WINDOWS\Uguguyirog.dll”,e

Description: component of trojan Vundo

How to remove: How to remove Trojan Vundo

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: prunnet
Filename: prunnet.exe
Command: %windir%\system32\prunnet.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [prunnet] “C:\WINDOWS\system32\prunnet.exe”

Description: trojan downloader

How to remove: Use Malwarebytes Antimalware

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: 6l6w8
Filename: 6l6w8.com
Command: F:\6l6w8.com
CLSID: {95aa2c26-00d9-11dd-bc71-0011675aabad}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95aa2c26-00d9-11dd-bc71-0011675aabad}]
shell\AutoRun\command – F:\6l6w8.com
shell\explore\command – F:\6l6w8.com
shell\open\command – F:\6l6w8.com

Description: component of autorun.inf trojan

How to remove: How to remove 6l6w8.com – trojan that uses autorun.inf file

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: nlblkhq
Filename: nlblkhq.com
Command: E:\nlblkhq.com
CLSID: {8c482e0e-71d8-11dc-bb4a-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8c482e0e-71d8-11dc-bb4a-00c09fcd8ea0}]
shell\AutoRun\command – E:\nlblkhq.com
shell\explore\command – E:\nlblkhq.com
shell\open\command – E:\nlblkhq.com

Description: component of autorun.inf trojan

How to remove: How to remove nlblkhq.com – trojan that uses autorun.inf file

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: RavMon
Filename: RavMon.exe
CLSID: {6aa9cf46-be16-11dc-bbe3-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6aa9cf46-be16-11dc-bbe3-00c09fcd8ea0}]
shell\AutoRun\command – RavMon.exe

Description: component of autorun.inf trojan

How to remove: How to remove trojans that uses autorun.inf file

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: xn1i9x
Filename: xn1i9x.com
Command: E:\xn1i9x.com
CLSID: {553a93c0-a1bf-11dc-bb98-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{553a93c0-a1bf-11dc-bb98-00c09fcd8ea0}]
shell\AutoRun\command – E:\xn1i9x.com
shell\explore\command – E:\xn1i9x.com
shell\open\command – E:\xn1i9x.com

Description: component of autorun.inf trojan

How to remove: How to remove trojans that uses autorun.inf file

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: adp
Filename: adp.exe
Command: E:\adp.exe
CLSID: {0ba21128-2e71-11dc-b73f-00c09fcd8ea0}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ba21128-2e71-11dc-b73f-00c09fcd8ea0}]
shell\Auto\command – E:\adp.exe
shell\AutoRun\command – C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe

Description: component of autorun.inf trojan

How to remove: How to remove trojans that uses autorun.inf file

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: algg
Filename: algg.exe
Registry key: key
Command: %windir%\system32\algg.exe
Startup Type: HKCU->run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [wblogon] C:\WINDOWS\system32\algg.exe

Description: trojan downloader

How to remove: Use HijackThis.

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: TDSStkdv
Filename: TDSStkdv.log
Command: c:\windows\system32\TDSStkdv.log
Description: Trojan TDSSserv component

How to remove: How to remove trojan TDSSserv (TDSSserv.sys), clbdriver.sys and seneka.sys

This is an harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: TDSSosvn
Filename: TDSSosvn.dat
Command: c:\windows\system32\TDSSosvn.dat
Description: Trojan TDSSserv component

How to remove: How to remove trojan TDSSserv (TDSSserv.sys), clbdriver.sys and seneka.sys