Necessary At your option Useless Dangerous Application database
 Startup Programs     Entire site
Startupapps.com recommends you:

Detect and remove hidden rootkits using UnHackMe UnHackMe - Rootkit Killer Free fully functional 30-days trial.

RegRun Security Suite = 24 system utilities for protecting your computer. Try now!

Buy Now!

I would like to say that RegRun has helped me on more than 1 occasion when it comes to spyware/adware by letting me know automatically that a piece of it got added to Windows startup. There is so much spyware/addware out there today it's hard to imagine being without RegRun. I like many other features too including the daily registry backups and file protection.

Chris Wagers

Dangerous %WinDir%\avguard.exe - Dangerous
%windir%\avguard.exe
W32.Netsky.G@mm
It copies itself to %Windir%\Avguard.exe.

Deletes the values: Taskmon, Explorer, Windows Services Host, KasperskyAV, from the registry keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Some of these registry key values are typically associated with the worms W32.Mydoom.A@mm and W32.Mydoom.B@mm.
The W32.Mimail.T@mm worm may add the registry key value "KasperskyAV."

Deletes some values from the registry key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
Such as: System, msgsvr32, DELETE ME, service, Sentry, d3dupdate.exe, au.exe, OLE, gouday.exe etc.

Deletes the registry keys:
HKEY_CLASSES_ROOT\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InProcServer32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\PINF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WksPatch

Scans the predefined file types on drives C through Z for email addresses:
Uses its own SMTP engine to send itself to the email addresses it found above, sending to each address once.
The email has the following characteristics:
Subject: One of the predefined list.
For ex: Re: Your website

Body: (One of the following)
Your file is attached.
Please read the attached file.
Please have a look at the attached file.
See the attached file for details.
Here is the file.
Your document is attached.

Attachment: One of the predefined list.
For ex: Re: mp3music.pif

Manual removal:
Navigate to the key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
and delete the value: "Special Firewall Service" = %WinDir%\avguard.exe -av service

Removal: %WinDir%\avguard.exe is removed by RegRun.

Read more... Removal instructions...

Recommended software:
UnHackMe - easy removal Rootkits/Adware/Spyware.
http://www.unhackme.com

RegRun Security Suite - removal and protection. http://www.regrun.com

RegRun Reanimator - free removal tool. greatis.com/reanimator

RegRun - User's Choice

Vista Programs - full info...

What is hidden in MSDN?
.NET Secrets Revealed

Why software developers prefer Win32.FreeTechSecrets.com?

All Unix Manuals in Alphabetical Order

C# controls for .NET in 3 simple steps.


Constantly updated. Last update: June 30 2008

Interesting information about Vista programs...
Need consultation?

Would you like to add your opinion?

Your Name (Not Required):

Your E-mail to contact (Not Required):

Application Name:

Application Status:
Neccessary
At your option
Useless
Dangerous

Description:


Quick Links
What's new?
RSS Feed
Add to AppDatabase
Ask Experts
Join forum
Links

Articles
Virus or not? SPTD####.sys
What is mc21.tmp, mc22.tmp, mc23.tmp?

Select
Necessary
Useless
At your option
Dangerous
Copyright © 1998-2008 Greatis Software