Archive for the 'HijackThis' Category

« Previous Entries
Next Entries »

What is SecureFighter.exe, How to remove SecureFighter.exe

Wednesday, September 30th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SecureFighter
Filename: SecureFighter.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SecureFighter

Command: C:\Program Files\SecureFighter Software\SecureFighter\SecureFighter.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SecureFighter] C:\Program Files\SecureFighter Software\SecureFighter\SecureFighter.exe -min

Description: component of SecureFighter rogue antispyware program

How to remove: use these SecureFighter removal instructions

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

ld14.exe is component of worm koobface

Tuesday, September 29th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: ld14
Filename: ld14.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysldtray

Command: C:\Windows\ld14.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysldtray] C:\Windows\ld14.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysldtray”=C:\Windows\ld14.exe [2009-09-23 61440]

Description: component of worm koobface, that takes over computers by spreading through the social networks

How to remove: use Malwarebytes` Anti-malware

Posted in O4, Run, Worm | No Comments »

pp12.exe is part of worm koobface

Tuesday, September 29th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: pp12
Filename: pp12.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | pp

Command: C:\Windows\pp12.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [pp] C:\Windows\pp12.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“pp”=C:\Windows\pp12.exe [2009-09-23 49152]

Description: component of worm koobface

How to remove: use Malwarebytes` Anti-malware

Posted in O4, Run, Worm | No Comments »

freddy66.exe is part of worm Koobface

Tuesday, September 29th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: freddy66
Filename: freddy66.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: c:\windows\freddy66.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] c:\windows\freddy66.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=c:\windows\freddy66.exe [2009-09-25 77824]

Description: part of worm Koobface that takes over computers by spreading through the social networks

How to remove: use Malwarebytes` Anti-malware

Posted in O4, Run, Worm | No Comments »

How to remove SecureVeteran.exe, What is SecureVeteran.exe

Tuesday, September 29th, 2009

SecureVeteran.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SecureVeteran
Filename: SecureVeteran.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SecureVeteran

Command: C:\Program Files\SecureVeteran Software\SecureVeteran\SecureVeteran.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SecuritySoldier] C:\Program Files\SecureVeteran Software\SecureVeteran\SecureVeteran.exe -min

Description: main file of SecureVeteran rogue antispyware program

How to remove: use these SecureVeteran removal instructions

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

iehelpmod.dll is trojan fakeAlert

Tuesday, September 29th, 2009

iehelpmod.dll is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: iehelpmod
Filename: iehelpmod.dll
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}

Command: C:\WINDOWS\system32\iehelpmod.dll
CLSID: {35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}
Startup Type: BHO
HijackThis Category: O2
HijackThis Line:

O2 – BHO: &IE Help – {35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC} – C:\WINDOWS\system32\iehelpmod.dll

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}]
&IE Help – C:\WINDOWS\system32\iehelpmod.dll [2009-09-29 336896]

Description: trojan fakeAlert that installed by Total Security rogue antispyware program

How to remove: use these Total Security removal instructions

Posted in BHO, O2, Rogue Antispyware/Antivirus, Trojan | No Comments »

msnaoladdon.dll is trojan.bho

Monday, September 28th, 2009

msnaoladdon.dll is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: msnaoladdon
Filename: msnaoladdon.dll
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A77D3539-581D-450C-9E44-A84C415A6172}

Command: C:\WINDOWS\system32\msnaoladdon.dll
CLSID: {A77D3539-581D-450C-9E44-A84C415A6172}
Startup Type: BHO
HijackThis Category: O2
HijackThis Line:

O2 – BHO: (no name) – {A77D3539-581D-450C-9E44-A84C415A6172} – C:\WINDOWS\system32\msnaoladdon.dll

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A77D3539-581D-450C-9E44-A84C415A6172}]
C:\WINDOWS\system32\msnaoladdon.dll [2009-09-26 403968]

Description: trojan that installed by Alpha Antivirus (fake antivirus application)

How to remove: use these Alpha Antivirus removal instructions

Posted in BHO, O2, Rogue Antispyware/Antivirus, Trojan | No Comments »

NetFilter.exe is trojan Agent

Monday, September 28th, 2009

NetFilter.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: NetFilter
Filename: NetFilter.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | MSDRV

Command: C:\WINDOWS\system32\NetFilter.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [MSDRV] NetFilter.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“MSDRV”=C:\WINDOWS\system32\NetFilter.exe [2009-09-23 122880]

Description: trojan that installed by Alpha Antivirus rogue antispyware program

How to remove: use these Alpha Antivirus removal instructions

Posted in O4, Rogue Antispyware/Antivirus, Run, Trojan | No Comments »

How to remove AlphaAV.exe, What is AlphaAV.exe

Monday, September 28th, 2009

AlphaAV.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: AlphaAV
Filename: AlphaAV.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | AlphaAV

Command: C:\Program Files\AlphaAV\AlphaAV.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [AlphaAV] C:\Program Files\AlphaAV\AlphaAV.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“AlphaAV”=C:\Program Files\AlphaAV\AlphaAV.exe [2009-09-26 1581056]

Description: main file of Alpha Antivirus rogue antispyware program

How to remove: use these Alpha Antivirus removal instructions

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

How to remove SecuritySoldier.exe, What is SecuritySoldier.exe

Saturday, September 26th, 2009

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SecuritySoldier
Filename: SecuritySoldier.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SecuritySoldier

Command: C:\Program Files\SecuritySoldier Software\SecuritySoldier\SecuritySoldier.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SecuritySoldier] C:\Program Files\SecuritySoldier Software\SecuritySoldier\SecuritySoldier.exe -min

Description: main component of SecuritySoldier rogue antispyware program

How to remove: use these SecuritySoldier removal instructions

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

« Previous Entries
Next Entries »