Archive for the 'Startup Type' Category

« Previous Entries
Next Entries »

What is cc.exe, How to remove cc.exe

Monday, November 16th, 2009

cc.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: cc
Filename: cc.exe
Registry key:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell

Command: %UserProfile%\Application Data\CC\cc.exe
Startup Type: Winlogon\Shell
MalwareBytes Anti-malware shows this infection:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (C:\Documents and Settings\user\Application Data\CC\cc.exe) Good: (Explorer.exe)

Description: part of Control Center. Control Center is a fake Windows optimization application.

How to remove: use these Control Center removal instructions.

Posted in Rogue Antispyware/Antivirus, Winlogon\Shell | No Comments »

What is LinkSafeness.exe, How to remove LinkSafeness.exe

Monday, November 16th, 2009

LinkSafeness.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: LinkSafeness
Filename: LinkSafeness.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | LinkSafeness

Command: C:\Program Files\LinkSafeness Software\LinkSafeness\LinkSafeness.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [LinkSafeness] C:\Program Files\LinkSafeness Software\LinkSafeness\LinkSafeness.exe -min

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“LinkSafeness”=C:\Program Files\LinkSafeness Software\LinkSafeness\LinkSafeness.exe [2009-11-17 1634304]

Description: core file of LinkSafeness. LinkSafeness is a fake security program also known as rogue antispyware.

How to remove: use these LinkSafeness removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is tdidis32.sys, How to remove tdidis32.sys

Friday, November 13th, 2009

tdidis32.sys is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: tdidis32
Filename: tdidis32.sys
Command: C:\WINDOWS\system32\tdidis32.sys
Startup Type: driver
Combofix/RSIT Line:

S1 tdidis32.sys;tdidis32.sys; \??\C:\WINDOWS\system32\tdidis32.sys []

Description: trojan agent also known as Rootkit.Win32.Pakes

How to remove: use SUPERAntiSpyware

Posted in Driver, Trojan | No Comments »

What is AntiAID.exe, How to remove AntiAID.exe

Wednesday, November 11th, 2009

AntiAID.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: AntiAID
Filename: AntiAID.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | AntiAID

Command: C:\Program Files\AntiAID Software\AntiAID\AntiAID.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [AntiAID] C:\Program Files\AntiAID Software\AntiAID\AntiAID.exe -min

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“AntiAID”=C:\Program Files\AntiAID Software\AntiAID\AntiAID.exe [2009-11-12 1634304]

Description: core part of AntiAID. AntiAID is a rogue antispyware program from WiniGuard scareware family.

How to remove: use these AntiAID removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is mstre22.exe, How to remove mstre22.exe

Wednesday, November 11th, 2009

mstre22.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: mstre22
Filename: mstre22.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SySmstray

Command: C:\Windows\mstre22.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [SySmstray] C:\Windows\mstre22.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SySmstray”=C:\Windows\mstre22.exe

Description: part of Koobface worm

How to remove: use HijackThis + Malwarebytes` Anti-malware

Posted in O4, Run, Worm | No Comments »

What is SystemWarrior.exe, How to remove SystemWarrior.exe

Tuesday, November 10th, 2009

SystemWarrior.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SystemWarrior
Filename: SystemWarrior.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SystemWarrior

Command: C:\Program Files\SystemWarrior Software\SystemWarrior\SystemWarrior.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [SystemWarrior] “C:\Program Files\SystemWarrior Software\SystemWarrior\SystemWarrior.exe” -min

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SystemWarrior”=C:\Program Files\SystemWarrior Software\SystemWarrior\SystemWarrior.exe [2009-11-11 742400]

Description: core part of SystemWarrior. SystemWarrior is a rogue antispyware program.

How to remove: use these SystemWarrior removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is antimalware.exe, How to remove antimalware.exe

Tuesday, November 10th, 2009

antimalware.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: antimalware
Filename: antimalware.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | AntiMalware

Command: C:\Program Files\AntiMalware\antimalware.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [AntiMalware] “C:\Program Files\AntiMalware\antimalware.exe” -noscan

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“AntiMalware”=C:\Program Files\AntiMalware\antimalware.exe [2009-11-10 1572864]

Description: core component of AntiMalware. AntiMalware is a rogue antispyware program.

How to remove: use these AntiMalware removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is SystemFighter.exe, How to remove SystemFighter.exe

Sunday, November 8th, 2009

SystemFighter.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SystemFighter
Filename: SystemFighter.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SystemFighter

Command: C:\Program Files\SystemFighter Software\SystemFighter\SystemFighter.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [SystemFighter] “C:\Program Files\SystemFighter Software\SystemFighter\SystemFighter.exe” -min

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SystemFighter”=C:\Program Files\SystemFighter Software\SystemFighter\SystemFighter.exe [2009-11-09 784896]

Description: core component of SystemFighter. SystemFighter is a rogue antispyware program.

How to remove: use these SystemFighter removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is SystemVeteran.exe, How to remove SystemVeteran.exe

Saturday, November 7th, 2009

SystemVeteran.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SystemVeteran
Filename: SystemVeteran.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SystemVeteran.exe

Command: C:\Program Files\SystemVeteran Software\SystemVeteran\SystemVeteran.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [SystemVeteran.exe] C:\Program Files\SystemVeteran Software\SystemVeteran\SystemVeteran.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SystemVeteran.exe”=C:\Program Files\SystemVeteran Software\SystemVeteran\SystemVeteran.exe [2009-11-07 773120]

Description: core component of SystemVeteran. SystemVeteran is a rogue antispyware program.

How to remove: use these SystemVeteran removal instructions.

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

What is freddy73.exe, How to remove freddy73.exe

Thursday, November 5th, 2009

freddy73.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: freddy73
Filename: freddy73.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: C:\windows\freddy73.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\freddy73.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\freddy73.exe

Description: part of koobface worm

How to remove: use HijackThis + Malwarebytes` Anti-malware

Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »

« Previous Entries
Next Entries »