HT Logs. Tips, FAQs, Analyze.

IEAddon.dll is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: IEAddon
Filename: IEAddon.dll
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB5551D-8594-4999-85F9-1E3EABCB95AC}

Command: C:\Program Files\Desktop Defender 2010\IEAddon.dll
CLSID: {CCB5551D-8594-4999-85F9-1E3EABCB95AC}
Startup Type: BHO
HijackThis Category: O2
HijackThis Line:

O2 – BHO: StatusBarPane – {CCB5551D-8594-4999-85F9-1E3EABCB95AC} – C:\Program Files\Desktop Defender 2010\IEAddon.dll

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB5551D-8594-4999-85F9-1E3EABCB95AC}]
StatusBarPane Class – C:\Program Files\Desktop Defender 2010\IEAddon.dll [2009-06-12 57344]

Description: component of Desktop Defender 2010. Desktop Defender 2010 is a rogue antispyware program.

How to remove: use these Desktop Defender 2010 removal instructions

SoftBarrier.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: SoftBarrier
Filename: SoftBarrier.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SoftBarrier

Command: C:\Program Files\SoftBarrier Software\SoftBarrier\SoftBarrier.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SoftBarrier] C:\Program Files\SoftBarrier Software\SoftBarrier\SoftBarrier.exe -min

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“SoftBarrier”=C:\Program Files\SoftBarrier Software\SoftBarrier\SoftBarrier.exe [2009-10-28 786944]

Description: component of SoftBarrier. SoftBarrier is a rogue antispyware program.

How to remove: use these SoftBarrier removal instructions

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: VSeda.exe
Filename: VSeda.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Volcano Security Suite

Command: C:\Documents and Settings\All Users\Application Data\1dc89\VSeda.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [Volcano Security Suite] “C:\Documents and Settings\All Users\Application Data\1dc89\VSeda.exe” /s /d

RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“Volcano Security Suite”=C:\Documents and Settings\All Users\Application Data\1dc89\VSeda.exe [2009-10-27 2603521]

Description: component of Volcano Security Suite. Volcano Security Suite is a rogue antispyware program.

How to remove: use these Volcano Security Suite removal instructions

ShieldSafeness.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: ShieldSafeness
Filename: ShieldSafeness.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | ShieldSafeness

Command: C:\Program Files\ShieldSafeness Software\ShieldSafeness\ShieldSafeness.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [ShieldSafeness] C:\Program Files\ShieldSafeness Software\ShieldSafeness\ShieldSafeness.exe -min

RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“ShieldSafeness”=C:\Program Files\ShieldSafeness Software\ShieldSafeness\ShieldSafeness.exe [2009-10-25 785920]

Description: component of ShieldSafeness. ShieldSafeness.exe is a rogue antispyware program.

How to remove: use these ShieldSafeness removal instructions

rundll22.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: rundll22
Filename: rundll22.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | ttool

Command: C:\WINDOWS\rundll22.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [ttool] C:\WINDOWS\rundll22.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“ttool”=C:\WINDOWS\rundll22.exe

Description: a trojan that installed with Antivirus Pro 2010 (rogue antispyware program)

How to remove: use HijackThis + use Malwarebytes` Anti-malware

servises.Exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: servises
Filename: servises.Exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | servises
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | servises
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run | servises
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run | servises

Command: C:\Windows\system32\servises.Exe
Startup Type: HKCU->Run, HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [servises] C:\Windows\system32\servises.Exe
O4 – HKCU\..\Run: [servises] C:\Windows\system32\servises.Exe
O4 – HKLM\..\Policies\Explorer\Run: [servises] C:\Windows\system32\servises.Exe
O4 – HKCU\..\Policies\Explorer\Run: [servises] C:\Windows\system32\servises.Exe

Description: trojan that installed with Antivirus System Pro (rogue antispyware program)

How to remove: use these Antivirus System Pro removal instructions.

SoftStronghold.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: SoftStronghold
Filename: SoftStronghold.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SoftStronghold

Command: C:\Program Files\SoftStronghold Software\SoftStronghold\SoftStronghold.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SoftStronghold] C:\Program Files\SoftStronghold Software\SoftStronghold\SoftStronghold.exe -min

RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“SoftStronghold”=C:\Program Files\SoftStronghold Software\SoftStronghold\SoftStronghold.exe [2009-10-24 830976]

Description: part of SoftStronghold. SoftStronghold is a rogue antispyware program.

How to remove: use these SoftStronghold removal instructions

IAPro.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: IAPro
Filename: IAPro.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Internet Antivirus Pro

Command: command
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Internet Antivirus Pro] “c:\program files\Internet Antivirus Pro\IAPro.exe” /s

RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Internet Antivirus Pro”=c:\program files\Internet Antivirus Pro\IAPro.exe [2009-10-20 1567744]

Description: part of Internet Antivirus Pro. Internet Antivirus Pro is a rogue antispyware program.

How to remove: use these Internet Antivirus Pro removal instructions

SoftVeteran.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: SoftVeteran
Filename: SoftVeteran.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SoftVeteran

Command: C:\Program Files\SoftVeteran Software\SoftVeteran\SoftVeteran.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SoftVeteran] C:\Program Files\SoftVeteran Software\SoftVeteran\SoftVeteran.exe -min

RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“SoftVeteran”=C:\Program Files\SoftVeteran Software\SoftVeteran\SoftVeteran.exe [2009-10-22 830976]

Description: component of SoftVeteran. SoftVeteran is a rogue antispyware program.

How to remove: use these SoftVeteran removal instructions

SoftCop.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: SoftCop
Filename: SoftCop.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SoftCop

Command: C:\Program Files\SoftCop Software\SoftCop\SoftCop.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SoftCop] C:\Program Files\SoftCop Software\SoftCop\SoftCop.exe -min

RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“SoftCop”=C:\Program Files\SoftCop Software\SoftCop\SoftCop.exe [2009-10-17 830976]

Description: part of SoftCop. SoftCop is a rogue antispyware program.

How to remove: use these SoftCop removal instructions