HT Logs. Tips, FAQs, Analyze.

antimalware.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: antimalware
Filename: antimalware.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | AntiMalware

Command: C:\Program Files\AntiMalware\antimalware.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [AntiMalware] “C:\Program Files\AntiMalware\antimalware.exe” -noscan

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“AntiMalware”=C:\Program Files\AntiMalware\antimalware.exe [2009-11-10 1572864]

Description: core component of AntiMalware. AntiMalware is a rogue antispyware program.

How to remove: use these AntiMalware removal instructions.

winsecure2009.microsoft.com is a malicious website

The site was created to spread Antivirus System Pro. If your browser is redirected to winsecure2009.microsoft.com, then you should immediately check your PC using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 91.212.127.227
Site addess: winsecure2009.microsoft.com
HijackThis Category: O1
HijackThis Line:

O1 – Hosts: 91.212.127.227 winsecure2009.microsoft.com

Description: winsecure2009.microsoft.com is not related with Microsoft company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus System Pro.

How to remove: use these Antivirus System Pro removal instructions in order to remove this infection.

winwarepro.microsoft.com is a malicious website

The site was created to spread Antivirus System Pro. If your browser is redirected to winwarepro.microsoft.com, then you should immediately check your PC using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 91.212.127.227
Site addess: winwarepro.microsoft.com
HijackThis Category: O1
HijackThis Line:

O1 – Hosts: 91.212.127.227 winwarepro.microsoft.com

Description: winwarepro.microsoft.com is not related with Microsoft company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus System Pro.

How to remove: use these Antivirus System Pro removal instructions in order to remove this infection.

SystemFighter.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: SystemFighter
Filename: SystemFighter.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SystemFighter

Command: C:\Program Files\SystemFighter Software\SystemFighter\SystemFighter.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [SystemFighter] “C:\Program Files\SystemFighter Software\SystemFighter\SystemFighter.exe” -min

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SystemFighter”=C:\Program Files\SystemFighter Software\SystemFighter\SystemFighter.exe [2009-11-09 784896]

Description: core component of SystemFighter. SystemFighter is a rogue antispyware program.

How to remove: use these SystemFighter removal instructions.

win-guard2009.microsoft.com is a malicious website

The site was created to spread Antivirus System Pro. If your browser is redirected to win-guard2009.microsoft.com, then you should immediately check your PC using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 193.169.12.50
Site addess: win-guard2009.microsoft.com
HijackThis Category: O1
HijackThis Line:

O1 – Hosts: 193.169.12.50 win-guard2009.microsoft.com

Description: win-guard2009.microsoft.com is not related with Microsoft company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus System Pro.

How to remove: use these Antivirus System Pro removal instructions in order to remove this infection.

SystemVeteran.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: SystemVeteran
Filename: SystemVeteran.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SystemVeteran.exe

Command: C:\Program Files\SystemVeteran Software\SystemVeteran\SystemVeteran.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [SystemVeteran.exe] C:\Program Files\SystemVeteran Software\SystemVeteran\SystemVeteran.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SystemVeteran.exe”=C:\Program Files\SystemVeteran Software\SystemVeteran\SystemVeteran.exe [2009-11-07 773120]

Description: core component of SystemVeteran. SystemVeteran is a rogue antispyware program.

How to remove: use these SystemVeteran removal instructions.

freddy73.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: freddy73
Filename: freddy73.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: C:\windows\freddy73.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\freddy73.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\freddy73.exe

Description: part of koobface worm

How to remove: use HijackThis + Malwarebytes` Anti-malware

This is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

Name: mstdl
Filename: mstdl.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | wsc

Command: C:\Program Files\msca\mstdl.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [wsc] C:\Program Files\msca\mstdl.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“wsc”=C:\Program Files\msca\mstdl.exe

Description: component of MaCatte Antivirus 2009. MaCatte Antivirus 2009 is a rogue antispyware program.

How to remove: use these MaCatte Antivirus 2009 removal instructions.

spyware-list.com is a malicious website

The site was created to spread Alpha Antivirus. If your browser is redirected to spyware-list.com, then you should immediately check your PC using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 94.102.58.252
Site addess: spyware-list.com
Description: The site used to promote the rogue antispyware program called Alpha Antivirus.

How to remove: use these Alpha Antivirus removal instructions in order to remove this infection.

spyware-url.com is a malicious website

The site was created to spread Alpha Antivirus. If your browser is redirected to spyware-url.com, then you should immediately check your PC using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 95.143.207.4
Site addess: spyware-url.com
Description: The site used to promote the rogue antispyware program called Alpha Antivirus.

How to remove: use these Alpha Antivirus removal instructions in order to remove this infection.