What is SoftStronghold.exe, How to remove SoftStronghold.exe

Comments
October 23rd, 2009 O4, Rogue Antispyware/Antivirus, Run

SoftStronghold.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SoftStronghold
Filename: SoftStronghold.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SoftStronghold

Command: C:\Program Files\SoftStronghold Software\SoftStronghold\SoftStronghold.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SoftStronghold] C:\Program Files\SoftStronghold Software\SoftStronghold\SoftStronghold.exe -min

RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“SoftStronghold”=C:\Program Files\SoftStronghold Software\SoftStronghold\SoftStronghold.exe [2009-10-24 830976]

Description: part of SoftStronghold. SoftStronghold is a rogue antispyware program.

How to remove: use these SoftStronghold removal instructions

What is freddy71.exe, How to remove freddy71.exe

Comments
October 23rd, 2009 O4, Run, Worm

freddy71.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: freddy71
Filename: freddy71.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: C:\windows\freddy71.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\freddy71.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\freddy71.exe [2009-10-20 55296]

Description: part of koobface worm

How to remove: use HijackThis + use Malwarebytes` Anti-malware

What is ld15.exe, How to remove ld15.exe

Comments
October 23rd, 2009 O4, Run, Worm

ld15.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: ld15
Filename: ld15.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysldtray

Command: C:\windows\ld15.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysldtray] C:\windows\ld15.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysldtray”=C:\windows\ld15.exe [2009-10-20 38912]

Description: part of worm koobface

How to remove: use HijackThis + use Malwarebytes` Anti-malware

What is dnsq.dll, How to remove dnsq.dll

Comments
October 23rd, 2009 AppInit DLLs, O20, Trojan

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: dnsq
Filename: dnsq.dll
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows | AppInit_DLLS

Command: C:\WINDOWS\system32\dnsq.dll
Startup Type: AppInit_DLLs
HijackThis Category: O20
HijackThis Line:

O20 – AppInit_DLLs: C:\WINDOWS\system32\dnsq.dll

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
“AppInit_DLLS”=”C:\WINDOWS\system32\dnsq.dll”

Description: trojan, also known as W32.Pagipef, TSPY_ONLINEGA.AE, Trojan-PSW.Agent, Trojan-PSW.Win32.Agent.acp, Virus.Win32.Xorer.ee

How to remove: use Kaspersky virus removal tool

What is vshost32.exe, How to remove vshost32.exe

Comments
October 23rd, 2009 F2, Trojan

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: vshost32
Filename: vshost32.exe
Command: C:\DOCUME~1\8E4B~1\LOCALS~1\Temp\vshost32.exe
Startup Type: system.ini
HijackThis Category: F2
HijackThis Line:

F2 – REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\8E4B~1\LOCALS~1\Temp\vshost32.exe,

How to remove: use HijackThis + use Malwarebytes` Anti-malware

What is rise.exe, How to remove rise.exe

Comments
October 23rd, 2009 autorun.inf, Trojan

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: rise
Filename: rise.exe
Registry key:

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b8396306-163b-11de-acda-001a4df2dae2}

Command: F:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\rise.exe
CLSID: {b8396306-163b-11de-acda-001a4df2dae2}
Startup Type: autorun.inf
Combofix/RSIT Line:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b8396306-163b-11de-acda-001a4df2dae2}]
shell\AutoRun\command – F:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\rise.exe
shell\open\command – F:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\rise.exe

Description: a trojan that uses autorun.inf file to spread itself

How to remove: use these autorun.inf trojans removal instructions, after that manually remove rise.exe

What is IAPro.exe, How to remove IAPro.exe

Comments
October 23rd, 2009 O4, Rogue Antispyware/Antivirus, Run

IAPro.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: IAPro
Filename: IAPro.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Internet Antivirus Pro

Command: command
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Internet Antivirus Pro] “c:\program files\Internet Antivirus Pro\IAPro.exe” /s

RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Internet Antivirus Pro”=c:\program files\Internet Antivirus Pro\IAPro.exe [2009-10-20 1567744]

Description: part of Internet Antivirus Pro. Internet Antivirus Pro is a rogue antispyware program.

How to remove: use these Internet Antivirus Pro removal instructions

What is SoftVeteran.exe, How to remove SoftVeteran.exe

Comments
October 21st, 2009 O4, Rogue Antispyware/Antivirus, Run

SoftVeteran.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SoftVeteran
Filename: SoftVeteran.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SoftVeteran

Command: C:\Program Files\SoftVeteran Software\SoftVeteran\SoftVeteran.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SoftVeteran] C:\Program Files\SoftVeteran Software\SoftVeteran\SoftVeteran.exe -min

RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“SoftVeteran”=C:\Program Files\SoftVeteran Software\SoftVeteran\SoftVeteran.exe [2009-10-22 830976]

Description: component of SoftVeteran. SoftVeteran is a rogue antispyware program.

How to remove: use these SoftVeteran removal instructions

What is svcst.exe, How to remove svcst.exe

Comments
October 20th, 2009 O4, Run, Trojan

This is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: svcst
Filename: svcst.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | svchost

Command: C:\Documents and Settings\user\Application Data\svcst.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [svchost] C:\Documents and Settings\user\Application Data\svcst.exe

RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“svchost”=C:\Documents and Settings\user\Application Data\svcst.exe [2009-09-30 264192]

Description: component of trojan FakeAlert that installs rogue antispyware programs

How to remove: use Malwarebytes` Anti-malware

What is SoftCop.exe, How to remove SoftCop.exe

4 Comments
October 17th, 2009 O4, Rogue Antispyware/Antivirus, Run

SoftCop.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SoftCop
Filename: SoftCop.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | SoftCop

Command: C:\Program Files\SoftCop Software\SoftCop\SoftCop.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [SoftCop] C:\Program Files\SoftCop Software\SoftCop\SoftCop.exe -min

RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“SoftCop”=C:\Program Files\SoftCop Software\SoftCop\SoftCop.exe [2009-10-17 830976]

Description: part of SoftCop. SoftCop is a rogue antispyware program.

How to remove: use these SoftCop removal instructions

« Previous Entries
Next Entries »