Archive for November, 2009

What is Osawarepro2009.microsoft.com, How to remove Osawarepro2009.microsoft.com

Wednesday, November 11th, 2009

Osawarepro2009.microsoft.com is a malicious website

remove The site was created to spread Antivirus System Pro. If your browser is redirected to Osawarepro2009.microsoft.com, then you should immediately check your PC using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 91.212.127.227
Site addess: Osawarepro2009.microsoft.com
HijackThis Category:
HijackThis Line:

O1 – Hosts: 91.212.127.227 osawarepro2009.microsoft.com

Description: Osawarepro2009.microsoft.com is not related with Microsoft company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus System Pro.

How to remove: use these Antivirus System Pro removal instructions in order to remove this infection.

What is mstre22.exe, How to remove mstre22.exe

Wednesday, November 11th, 2009

mstre22.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: mstre22
Filename: mstre22.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SySmstray

Command: C:\Windows\mstre22.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [SySmstray] C:\Windows\mstre22.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SySmstray”=C:\Windows\mstre22.exe

Description: part of Koobface worm

How to remove: use HijackThis + Malwarebytes` Anti-malware

What is SystemWarrior.exe, How to remove SystemWarrior.exe

Tuesday, November 10th, 2009

SystemWarrior.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SystemWarrior
Filename: SystemWarrior.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SystemWarrior

Command: C:\Program Files\SystemWarrior Software\SystemWarrior\SystemWarrior.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [SystemWarrior] “C:\Program Files\SystemWarrior Software\SystemWarrior\SystemWarrior.exe” -min

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SystemWarrior”=C:\Program Files\SystemWarrior Software\SystemWarrior\SystemWarrior.exe [2009-11-11 742400]

Description: core part of SystemWarrior. SystemWarrior is a rogue antispyware program.

How to remove: use these SystemWarrior removal instructions.

What is antimalware.exe, How to remove antimalware.exe

Tuesday, November 10th, 2009

antimalware.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: antimalware
Filename: antimalware.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | AntiMalware

Command: C:\Program Files\AntiMalware\antimalware.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [AntiMalware] “C:\Program Files\AntiMalware\antimalware.exe” -noscan

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“AntiMalware”=C:\Program Files\AntiMalware\antimalware.exe [2009-11-10 1572864]

Description: core component of AntiMalware. AntiMalware is a rogue antispyware program.

How to remove: use these AntiMalware removal instructions.

What is winsecure2009.microsoft.com, How to remove winsecure2009.microsoft.com

Monday, November 9th, 2009

winsecure2009.microsoft.com is a malicious website

remove The site was created to spread Antivirus System Pro. If your browser is redirected to winsecure2009.microsoft.com, then you should immediately check your PC using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 91.212.127.227
Site addess: winsecure2009.microsoft.com
HijackThis Category: O1
HijackThis Line:

O1 – Hosts: 91.212.127.227 winsecure2009.microsoft.com

Description: winsecure2009.microsoft.com is not related with Microsoft company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus System Pro.

How to remove: use these Antivirus System Pro removal instructions in order to remove this infection.

What is winwarepro.microsoft.com, How to remove winwarepro.microsoft.com

Monday, November 9th, 2009

winwarepro.microsoft.com is a malicious website

remove The site was created to spread Antivirus System Pro. If your browser is redirected to winwarepro.microsoft.com, then you should immediately check your PC using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 91.212.127.227
Site addess: winwarepro.microsoft.com
HijackThis Category: O1
HijackThis Line:

O1 – Hosts: 91.212.127.227 winwarepro.microsoft.com

Description: winwarepro.microsoft.com is not related with Microsoft company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus System Pro.

How to remove: use these Antivirus System Pro removal instructions in order to remove this infection.

What is SystemFighter.exe, How to remove SystemFighter.exe

Sunday, November 8th, 2009

SystemFighter.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SystemFighter
Filename: SystemFighter.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SystemFighter

Command: C:\Program Files\SystemFighter Software\SystemFighter\SystemFighter.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [SystemFighter] “C:\Program Files\SystemFighter Software\SystemFighter\SystemFighter.exe” -min

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SystemFighter”=C:\Program Files\SystemFighter Software\SystemFighter\SystemFighter.exe [2009-11-09 784896]

Description: core component of SystemFighter. SystemFighter is a rogue antispyware program.

How to remove: use these SystemFighter removal instructions.

What is win-guard2009.microsoft.com, How to remove win-guard2009.microsoft.com

Sunday, November 8th, 2009

win-guard2009.microsoft.com is a malicious website

remove The site was created to spread Antivirus System Pro. If your browser is redirected to win-guard2009.microsoft.com, then you should immediately check your PC using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

IP Address: 193.169.12.50
Site addess: win-guard2009.microsoft.com
HijackThis Category: O1
HijackThis Line:

O1 – Hosts: 193.169.12.50 win-guard2009.microsoft.com

Description: win-guard2009.microsoft.com is not related with Microsoft company and can only be seen on infected computers. The site used to promote the rogue antispyware program called Antivirus System Pro.

How to remove: use these Antivirus System Pro removal instructions in order to remove this infection.

What is SystemVeteran.exe, How to remove SystemVeteran.exe

Saturday, November 7th, 2009

SystemVeteran.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: SystemVeteran
Filename: SystemVeteran.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SystemVeteran.exe

Command: C:\Program Files\SystemVeteran Software\SystemVeteran\SystemVeteran.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [SystemVeteran.exe] C:\Program Files\SystemVeteran Software\SystemVeteran\SystemVeteran.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SystemVeteran.exe”=C:\Program Files\SystemVeteran Software\SystemVeteran\SystemVeteran.exe [2009-11-07 773120]

Description: core component of SystemVeteran. SystemVeteran is a rogue antispyware program.

How to remove: use these SystemVeteran removal instructions.

What is freddy73.exe, How to remove freddy73.exe

Thursday, November 5th, 2009

freddy73.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: freddy73
Filename: freddy73.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: C:\windows\freddy73.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\freddy73.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\freddy73.exe

Description: part of koobface worm

How to remove: use HijackThis + Malwarebytes` Anti-malware