Archive for the 'O4' Category
Wednesday, November 11th, 2009
mstre22.exe is a harmful program.
Name: mstre22
Filename: mstre22.exe
Registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SySmstray
Command: C:\Windows\mstre22.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [SySmstray] C:\Windows\mstre22.exe
Combofix/RSIT Line:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SySmstray”=C:\Windows\mstre22.exe
Description: part of Koobface worm
How to remove: use HijackThis + Malwarebytes` Anti-malware
Posted in O4, Run, Worm | No Comments »
Tuesday, November 10th, 2009
SystemWarrior.exe is a harmful program.
Name: SystemWarrior
Filename: SystemWarrior.exe
Registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SystemWarrior
Command: C:\Program Files\SystemWarrior Software\SystemWarrior\SystemWarrior.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [SystemWarrior] “C:\Program Files\SystemWarrior Software\SystemWarrior\SystemWarrior.exe” -min
Combofix/RSIT Line:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SystemWarrior”=C:\Program Files\SystemWarrior Software\SystemWarrior\SystemWarrior.exe [2009-11-11 742400]
Description: core part of SystemWarrior. SystemWarrior is a rogue antispyware program.
How to remove: use these SystemWarrior removal instructions.
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Tuesday, November 10th, 2009
antimalware.exe is a harmful program.
Name: antimalware
Filename: antimalware.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | AntiMalware
Command: C:\Program Files\AntiMalware\antimalware.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [AntiMalware] “C:\Program Files\AntiMalware\antimalware.exe” -noscan
Combofix/RSIT Line:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“AntiMalware”=C:\Program Files\AntiMalware\antimalware.exe [2009-11-10 1572864]
Description: core component of AntiMalware. AntiMalware is a rogue antispyware program.
How to remove: use these AntiMalware removal instructions.
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Sunday, November 8th, 2009
SystemFighter.exe is a harmful program.
Name: SystemFighter
Filename: SystemFighter.exe
Registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SystemFighter
Command: C:\Program Files\SystemFighter Software\SystemFighter\SystemFighter.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [SystemFighter] “C:\Program Files\SystemFighter Software\SystemFighter\SystemFighter.exe” -min
Combofix/RSIT Line:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SystemFighter”=C:\Program Files\SystemFighter Software\SystemFighter\SystemFighter.exe [2009-11-09 784896]
Description: core component of SystemFighter. SystemFighter is a rogue antispyware program.
How to remove: use these SystemFighter removal instructions.
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Saturday, November 7th, 2009
SystemVeteran.exe is a harmful program.
Name: SystemVeteran
Filename: SystemVeteran.exe
Registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SystemVeteran.exe
Command: C:\Program Files\SystemVeteran Software\SystemVeteran\SystemVeteran.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [SystemVeteran.exe] C:\Program Files\SystemVeteran Software\SystemVeteran\SystemVeteran.exe
Combofix/RSIT Line:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SystemVeteran.exe”=C:\Program Files\SystemVeteran Software\SystemVeteran\SystemVeteran.exe [2009-11-07 773120]
Description: core component of SystemVeteran. SystemVeteran is a rogue antispyware program.
How to remove: use these SystemVeteran removal instructions.
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Thursday, November 5th, 2009
freddy73.exe is a harmful program.
Name: freddy73
Filename: freddy73.exe
Registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray
Command: C:\windows\freddy73.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [sysfbtray] C:\windows\freddy73.exe
Combofix/RSIT Line:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\freddy73.exe
Description: part of koobface worm
How to remove: use HijackThis + Malwarebytes` Anti-malware
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Thursday, November 5th, 2009
This is a harmful program.
Name: mstdl
Filename: mstdl.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | wsc
Command: C:\Program Files\msca\mstdl.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [wsc] C:\Program Files\msca\mstdl.exe
Combofix/RSIT Line:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“wsc”=C:\Program Files\msca\mstdl.exe
Description: component of MaCatte Antivirus 2009. MaCatte Antivirus 2009 is a rogue antispyware program.
How to remove: use these MaCatte Antivirus 2009 removal instructions.
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Wednesday, November 4th, 2009
BlockProtector.exe is a harmful program.
Name: BlockProtector
Filename: BlockProtector.exe
Registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | BlockProtector.exe
Command: C:\Program Files\BlockProtector Software\BlockProtector\BlockProtector.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKLM\..\Run: [BlockProtector.exe] C:\Program Files\BlockProtector Software\BlockProtector\BlockProtector.exe
Combofix/RSIT Line:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“BlockProtector.exe”=C:\Program Files\BlockProtector Software\BlockProtector\BlockProtector.exe [2009-11-05 772608]
Description: core component of BlockProtector. BlockProtector is a rogue antispyware program.
How to remove: use these BlockProtector removal instructions.
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Tuesday, November 3rd, 2009
BlockKeeper.exe is a harmful program.
Name: BlockKeeper
Filename: BlockKeeper.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | BlockKeeper
Command: C:\Program Files\BlockKeeper Software\BlockKeeper\BlockKeeper.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [BlockKeeper] C:\Program Files\BlockKeeper Software\BlockKeeper\BlockKeeper.exe -min
Combofix/RSIT Line:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“BlockKeeper”=C:\Program Files\BlockKeeper Software\BlockKeeper\BlockKeeper.exe [2009-11-03 830976]
Description: part of BlockKeeper. BlockKeeper is a rogue antispyware program.
How to remove: use these BlockKeeper removal insructions
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
Saturday, October 31st, 2009
BlockScanner.exe is a harmful program.
Name: BlockScanner
Filename: BlockScanner.exe
Registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | BlockScanner
Command: C:\Program Files\BlockScanner Software\BlockScanner\BlockScanner.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:
O4 – HKCU\..\Run: [BlockScanner] C:\Program Files\BlockScanner Software\BlockScanner\BlockScanner.exe -min
Combofix/RSIT Line:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“BlockScanner”=C:\Program Files\BlockScanner Software\BlockScanner\BlockScanner.exe [2009-10-31 830976]
Description: part of BlockScanner. BlockScanner is a rogue antispyware program.
How to remove: use these BlockScanner removal instructions.
Posted in O4, Rogue Antispyware/Antivirus, Run | No Comments »
