Archive for the 'Worm' Category

What is bill107.exe, How to remove bill107.exe

Friday, April 16th, 2010

bill107.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: bill107
Filename: bill107.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: C:\windows\bill107.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\bill107.exe

DDS Line:

mRun: [sysfbtray] C:\windows\bill107.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\bill107.exe

Description: new variant of koobface worm

How to remove: use these koobface removal instructions.

What is bill105.exe, How to remove bill105.exe

Friday, March 26th, 2010

bill105.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: bill105
Filename: bill105.exe
Registry key:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: %Windir%\bill105.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\bill105.exe

DDS Line:

mRun: [sysfbtray] C:\windows\bill105.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\bill105.exe

Description: a component of koobface worm

How to remove: use these koobface removal instructions.

What is bill104.exe, How to remove bill104.exe

Wednesday, March 17th, 2010

bill104.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: bill104
Filename: bill104.exe
Registry key:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: %Windir%\bill104.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\bill104.exe

DDS Line:

mRun: [sysfbtray] C:\windows\bill104.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\bill104.exe

Description: new variant of koobface worm

How to remove: use these koobface removal instructions.

What is bill103.exe, How to remove bill103.exe

Sunday, March 7th, 2010

bill103.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: bill103
Filename: bill103.exe
Registry key:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: %Windir%\bill103.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\bill103.exe

DDS Line:

mRun: [sysfbtray] C:\windows\bill103.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\bill103.exe

Description: new variant of koobface worm

How to remove: use these koobface removal instructions.

What is jjdrive32.exe, How to remove jjdrive32.exe

Tuesday, February 23rd, 2010

jjdrive32.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: jjdrive32
Filename: jjdrive32.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Microsoft Update Setup
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run | Microsoft Update Setup

Command: %Windir%\jjdrive32.exe
Startup Type: HKLM->Run, HKLM->Policies\Explorer\Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [Microsoft Update Setup] C:\Windows\jjdrive32.exe
O4 – HKLM\..\policies\Explorer\Run: [Microsoft Update Setup] C:\Windows\jjdrive32.exe

DDS Line:

mRun: [Microsoft Update Setup] C:\Windows\jjdrive32.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“Microsoft Update Setup”=C:\Windows\jjdrive32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run]
“Microsoft Update Setup”=C:\Windows\jjdrive32.exe

Description: worm also known as Net-Worm.Spybot [PCTools], W32.Spybot.Worm [Symantec], Net-Worm.Win32.Kolab.fem [Kaspersky Lab], W32/Kolab [McAfee], Mal/Generic-A [Sophos], Worm:Win32/Pushbot.OF [Microsoft]

How to remove: use HijackThis + Kaspersky virus removal tool

What is freddy101.exe, How to remove freddy101.exe

Friday, February 12th, 2010

freddy101.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: freddy101
Filename: freddy101.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: C:\windows\freddy101.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\freddy101.exe

DDS Line:

mRun: [sysfbtray] C:\windows\freddy101.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\freddy101.exe

Description: component of Koobface worm.

How to remove: use these Koobface removal instructions.

What is freddy100.exe, How to remove freddy100.exe

Wednesday, February 10th, 2010

freddy100.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: freddy100
Filename: freddy100.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: C:\windows\freddy100.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\freddy100.exe

DDS Line:

mRun: [sysfbtray] C:\windows\freddy100.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\freddy100.exe

Description: component of koobface worm

How to remove: use these koobface removal instructions.

What is freddy84.exe, How to remove freddy84.exe

Sunday, February 7th, 2010

freddy84.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: freddy84
Filename: freddy84.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: C:\windows\freddy84.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\freddy84.exe

DDS Line:

mRun: [sysfbtray] C:\windows\freddy84.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\freddy84.exe

Description: part of koobface worm

How to remove: use these koobface removal instructions.

What is freddy82.exe, How to remove freddy82.exe

Thursday, January 28th, 2010

freddy82.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: freddy82
Filename: freddy82.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: C:\windows\freddy82.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\freddy82.exe

DDS Line:

mRun: [sysfbtray] C:\windows\freddy82.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\freddy82.exe

Description: component of koobface worm

How to remove: use these koobface removal instructions.

What is livemessenger.exe, How to remove livemessenger.exe

Saturday, January 23rd, 2010

livemessenger.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: livemessenger
Filename: livemessenger.exe
Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | Microsoft Update
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce | Microsoft Update
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx | Microsoft Update

Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [Microsoft Update] livemessenger.exe

DDS Line:

mRun: [Microsoft Update] livemessenger.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“Microsoft Update”=livemessenger.exe

Description: Backdoor.Win32.Rbot.bll [Kaspersky Lab], W32.IRCBot [Symantec], W32/Sdbot.worm.gen.t [McAfee]

How to remove: use HijackThis + Kaspersky virus removal tool