Archive for the 'Worm' Category

What is msdrv32.exe, How to remove msdrv32.exe

Saturday, January 23rd, 2010

msdrv32.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: msdrv32
Filename: msdrv32.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Microsoft Driver Setup
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run | Microsoft Driver Setup

Command: %WinDir%\msdrv32.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [Microsoft Driver Setup] C:\Windows\msdrv32.exe
O4 – HKLM\..\policies\Explorer\Run: [Microsoft Driver Setup] C:\Windows\msdrv32.exe

DDS Line:

mRun: [Microsoft Driver Setup] C:\Windows\msdrv32.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“Microsoft Driver Setup”=C:\Windows\msdrv32.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run]
“Microsoft Driver Setup”=C:\Windows\msdrv32.exe

Description: worm also known as Worm:Win32/Pushbot.gen [Microsoft], Backdoor.Win32.IRCBot.gen [Kaspersky Lab], Exploit-DcomRpc.gen [McAfee], Mal/Behav-134, Mal/IRCBot-B [Sophos]

How to remove: use HijackThis + Kaspersky virus removal tool

What is freddy81.exe, How to remove freddy81.exe

Sunday, January 17th, 2010

freddy81.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: freddy81
Filename: freddy81.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: C:\windows\freddy81.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\freddy81.exe

DDS Line:

Run: [sysfbtray] C:\windows\freddy81.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\freddy81.exe

Description: component of koobface worm

How to remove: use these koobface removal instructions.

What is freddy80.exe, How to remove freddy80.exe

Saturday, January 16th, 2010

freddy80.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: freddy80
Filename: freddy80.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: C:\windows\freddy80.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\freddy80.exe

DDS Line:

mRun: [sysfbtray] C:\windows\freddy80.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\freddy80.exe

Description: part of Koobface worm

How to remove: use these Koobface removal instructions.

What is pp14.exe, How to remove pp14.exe

Saturday, December 26th, 2009

pp14.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: pp14
Filename: pp14.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | pp

Command: C:\Windows\pp14.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [pp] C:\Windows\pp14.exe

DDS Line:

mRun: [pp] C:\Windows\pp14.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“pp”=C:\Windows\pp14.exe

Description: component of Koobface worm

How to remove: use these Koobface removal instructions.

What is freddy79.exe, How to remove freddy79.exe

Monday, December 21st, 2009

freddy79.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: freddy79
Filename: freddy79.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: C:\windows\freddy79.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\freddy79.exe

DDS Line:

mRun: [sysfbtray] C:\windows\freddy79.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\freddy79.exe

Description: component of Koobface worm.

How to remove: use these Koobface removal instructions.

What is Freddy77.exe, How to remove Freddy77.exe

Monday, December 14th, 2009

Freddy77.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: Freddy77
Filename: Freddy77.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: C:\windows\freddy77.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\freddy77.exe

DDS Line:

mRun: [sysfbtray] C:\windows\freddy77.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\freddy77.exe

Description: part of Koobface worm

How to remove: use these Koobface removal instructions.

What is mstre26.exe, How to remove mstre26.exe

Saturday, December 12th, 2009

mstre26.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: mstre26
Filename: mstre26.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | SySmstray

Command: c:\windows\mstre26.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [SySmstray] C:\windows\mstre26.exe

DDS Line:

mRun: [SySmstray] C:\windows\mstre26.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SySmstray”=c:\windows\mstre26.exe

Description: component of Koobface worm.

How to remove: use these Koobface removal instructions.

What is ld16.exe, How to remove ld16.exe

Friday, December 11th, 2009

ld16.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: ld16
Filename: ld16.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysldtray

Command: command
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysldtray] C:\windows\ld16.exe

DDS Line:

mRun: [sysldtray] C:\windows\ld16.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysldtray”=C:\windows\ld16.exe

Description: component of Koobface worm

How to remove: use these Koobface removal instructions.

What is pp13.exe, How to remove pp13.exe

Friday, December 11th, 2009

pp13.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: pp13
Filename: pp13.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | pp

Command: C:\Windows\pp13.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [pp] C:\Windows\pp13.exe

DDS Line:

mRun: [pp] C:\Windows\pp13.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“pp”=C:\Windows\pp13.exe

Description: component of Koobface worm.

How to remove: use these Koobface removal instructions.

What is freddy76.exe, How to remove freddy76.exe

Friday, December 11th, 2009

freddy76.exe is a harmful program.

remove It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: freddy76
Filename: freddy76.exe
Registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysfbtray

Command: C:\windows\freddy76.exe
Startup Type: HKLM->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKLM\..\Run: [sysfbtray] C:\windows\freddy76.exe

DDS Line:

mRun: [sysfbtray] C:\windows\freddy76.exe

Combofix/RSIT Line:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“sysfbtray”=C:\windows\freddy76.exe

Description: component of Koobface worm.

How to remove: use these Koobface removal instructions.