Freddy70.exe (Freddy70) Worm Virus File Removal

	Freddy70.exe is a dangerous file which creates activities on a user’s computer which may be highly undesirable. This file is unsafe.

Threat Name: Koobface Worm (Click Here To Learn More)
Type: Computer Worm (Click Here To Learn More)
Location: C:\WINDOWS\Freddy70.exe (Click Here To Learn How To Locate)
Risk Level: Moderate (Learn More About Risk Levels)

Freddy70.exe is another variant of the koobface worm. The koobface worm is spread through social networks online. The koobface worm has the ability to send information to a remote location on the web. Below is our recommended removal tool for Freddy70.exe. The removal tool has been rated 5 cows out of 5 by Tucows and was previously CNET’s Editor’s Choice. Feel free to download it below.

Manual Removal – Freddy70.exe may be removed through analyzing your HijackThis log. Feel free to post your hijackthis log below if you need assistance analyzing it. Hijackthis will be ideal to manually remove the virus

Click Here To Learn About HijackThis. To download HijackThis, please click HERE.

Freddy70.exe File Details -
File Type – EXE – Freddy70.exe is a executable file
First Identified – Oct 13 2023
Possible Future Variants – Freddy71.exe Freddy72.exe Freddy73.exe Freddy74.exe Freddy75.exe

Common Questions -
1. What is a computer virus? (Click Here To View)
2. How did I get this computer virus? (Click Here To View)
3. What common symptoms show that my computer may be infected? (Click Here To View)
4. What are some antivirus and antispyware programs which I can use to remove viruses and spyware? (Click Here To View)
5. What is the koobface worm? (Click Here To View)

We recommend that you follow our safety tips so that you can keep your computer clean. Please click here to view our safety tips

Please post comments below. Your comments are both useful to visitors and to us.

Posted in: Malware Removal |

This entry was posted on Wednesday, October 14th, 2023 at 2:30 am and is filed under Malware Removal. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Freddy70.exe (Freddy70) Worm Virus File Removal”

Logan October 19th, 2023 at 2:40 am

Need help! Found Freddy70.exe on my PC, deleted it, but still having problems. It seems that there is a browser hijacker that redirects my searches to toseeka.com, tanzinga, and other random locations. If someone could look at my HJT log, it would be much appreciated.
Logfile of HijackThis v1.99.1
Scan saved at 10:37:30 PM, on 10/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\sYSteM32\SvchOst.eXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot – Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 – BHO: Spybot-S&D IE Protection – {53707962-6F74-2D53-2644-206D7942484F} – C:\Program Files\Spybot – Search & Destroy\SDHelper.dll
O4 – HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 – HKLM\..\Run: [ccApp] “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”
O4 – HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 – HKLM\..\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 – HKLM\..\Run: [iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe”
O4 – HKLM\..\Run: [GrooveMonitor] “C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe”
O4 – HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 – HKLM\..\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 – HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKCU\..\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot – Search & Destroy\TeaTimer.exe
O4 – Startup: OneNote 2023 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 – Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 – Extra button: Send to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 – Extra ‘Tools’ menuitem: S&end to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 – Extra button: (no name) – {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} – C:\Program Files\Spybot – Search & Destroy\SDHelper.dll
O9 – Extra ‘Tools’ menuitem: Spybot – Search && Destroy Configuration – {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} – C:\Program Files\Spybot – Search & Destroy\SDHelper.dll
O10 – Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 – DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) –

Name (*) :

Email (*) :

URL :

Comment (*) :

Categories

Browser Hijacker

Computer Help

Computer News

How-To Guides

Malware Removal

Rogue Application Removal

Safe File

Suspicious File

Suspicious Websites

Uncategorized