About YahDecode and How to remove it from Your PC

The Yahoo Message Archive Decoder program, also known as YahDecode, reads archived Yahoo Messenger files from a user’s PC. Yahoo Messenger files are automatically stored on a PC running the Yahoo Messenger program, but they are stored as .dat files. YahDecode converts these files into a format that can be easily read and allows you to save the files in rich-text format.

YahDecode can convert normal conversation messages, private messages, conferences, as well as SMS and mobile messages to both HTML and plain text. The decoder even includes relevant time stamps, smileys, fonts and formatting. Newer versions of the program allow

More »

FYEO Removal

FYEO is a RAT or Remote Administration Tool, an insidious application that has the capacity to completely shutdown the infected computer.  This particular malware poses a serious threat to the computer.  It can affect the functioning of your computer as well as putting the security of your confidential information at risk.

Frequently, an unsolicited email arrives in the user’s mail system and indicates that FYEO should be used for beneficial reasons.  The email is persuasive and appears innocent in nature.  Computer users install and run this application following the instruction in the email while under the impression that it is a helpful application. 

More »

Spyware is a major issue for anyone that uses the web, reads email, and generally connects to the Internet.

 There are obviously some activities that are considered higher risk than others, and if you regularly download shared files, freeware, or any documents from sources you do not know when you are putting yourself in danger. Protection typically comes in the form of antispyware software, although the more astute will combine this with a good firewall, an antivirus program, and the appropriate system and browser security settings. Knowing how and where you could potentially pick up a spyware infection can help to give you better knowledge of how to protect yourself.

Downloading Freeware

Freeware is, in short, free software. While there are many genuine freeware providers and applications, there are also a great many that are created and distributed by the more unscrupulous online elements. In order to profit from distributing free software, some individuals and organizations will include spyware with the software. When you download and install the free application you will be unwittingly installing spyware elements too. Some of these malicious applications may only record your browsing habits, but others can record and forward personal details such as credit and bank card details, and your log on details for subscription websites.

Downloading Shared Files

Peer-to-peer file sharing has become an extremely popular online pastime. Regardless of whether you are illegally downloading copyrighted material or not, you are almost certainly putting yourself and your system at risk. File sharing networks are another popular method of transmitting spyware. The more popular networks, such as KaZaA attract a lot of attention from users and the spyware creators take advantage of this. Some spyware worms are designed almost entirely to affect users of these networks. These worms will spread by placing themselves in your shared documents folder, and giving themselves an appealing name to attract others.

Network Connections

Being connected to an unsecured network could be your biggest downfall. A network connection with little or no security means that you could become inadvertently infected by another user on the same network. In this case, you could be as careful as possible when downloading files from the Internet but you could still become infected through no real fault of your own. If you share an Internet connection, or you are connected to any type of network, then you must ensure that either the network has a stable security structure, or that you take extra precautions on your own system.

Avoiding Spyware On Your System

The vast majority of spyware applications are designed to wreak havoc on Windows computers because this is the most popular operating system. Other platforms have gained some more interest from the creators of malicious software, but Windows is still the most widely attacked. It may seem like drastic action, but if you really want to minimize the amount of spyware and viruses that could potentially infect your system then consider changing system. The same is also true of the most popular web browsers and email clients; these are the programs that are targeted more often.

Fredisoft 1.1 Removal

Fredisoft 1.1 is a RAT or remote administration tool.  This Trojan enters through a security hole to gain unauthorized access to the computer for the purpose of gathering the  owner’s personal information.  It allows a remote attacker to gain control of the computer through a client on the attacker’s machine and a server on the infected computer. 

Fredisoft 1.1  is fully capable of recording and storing keystrokes in addition to other data.  Typically, it can become installed on the computer without the user’s knowledge that it is a harmful program.  It may remain resident for quite some time before it is discovered.

It is possible that it might have infected the computer through email or file sharing.  An email arriving at the user’s computer indicates that Fredisoft 1.1  should be used as a helpful application.  It is capable of starting up each time the computer boots up.

Fredisoft 1.1 takes up space on the hard drive and usurps the Internet bandwidth.  This can create sluggishness in your computer’s processing.  It is an insidious application that has the capacity to completely shutdown your computer.  Fredisoft 1.1 copies itself to your Windows installation folder, adding keys and files that allow it to operate each time the computer starts up.

It is best to remove Fredisoft 1.1 as soon as you discover it with an anti-spyware program that is up to date.  Additionally, other undesirable programs can be removed with this program.

Additionally, manual removal of Fredisoft 1.1 can be accomplished using the registry editor.  However, you can cause more harm than good if you don’t actually know what it is that you are doing during this long and tricky process.  Therefore, it is recommended that you hire a professional or at the very least create a back up of your computer’s files.

The Fredisoft 1.1 registry values, registry keys, DLL files, processes, and files need to be completely removed from the infected computer.  To delete each file, process, and key manually, complete the following set of directions. 
• Click Start.
• Click Run.
• Type ‘regedit’.
• Click ok to open the registry editor, referred to as regedit.
• Click my computer at the top of the box.
• Click edit.
• Click find.
• Type in the one of the keys or files in the following lists, and click find or find next.  Begin with the ones that do not start with HKEY, since these are more easily discovered and deleted.  Make sure that the box is checked in front of keys, values, and data, so that the regedit looks in the correct places.  Regedit should locate a key for you.  Right click on the key and delete it by clicking delete in the menu that appeared or on the keyboard.
• You will do this one file at a time.  After you delete each one, hit the F3 key on your keyboard to reopen the find next box.  Continue the process and delete additional bad registry files.
• Once regedit indicates that the search is finished, you should click on my computer in the regedit and redo the search to guarantee that you have deleted all possible bad files from this program.

Fredisoft 1.1 registry files:

explorer.exe
servidor.exe
tcliente.exe
leia-me!!!.txt

Detecting and deleting the Fredisoft 1.1 files or keys that begin with HKEY involve a more involved set of steps.  Use the following steps to manually delete the Fredisoft 1.1 values that start with HKEY.
• Click Start.
• Click Run.
• Type ‘regedit’.
• Click ok to open the registry editor, referred to as regedit.
• Click my computer at the top of the box.
• Follow the path given in each value, clicking each folder open to locate the next item in the path until you have reached the last item.  Once you have gotten to the last item, you can delete it.  Each slash indicates a new folder.
Fredisoft 1.1 registry values:

HKEY_LOCAL_MACHINE\software\Microsoft\windows\currentversion\
runservidor

To manually detect and delete the Fredisoft 1.1 processes, complete the following set of instructions.

• Click Start.
• Click Search.
• Click for files or folders.
• Type in the name of the file, one at a time, from the following list of Fredisoft 1.1 processes.
• Click search.
• Delete the found files.

Fredisoft 1.1 processes:

explorer.exe
systemroot+\servidor.exe
tcliente.exe

Freddy K Removal

Freddy K is a remote administration tool or RAT.  This Trojan enters through a security hole in the operating system to gain unauthorized access to personal information.  It is capable of recording and storing keystrokes.  Typically, it becomes installed on the computer without the user’s knowledge of its capability and remains resident for some time before its negative nature is discovered.

Download our recommended Spyware Scanner 

Freddy K is designed to allow the remote attacker to control the computer through a client on the remote attacker’s machine and the server on the infected computer.  It may infect the computer through email or file sharing. 

More »

FavoriteMan, a BHO, or Browser Helper Object takes over or hijacks your Internet Explorer browser. 

It replaces your homepage, the bookmarks in the browser, and creates desktop shortcuts.

It is capable of tracking the user’s browsing habits and using the information to issue targeted advertisements.  It can redirect the user’s searches to undesirable websites that may be pornographic in nature.

FavoriteMan is fully capable of reinstalling itself every time your computer boots up.  The program is an insidious threat to the infected computer, hogging the Internet resources and disrupting the processing of the computer, especially your Internet Explorer browser.

More »