Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Win32.Softomate recreates itself in the registry

  • Please log in to reply



    New Member

  • Member
  • Pip
  • 4 posts
My ZoneAlarm has detected Win32.Softomate [trojan] but it keeps on recreating itself after deletion. I have to date deleted it 7 times total. I recently downloaded this program which i should've know better not to download [i thought it was a neat archive] :


[the .exe file was named "681_Fonts_for_Web_Design.exe"]

The connection speed during the download was erratic and looked like someone was stealing my bandwidth somehow?? [btw it was from a russian site]. Anyhow, to get the download done faster, i used flashget.

After dble-clicking the .exe file it showed an install window w/ about 5-6 lines of just question marks substituting in effect the words that constituted the install notes; i guess i didn't have the right language setting ? so it just showed lines of ????????????????? then another 5 lines of question marks.

After cancelling the install before anything could be extracted, [i'm guessing*] the damage was already done, though i'm still not sure if the suspicious .exe file is actually responsible for the Win32.Softomate trojan.

I've not yet run any of the scans in safe mode yet.
haven't turned off-then-on again System restore yet.
haven't deleted everything in my \windows\temp folder yet.

i've ran the following scans:
TrendMicro online scan
Ewido full scan
AVG full scan
Spybot s&d
Lavasoft se
Trojan hunter
spyware blaster

when i run ccleaner i get this error

Runtime error '0'



Edited by rob78901, 02 September 2006 - 04:53 AM.

  • 0


Retired Tech

Retired Tech

    Retired Staff

  • Retired Staff
  • 20,563 posts
Please follow the procedures outlined here: Malware Removal Guide

You will need a PC which can connect to the internet

Run all the programmes as advised then post a current Hijack This Log in a new topic in the Malware Forum

For the purpose of accurate malware analysis, Hijack This Logs are only dealt with in the Malware Forum. Posting them anywhere else will result in a delayed response

If you are unable to run any of the programmes, please ask for advice in the Malware Forum
  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP