 | Do you have pop-ups or your computer infected with trojan or spyware ? Learn how to ask us for help, click here! |
How to remove Conflicker.B spam-trojan (Uninstall instructions)
Conflicker.B spam-trojan is a trojan that installs Antivirus Pro 2010 (rogue antispyware program) and displays fake security alerts on compromised computer. This trojan infects computers via spam emails with header “Conflicker.B Infection Alert”. The contents of the SPAM email is:
Dear Microsoft Customer,
Starting 18/10/2009 the ‘Conficker’ worm began infecting Microsoft customers unusually rapidly. Microsoft has been advised by your Internet provider that your network is infected.
To counteract further spread we advise removing the infection using an antispyware program. We are supplying all effected Windows Users with a free system scan in order to clean any files infected by the virus.
Please install attached file to start the scan. The process takes under a minute and will prevent your files from being compromised. We appreciate your prompt cooperation.
Regards,
Microsoft Windows Agent #2 (Hollis)
Microsoft Windows Computer Safety Division
The email contains an attachment named “install.zip”. The zip file contains a file called install.exe that a trojan-downloader. Once install.exe is run, it will display a lot of fake security alerts that says “Windows has detected an infection” and will download and install the fake security program (rogue antispyware) called Antivirus Pro 2010.
It is important to know that Antivirus Pro 2010 is fake, does not offer any protection to computer and uses false scan results, fake security alerts, nag screens in order to scare you to buy the paid version of the software. If your computer is infected, then use these removal instructions below, which will remove Conflicker.B spam-trojan, Antivirus Pro 2010 and any other infections you may have on your computer for free.
Continue reading How to remove Conflicker.B spam-trojan (Uninstall instructions)…
How to remove msivxserv.sys trojan (Google redirect virus)
MSIVXserv.sys trojan is a new hidden trojan/rootkit from DNSChanger trojan family. The trojan uses rootkit-specific techniques designed to hide the software presence in the system. Once infected it blocks user access to security websites, blocks Spybot, AdAware, AVG, Superantispyware and Malwarebytes Anti-malware. Search results in Google, Yahoo, MSN and other redirects you to other non related sites.
Also msivxserv.sys trojan changes the DNS server options to the following fixed IPs: 85.255.112.95, 85.255.112.171, 85.255.112.204, 85.255.112.90.
Use the free instructions below to remove msivxserv.sys trojan and any associated malware from your computer.
Continue reading How to remove msivxserv.sys trojan (Google redirect virus)…
Remove google redirect to IX-Find.com (Remove koobface and podmena.sys trojans)
In the past few days, many Myspace and Facebook users spammed with a message that have a link to a video. After clicking on this link a site opens that asking user to download an adobe flash update, which in reality is a malware (koobface and podmena trojans). When these Trojans are installed, computer works slowly, shows pop ups and program errors. Also, when attempting google searches, browser redirects to a web site ix-find.com. Use the free removal instructions below in order to remove ix-find.com malware and any other trojan infections.
Continue reading Remove google redirect to IX-Find.com (Remove koobface and podmena.sys trojans)…
How to remove gxvxcserv.sys trojan (google redirect virus)
gxvxcserv.sys trojan is a fresh version of W32.Tidserv trojan also known as Trojan-Downloader.Win32.Agent.brpo, that may represent security risk for the infected computer. The trojan uses rootkit-specific techniques designed to hide the software presence in the system.
Once infected it blocks user access to security websites, search results in Google, Yahoo, MSN and other redirect you to other non related sites. Also gxvxcserv.sys trojan changes the DNS server options to one of the following fixed IPs: 85.255.112.156, 85.255.112.129, 85.255.112.70,85.255.112.127.
gxvxcserv.sys trojan spreads by copying itself to all removable drives as %DriveLetter%\resycled\[random name].com, after that the trojan creates %DriveLetter%\autorun.inf file on all removable drives so that it executes whenever the drive is accessed.
Continue reading How to remove gxvxcserv.sys trojan (google redirect virus)…
How to remove Google searches redirect/vimax ads [gaopdxserv.sys trojan]
Google/Yahoo/MSN searches redirect is a result of gaopdxserv.sys trojan activity (variant of TDSSserv trojan family). The trojan horse may represent security risk for the infected computer and uses rootkit-specific techniques designed to hide the software presence in the system.
Once infected, gaopdxserv.sys trojan blocks user access to security websites, search results in Google, Yahoo, MSN and other redirect you to non related sites. Vimax pills banner ads are popping up on some sites, include security sites. Also the trojan spreads by copying itself to all removable drives as %DriveLetter%\resycler\[random].com, after that the trojan creates %DriveLetter%\autorun.inf file on all removable drives so that it executes whenever the drive is accessed.
Continue reading How to remove Google searches redirect/vimax ads [gaopdxserv.sys trojan]…
How to remove Google searches redirect virus 7.7.7.0 (remove Rootkit.Win32.Agent.fwt)
Redirect to 7.7.7.0 is a result of wdmaud.sys trojan/rootkit activity. Once infected, google results redirected you to junk/scam sites. You can see the waiting for 7.7.7.0 in the bottom of the browser. It is caused by the file C:\Windows\system32\wdmaud.sys (reported as Rootkit.Win32.Agent.fwt). The legitimate wdmaud.sys actually exists at C:\Windows\system32\drivers\. Use the free instructions below for removing the wdmaud.sys trojan/rootkit from your computer.
February 19, 2009 on 5:54 am | In Trojan, Tutorials - HowTo | 4 Comments |How to remove windowsclick.com redirect [UACd.sys trojan]
Redirect to windowsclick.com site is a result of UACd.sys trojan activity. The trojan horse may represent security risk for the infected computer and uses rootkit-specific techniques designed to hide the software presence in the system.
Once infected, UACd.sys trojan blocks user access to security websites, search results in Google, Yahoo, MSN and other redirect you to windowsclick.com and other non related sites.
Continue reading How to remove windowsclick.com redirect [UACd.sys trojan]…
How to remove msqpdxserv.sys trojan (trojan tidserv)
Msqpdxserv.sys trojan also known as W32.Tidserv is a trojan horse that may represent security risk for the infected computer. The trojan uses rootkit-specific techniques designed to hide the software presence in the system.
Once infected it blocks user access to security websites, web pages have a “VIMAX” ad that appears which links thru a b12.adv.net site, search results in Google, Yahoo, MSN and other redirect you to other non related sites. Also Msqpdxserv.sys trojan changes the DNS server options to one of the following fixed IPs: 85.255.115.156, 85.255.112.87, 85.255.115.50, 85.255.112.154.
Msqpdxserv.sys trojan spreads by copying itself to all removable drives as %DriveLetter%\resycled\boot.com, after that the trojan creates %DriveLetter%\autorun.inf file on all removable drives so that it executes whenever the drive is accessed.
Continue reading How to remove msqpdxserv.sys trojan (trojan tidserv)…
How to remove Win32.BackDoor-DNM, Spyware.ISpynow, win32.zafi.b, Win32.Netsky.Q, Trojan.Zlob.G (Fake Security Center Alert)
If you are seeing a Security Center Alert that is stating that Windows Firewall has blocked activity of harmful software (Spyware.ISpynow, win32.zafi.b, Win32.Netsky.Q, Trojan.Zlob.G, Win32.BackDoor-DNM), then you have become infected with a trojan that uses this Security Center Alert to trick you into purchasing Perfect Defender 2009 or another rogue antispyware program. Once running, this trojan will display a fake security center alerts that tells you:
Security Center Alert
To help protect your computer, Windows Firewall has blocked activity of harmful software.
Do you want to block this suspicious software?
Name: Spyware.ISpynow
Risk Level: High
Description: iSpynow is a Spyware program that records keystrokes and takes screen shots of the computer, stealing personal financial information.
Security center alert
To help protect your computer, Windows firewall has blocked some features of this program.
Do you want to block this suspicious software?
Name: win32.zafi.b
Risk Level: High
Security Center Alert
To help protect your computer, Windows Firewall has blocked
some features of this program.Do you want to block this suspicious software?
Name: Win32.BackDoor-DNM
Risk Level: High
Description: DNM is a worm trojan program that records keystrokes and takes screen shots of the computer, stealing personal financial information.
If you are clicking on the enable protection button, then opens up a site asking you to download rogue antispyware program (Perfect Defender 2009) or another rogue antispyware software.
Continue reading How to remove Win32.BackDoor-DNM, Spyware.ISpynow, win32.zafi.b, Win32.Netsky.Q, Trojan.Zlob.G (Fake Security Center Alert)…
How to remove brastk.exe/karna.dat trojan (FakeAlert trojan)
brastk.exe/karna.dat are two main components of trojan (trojan.fakealert) that may represent security risk for the infected computer. The trojan.fakealert uses rootkit techniques designed to hide the software presence in the system and also blocks user access to security websites. Once running, this trojan will display a red circle with a white X in your taskbar and a fake security alerts that tells you to install a rogue antispyware application to delete the infection.
Your computer is infected!
Windows has detected a spyware infection!
It’s recommended to use special antispyware tools to pervent (sic) data loss.
Windows will now download and install the most up-to-date antispyware for you.
Click here to protect your computer from spyware!
These alerts are a fake and should be ignored!
Continue reading How to remove brastk.exe/karna.dat trojan (FakeAlert trojan)…
« Previous Page — Next Page »
Malware Removal:
- Remove antispyjob.com browser hijacker
- How to remove AWM Antivirus (Uninstall instructions)
- How to remove antivirspace.com browser hijacker
- How to remove antivirlock.com browser hijacker
- How to remove antivirmars.com browser hijacker
- How to remove Advanced Security Tool 2010 (Uninstall instructions)
- How to remove Red Cross Antivirus (Uninstall instructions)
- How to remove AVDefender 2011 (Uninstall instructions)
- How to remove fake Microsoft Security Essentials Alert
- Remove antivirdial.com browser hijacker
Recent Forum Posts:
- Buy Avapro Online Without Prescription | Buy Avapro No Rx
- Antimalware Doctor - help!
- Virus pretending to be Microsoft internat explorer
- Antimalware Doctor
- Security Suite Virus - Unable to start computer
- exact same problem removed antimalware doctor, can't get online
- Malwarebytes removed antimalware doctor, can't get online
- Google redirect: HiJackthis log (at wits end)
- MBAM_ERROR_ADD_TO_RESULTS (0,6)
- Antimalware doctor won't let me run HijackThis...
Recent Comments:
- God!! youre a life saver! i mean pc saver!...
- Derek, what shows your browser when you trying to...
- Adrienne, download HijackThis from ...
- Joey, start a new topic in our Spyware removal for...
- Amjad, download the suggested programs above to an...
- luke, what shows you PC when you trying run any ap...
- Eva, try the following: rename the core Malwareby...
- Then you need to download the suggested programs a...
- mark, probably you have clicked to a google ads. U...
- DA, you are logged as Administrator ?...
Categories:
Archives:
- September 2010 (3)
- August 2010 (21)
- July 2010 (9)
- June 2010 (11)
- May 2010 (11)
- April 2010 (7)
- March 2010 (19)
- February 2010 (20)
- January 2010 (26)
- December 2009 (26)
- November 2009 (23)
- October 2009 (26)
- September 2009 (18)
- August 2009 (12)
- July 2009 (10)
- June 2009 (10)
- May 2009 (7)
- April 2009 (18)
- March 2009 (21)
- February 2009 (15)
- January 2009 (13)
- December 2008 (7)
- November 2008 (15)
- October 2008 (14)
- September 2008 (10)
- August 2008 (5)
- July 2008 (3)
- June 2008 (4)
- May 2008 (5)
- April 2008 (1)
- March 2008 (4)
- February 2008 (3)
- January 2008 (2)
- December 2007 (7)
- November 2007 (27)
- October 2007 (4)
- July 2007 (2)
- June 2007 (3)
- April 2007 (1)
- March 2007 (6)
- February 2007 (6)
- December 2006 (1)
- November 2006 (2)
- October 2006 (7)
- September 2006 (2)
- August 2006 (10)
- July 2006 (7)
- June 2006 (22)
- May 2006 (18)
- April 2006 (12)
- March 2006 (24)
- February 2006 (33)
- January 2006 (52)
- December 2005 (50)
- November 2005 (66)
Help by linking to us:
- MyAntiSpyware needs your support. Please make a link from your site to us.
Use the button:
Bookmark Us:
My Anti Spyware - Free antispyware programs and Spyware Removal Instructions.