Monday, December 31, 2007

Trojan Win32.Murlo - last 2007 fake trojan from Zlob family?

Trojan Win32.Murlo - we believe it's the last imaginary trojan horse generated by IEDefender and FilesSecure misleading programs. They show Trojan Win32.Murlo detection reports as their scan results to scare users and force to purchase "full" versions of this dummy anti-spywares.

Trojan.Win32.Murlo is a relentless malware infection that is the latest of the rogue anti-spyware programs on the net today. Initially, Trojan.Win32.Murlo will present a pop up box alerting the user to the following message:
“Critical System Error! Your computer was infected by Trojan.Win32.Murlo It’s dangerous for your system, some files can be lost and your browser can be slow! Click OK to download the antispyware program to clean your computer! (Recommended)”
The incessant pop-ups that Trojan.Win32.Murlo presents advertise for IEDefender which is a fake spyware application that causes even more damage to your system. Ultimately and like many other rogue anti-spyware infections, Trojan.Win32.Murlo tries to convince the user into purchasing a license for IEDefender and will not let up until you do. If you have the Trojan.Win32.Murlo infection on your PC, follow the link below for removal of this infection.
www.spywarenotice.com
Manual removal instructions for Win32.Murlo are the same as for Trojan.win32.BHO.aqz
You can remove Trojan Win32.Murlo and all other spyware using Spyware Doctor Premium anti-spyware with 100% free scan.



at 8:15 AM Posted by Roman 0 comments
Tags: , , , , ,

Friday, December 28, 2007

Trojan - Win32/Qoologic - new imaginary trojan from FilesSecure

Trojan - Win32/Qoologic - critical system error is a fake message generated by FilesSecure rogue to trick users into buying it's full version.
Trojan - Win32/Qoologic is an imaginary Trojan name used to threaten and trick users into buying the rogue anti-spyware application Files Secure . The user gets infected after downloading the video codec that infects the computer with a nasty Trojan. This Trojan then displays false warning messages stating "Your PC is infected by Trojan - Win32/Qoologic" and recommends to download the program (most probably Files Secure), which will "remove" this parasite. However, in real Files Secure will not fix your PC but might actually expose you to more security threats.
www.spywareremove.com
You can remover this dangerous parasite using Spyware Doctor spyware remover with free scan. Also you can try to use manual removal instructions (at your own risk).


Manual removal instructions - the same as for Trojan.win32.BHO.aqz.
at 4:14 AM Posted by Roman 0 comments
Tags: , , , ,

Sunday, December 23, 2007

Trojan.win32.BHO.aqz Removal - Trojan.win32.BHO variants

Trojan.win32.BHO.aqz (and variants) is a real trojan horse that often installs malicious toolbars using browser security backdoors. But some programs (IeDefender, Files Secure) displays Trojan.win32.BHO.aqz fake detection message as their scan\detection result. Trojan.win32.BHO.aqz may be also distributed by a new bogus codec.
You can repair your computer manually, but this may mean searching your PC’s folders and registry for hours for Trojan.win32.BHO.aqz hidden files. To save time, you can automatically scan your PC with Spyware Doctor for Trojan.win32.BHO.aqz and other spyware parasites.

Trojan.win32.BHO variants:
Trojan.Win32.BHO.zn
Trojan.win32.BHO.aqz
Trojan.win32.BHO.bfs
Trojan.Win32.BHO.hn
Trojan.Win32.BHO.g
Trojan.Win32.BHO.r
Trojan.Win32.BHO.abo
Trojan.win32.bho.hj
Trojan.Win32.BHO.ab
Trojan.Win32.BHO.bd
Trojan.Win32.BHO.DBU
Trojan.Win32.BHO.yr
Trojan.Win32.BHO.kd

Trojan.win32.BHO manual removal instructions:
Remove Trojan.win32.BHO.aqz registry values:
670ADC7B-89DC-4F88-98CC-2E3B
CF85F140
7E24E909-FB8A-4837-9DF7-05E7587CB26C
c4545fc9-26d0-4ccf-b4fb-728aed895dbd
E856E05E-1B91-4339-9EFC-9A3308CB5491
B3E45A9B-7756-46A2-AB14-90175CD374F9
BBB05D9E-0297-404D-A6BF-D8F2876B84A6
F9EAAA11-DF98-4615-A2C7-7D03C86A6BE9
69B98C68-D2B8-4A4E-9CB7-E85B6F3A7014
A8565FBC-8D53-4D4F-9BB0-CBC68A22B126
43BA0532-0D69-458A-8C71-AD0F6AE70D19
62EA9201-8CC7-4199-AC30-7744F836322E
b166be07-30a4-4d38-b781-44528a630706
D17CFF74-A19C-4C36-821A-E074E4F889CA
202EBB90-ABD4-46CC-BB5A-4F0ECC67B331
15EB9F40-D775-4463-B75B-8687B3C66BB7
6D64B03B-3B93-4AF2-BFC6-01264A4C7F2A
6A719349-BDF5-4268-9019-4ACA0C2562D2

Unregister and remove Trojan.win32.BHO.aqz dll's:
mscfg32.dll
windivx.dll
websrc32.dll
mlljh.dll
cjvy.dll
gqagksr.dll
esent9.dll
ttvbonvgl.dll
ssqppol.dll
pmspl.dll
urqnomm.dll
msvideo.dll
ecxwp.dll
stream32a.dll
vtssp.dll
at 5:44 AM Posted by Roman 0 comments
Tags: , , , , , ,

Friday, December 21, 2007

Leosrv toolbar - another Zlob BHO

Leosrv toolbar - is another Zlob related Browser helper object that may damage your computer and compromise your privacy and security. It is recomended to remove this malware from your PC.

To remove Leosrv toolbar manually unregister this registry subkeys:

HKCR\CLSID\{14E52265-CCA3-4F78-A21B-88F4EE6E78C1}
HKCR\Interface\{6E9078DA-0C69-47B0-9637-2734104BD217}
HKCR\TypeLib\{5328D226-7057-4B06-9E4A-7829BFA7CA78}
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{14E52265-CCA3-4F78-A21B-88F4EE6E78C1}
HKCR\leosrv.ToolBar.1\CLSID
{14E52265-CCA3-4F78-A21B-88F4EE6E78C1}
HKCR\leosrv.bkwo\CLSID
{14E52265-CCA3-4F78-A21B-88F4EE6E78C1}
HKCR\leosrv.ToolBar.1
HKCR\leosrv.bkwo

Use Spyware Doctor antispyware to remove Leosrv toolbar automatically:


Leosrv toolbar remover with free scan

The Leosrv Toolbar is another clone of all the previous Zlob virus toolbars. Same function as the previously named The Voipwet Toolbar. Common distribution method of The Leosrv Toolbar is by the Smart Video Codec trojan. The Leosrv Toolbar displays fakes alerts, warnings and links to rogue anti-spyware products. Four icons and text are present within The Leosrv Toolbar – Remove Popups, Scan Spyware, Security Test, & Spam Protection. All icons lead to rogue security products.
www.spywarenotice.com

at 5:29 AM Posted by Roman 2 comments
Tags: , , , , ,

Tuesday, December 18, 2007

VirusProtect review. How to remove VirusProtect infection?

This summary is not available. Please click here to view the post.
at 1:25 PM Posted by Roman 0 comments
Tags: , , ,

Friday, December 14, 2007

Trojan.Win32.LinkReplacer - new fake trojan

Trojan.Win32.LinkReplacer is the latest warning message to be displayed via the IE Defender rogue anti-spyware. Trojan.Win32.LinkReplacer - is threat that replaced Trojan.Win32.Obfuscated and Trojan.win.32.agent.akk.


The manual removal process is the same as Trojan.Win32.Obfuscated (previous post)
We recomend to use automatical removal tool (Spyware Doctor) - legistimate and powerful spyware cleaner. It will easily remove Trojan.Win32.LinkReplacer and other threats.
at 1:58 PM Posted by Roman 0 comments
Tags: , , , ,

Wednesday, December 12, 2007

Trojan.Win32.Obfuscated Removal

Trojan.Win32.Obfuscated new dangerous trojan horse that may compromise your privacy and security.
"Trojan.Win32.Obfuscated is a relentless malware infection that is the latest of the rogue anti-spyware programs on the net today. Initially, Trojan.Win32.Obfuscated will present a pop up box alerting the user to the following message: “Your browser was infected by Trojan.Win32.Obfuscated.gx You need to clean your system immediately, in other case it can be crashed soon! Click OK to download the high-tech anti spyware protection software! (Recommended)” The incessant pop-ups that Trojan.Win32.Obfuscated presents advertise for IEDefender which is a fake spyware application that causes even more damage to your system. Ultimately and like many other rogue anti-spyware infections, Trojan.Win32.Obfuscated tries to convince the user into purchasing a license for IEDefender and will not let up until you do. If you have the Trojan.Win32.Obfuscated infection on your PC, follow the link below for removal of this infection."
www.spywarenotice.com

Automatical Removal Tool:

Read more »
at 10:12 AM Posted by Roman 0 comments
Tags: , ,
Subscribe to: Posts (Atom)