Friday, March 10, 2006

How to remove Bravesentry

BraveSentry is a rogue anti spyware program that is known to issue fake warnings on your computer in order to manipulate you into buying its full commercial version.
Bravesentry is a clone of infamous SpywareStrike, Spyaxe, Spysheriff, Spytrooper.
Click here for Bravesentry removal instructions

Friday, February 03, 2006

How to remove BlackWorm, W32.Blackmal.E@mm

Blackworm Virus is a nasty Internet worm that spreads by e-mail via messages with infected attachments. The user can accidentally infect a computer by opening a malicious e-mail attachment or running an infected executable file.Blackworm is an extremely dangerous and rapidly spreading Internet worm.
Blackworm is also known as Nyxem.e, Nyxem.d, Blackmal.e, Mywife.d and KamaSutra worm.
It deletes essential executables and library files related to popular antiviruses and other security-related programs and some file sharing applications. All this corrupts installed software and compromises system security. On the third day of every month, Blackwork destroys all text documents (.doc, .pdf), spreadsheets (.xls), presentations (.ppt, .pps), databases (.mdb, .mde), archives (.rar, .zip), images (.psd) and memory dumps (.dmp) it finds in the compromised system. This may lead to catastrophic data losses.
Black worm Virus is a very high risk threat and should be removed immediately to prevent harm to your computer and your privacy.
Automatic Blackworm removal Tool
Blackworm manual removal:
Kill processes: movies.exe, new winzip file.exe, rundll16.exe, scanregw.exe, update.exe, winzip.exe, winzip_tmp.exe, zipped files.exe.

Monday, January 16, 2006

How to remove (uninstall) SpyAxe

SpyAxe is an anti-spyware application that may be distributed and installed without a user's knowledge or consent. The installed application functions up to the point when a user wants to remove a found infection, at which point the software requires purchase. The software may falsely alarm about infections, even prior to conducting a scan.
The trojan that has downloaded and installed Spyaxe is detected as Trojan-Downloader.Win32.Zlob. It has lately been masked as a Video Codec.
Click here for SpyAxe removal help

Saturday, January 14, 2006

How to remove the Aurora, Nail.exe, Epolvy Hijackers

Nail.exe is a compotent of Direct Revenue's spyware program Aurora.
Nail.exe is a is a hijacker which means it will intermittently change your Internet Explorer settings or Desktop to the link of it's author's sponsors. This program is usually installed through consent, however is sometimes packaged as another product. Aurora.exe is an advertising program by Aurora. This process monitors your browsing habits and distributes the data back to the author's servers for analysis. This also prompts advertising popups.
Click here for Nail.exe Aurora removal instructions

Tuesday, January 10, 2006

How to remove CWS Hijacker

CWS is a trojan that hijacks Internet Explorer start and search settings to one of several different web sites (see below). Most of these web sites appear to have an affiliate relationship with coolwebsearch.com in which coolwebsearch pays them for every visitor they refer. There could be other domains involved in the future.
This hijack is similar to the datanotary.com hijack discovered last month. As with datanotary, the CWS hijack sets Internet Explorer to use a custom style sheet containing javascript that opens a pop up window. In fact, we believe the trojan involved with CWS is an updated version of the same malware involved with datanotary.
In the original variant, the start and search settings were changed to an address in which the letters are converted into an unreadable mess of numbers and % symbols to hide the domain name from the user. It also made it difficult to blacklist the domain. Internet Explorer is able to translate the symbols and load the hijacker’s web site.
An executable file named bootconf.exe is copied to the \windows\system32\ folder and set to load at startup. Even if you fix the hijack, this file will reinstall it the next time it is loaded.
This trojan is detected by Computer Associates antivirus products under the following names:
Win32.Startpage.C
JS.CSSPopup.B,
JScript/IEstart.Trojan,
Win32/IEstart.Trojan
Click here for CWS Hijacker removal instructions

Thursday, January 05, 2006

How to remove WebHancer

WebHancer is a process started at Windows startup that monitors web sites being viewed and sends performance data on them back to webHancer's servers. WebHancer conflict with Microsoft IIS - causes problems with ASP scripts . It causes server script ASP pages to not work at all when the web application settings are in medium and high isolation modes.
Automatic WebHancer removal Tool