NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY

 
 
 
 
 
 
  

Remove Conflicker.B Infection Alert
. Description and removal instructions

 
Title: Conflicker.B Infection Alert

 Also known as: Conflicker.B Infection Alert spam
Type: Adware
Severity scale:Conflicker.B Infection Alert severity is 35  (35 / 100)
 
Once again the "Conflicker.B Infection Alert" spam campaign has started. The same campaign was seen earlier this year. The scheme remains the same but the e-mail is a bit modified and written is several different languages. Basically, a person gets an email with Conflicker.B Infection Alert in subject from Microsoft Windows Agent (supposedly from Microsoft's Computer Safety Division). The fake message has an attachment. Usually, it is a file called install.zip (29.66KB), however please note that the file name may vary. The message states:


From "Microsoft Windows Agent"
Subject Conflicker.B Infection Alert

Dear Microsoft Customer,

Starting 18/10/2009 the ‘Conficker’ worm began infecting Microsoft customers unusually rapidly. Microsoft has been advised by your Internet provider that your network is infected.

To counteract further spread we advise removing the infection using an antispyware program. We are supplying all effected Windows Users with a free system scan in order to clean any files infected by the virus.

Please install attached file to start the scan. The process takes under a minute and will prevent your files from being compromised. We appreciate your prompt cooperation.

Regards,
Microsoft Windows Agent #2 (Hollis)
Microsoft Windows Computer Safety Division


Most importantly, do not download and open install.zip file. It contains a Trojan virus (install.exe file) which displays fake security alerts and notifications about serious system security threats and infections. The fake notification reads:


Your computer is infected!
Windows has detected spyware infection!
It is recomended to use special antispyware tools to pervent data loss.Windows will now download and install the most up-to-date antispyware for you.
Click here to protect your computer from spyware!


Finally, the Trojan installs the rogue security application called Antivirus Pro 2010 on the compromised computer. It imitates system scan and reports false scan results to make you think your computer is badly infected. The main goal of this malware is to trick your into purchasing the program.

Antivirus Pro 2010 graphical user interface

If your computer is infected with this parasite, please use the removal guide below to remove Antivirus Pro 2010 and related malware including Conflicker.B Infection Alert Trojan from your PC. Also we strongly recommend you to scan your computer with a reliable anti-spyware application just to make sure there are no other viruses on your computer.

FORUM:
Discuss Conflicker.B Infection Alert in
spyware removal forum

Related files: seres.exe, svcst.exe, lizkavd.exe

Conflicker.B Infection Alert properties:
• Changes browser settings
• Shows commercial adverts
• Stays resident in background

Automatic Conflicker.B Infection Alert removal:

remover for Conflicker.B Infection Alert

Conflicker.B Infection Alert manual removal:

Kill processes:
seres.exe svcst.exe lizkavd.exe
HELP:
how to kill malicious processes

Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\AntivirusPro_2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\lizkavd
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntivirusPro_2010
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = "zip;.rar;.cab;.txt;.exe;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mov;.mp3;.wav"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "SaveZoneInformation" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "ForceClassicControlPanel" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = "no"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "mserv"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "svchost"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\lizkavd\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Antivirus Pro 2010"
HELP:
how to remove registry entries

Delete files:
seres.exe svcst.exe lizkavd.exe
HELP:
how to remove harmful files

Other programs to remove Conflicker.B Infection Alert:

• Malwarebytes Anti Malware - Review - Download
• Malwarebytes Anti Malware - Review - Download
• Windows Defender - Review - Download

Information added: 20/10/09
Information updated: 20/10/09

Additional resources related to Conflicker.B Infection Alert:

Attention: If you know or you have a website or page about Conflicker.B Infection Alert
removal, feel free to add a link to this list: add url



more resources

Post Comment:

Attention: Use this form only if you have additional information about Conflicker.B Infection Alert parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.



Enter security code:

Latest spyware news:
Similar parasites:
Latest Spyware Threats: VirusProtect Pro | VirusLocker | SpyCrush | ContraVirus | SpyLocked | SpyDawn | AntiVerminser | SpywareQuake | VirusBurst | AntiVermins | AntiVermeans | Zlob | PopCorn.net | MovieLand | TagASaurus | BraveSentry | VirusBurster | SystemDoctor | VirusRescue | MalwareWipe | SpySheriff | CmdService | Smitfraud | SpywareStrike | WinFixer | WinHound | PestTrap | UnSpyPC
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds
© 2001-2008 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.