Conflicker.B Infection Alert. How to remove? (Uninstall guide)

removal by Lucia Danes - -   Also known as Conflicker.B Infection Alert spam | Type: Adware
12

Once again the “Conflicker.B Infection Alert” spam campaign has started. The same campaign was seen earlier this year. The scheme remains the same but the e-mail is a bit modified and written is several different languages. Basically, a person gets an email with Conflicker.B Infection Alert in subject from Microsoft Windows Agent (supposedly from Microsoft’s Computer Safety Division). The fake message has an attachment. Usually, it is a file called install.zip (29.66KB), however please note that the file name may vary. The message states:

From “Microsoft Windows Agent”
Subject Conflicker.B Infection Alert

Dear Microsoft Customer,

Starting 18/10/2009 the ‘Conficker’ worm began infecting Microsoft customers unusually rapidly. Microsoft has been advised by your Internet provider that your network is infected.

To counteract further spread we advise removing the infection using an antispyware program. We are supplying all effected Windows Users with a free system scan in order to clean any files infected by the virus.

Please install attached file to start the scan. The process takes under a minute and will prevent your files from being compromised. We appreciate your prompt cooperation.

Regards,
Microsoft Windows Agent #2 (Hollis)
Microsoft Windows Computer Safety Division

Most importantly, do not download and open install.zip file. It contains a Trojan virus (install.exe file) which displays fake security alerts and notifications about serious system security threats and infections. The fake notification reads:

Your computer is infected!
Windows has detected spyware infection!
It is recomended to use special antispyware tools to pervent data loss.Windows will now download and install the most up-to-date antispyware for you.
Click here to protect your computer from spyware!

Finally, the Trojan installs the rogue security application called Antivirus Pro 2010 on the compromised computer. It imitates system scan and reports false scan results to make you think your computer is badly infected. The main goal of this malware is to trick your into purchasing the program.

Antivirus Pro 2010 graphical user interface

If your computer is infected with this parasite, please use the removal guide below to remove Antivirus Pro 2010 and related malware including Conflicker.B Infection Alert Trojan from your PC. Also we strongly recommend you to scan your computer with a reliable anti-spyware application just to make sure there are no other viruses on your computer.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove Conflicker.B Infection Alert you agree to our privacy policy and agreement of use.
do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Conflicker.B Infection Alert. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

More information about this program can be found in Reimage review.

More information about this program can be found in Reimage review.

Conflicker.B Infection Alert manual removal:

Kill processes:
seres.exe

svcst.exe

lizkavd.exe

Delete registry values:
HKEY_LOCAL_MACHINESOFTWAREAntivirusPro_2010

HKEY_LOCAL_MACHINESOFTWAREMicrosoftESENTProcesslizkavd

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallAntivirusPro_2010

HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerDownload "RunInvalidSignatures" = "1"

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesAssociations "LowRiskFileTypes" = "zip;.rar;.cab;.txt;.exe;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mov;.mp3;.wav"

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesAssociations "SaveZoneInformation" = "1"

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer "ForceClassicControlPanel" = "1"

HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerDownload "CheckExeSignatures" = "no"

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun "mserv"

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun "svchost"

HKEY_LOCAL_MACHINESOFTWAREMicrosoftESENTProcesslizkavd

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun "Antivirus Pro 2010"

Delete files:
seres.exe

svcst.exe

lizkavd.exe

About the author

Lucia Danes
Lucia Danes - Virus researcher

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

More information about the author