Website Widget

By George Norman

Added on 21 Oct 2009(592 Views)

classification: Spam
A new spam campaign is making the rounds, warning users about a Conflicker.B Infection. The spam message pretends to be a warning message from Microsoft that advises users to download the attached file in order to keep their system protected a new variant of the Conflicker worm. It goes without saying that you should ignore these spam messages; it also goes without saying that you should not download the attachment.
Here is how the spam message looks like:

Subject: Conflicker.B Infection Alert
Attached file: install.zip
Message body:

Dear Microsoft Customer,

Starting 18/10/2009 the ‘Conficker’ worm began infecting Microsoft customers unusually rapidly. Microsoft has been advised by your Internet provider that your network is infected.

To counteract further spread we advise removing the infection using an antispyware program. We are supplying all effected Windows Users with a free system scan in order to clean any files infected by the virus.

Please install attached file to start the scan. The process takes under a minute and will prevent your files from being compromised. We appreciate your prompt cooperation.

Regards,
Microsoft Windows Agent #2 (Hollis)
Microsoft Windows Computer Safety Division

The email’s attachment is a ZIP file that contains a file called install.exe. If you run the install.exe file you will let a Trojan loose on your system. This is what will happen:

• The settings of Internet Explorer will be changed so that it will run files considered risky
• You will be presented with phony security warnings like this one (the spelling mistakes are real - see image above): Your computer is infected! Windows has detected spyware infection!
  It is recomended to use special antispyware tools to pervent data loss.Windows will now download and install the most up-to-date antispyware for you.
  Click here to protect your computer from spyware!
• Rogue antispyware program Antivirus Pro 2010 will be installed on your machine.

Automatic removal guide
Step 1. If you have a printer, make sure to print out this tutorial. If you do not have a printer, save this tutorial, go out to a copy center and print it out there. If you do not have a printer and do not want to go out, then use the pen and paper method: grab a pen and a piece of paper and write down the instruction presented in the steps below. In the process of eliminating Conflicker.B Spam Trojan from your machine you will need to shut down the browser. And since this will also shut down the tutorial, you need to know what you should do next.

Step 2. You will have to install Malwarebytes’ Anti-Malware. In this regard you need to download the software’s setup executable. Just click this link and save the .exe file on your computer (preferably on your desktop).

Step 3. Double click the Malwarebytes’ Anti-Malware setup executable. It should be on the desktop under the name mbam-setup. This will launch the installation process. If you already know how to install a piece of software, proceed to step 4. If you do not know how to do this, we’ll walk you though it all:



- The Select Setup Language window should have popped up. By default, the language in which the software will be installed is set to English, but you can change this. The software provides support for 30+ languages. After selecting the language of your choice, click OK. It would be best to just leave it set to English though.



- The Malwarebytes’ Anti-Malware Setup Wizard will now popup. Just click Next.



- You will be presented with the License Agreement. Click I accept the agreement and then click Next. If you do not accept the agreement you will not be able to continue.



- Keep clicking Next until you get to the Ready to install window. Now click Install. After the installation process completes click Finish. Do not uncheck the boxes next to Update Malwarebytes’ Anti-Malware or Launch Malwarebytes’ Anti-Malware.















Step 4. The Malwarebytes’ Anti-Malware application will launch automatically. The Perform quick scan option should be checked by default – if it isn’t then check it and then click Scan. You are well advised to close all running apps before clicking scan. This will ensure the scan for Conflicker.B Spam Trojan will complete swiftly.



Malwarebytes’ Anti-Malware will start scanning your files for signs of Conflicker.B Spam Trojan. This may take a while, so be patient. It all depends on how powerful your computer is and how many files Malwarebytes’ Anti-Malware has to scan.



When the scan for Conflicker.B Spam Trojan is complete you will be presented with a notification box. Click OK to close the notification box and go to the main Scanner screen. Click Show Results and you will be presented with a list of all the infected files Malwarebytes’ Anti-Malware has detected.





Step 5. Click Remove Selected and Malwarebytes’ Anti-Malware will remove all the infected files it has detected. It may be necessary to restart your computer in order to remove some of these files. After Malwarebytes’ Anti-Malware is done removing all the infected files, it will open Notepad and present the scan log to you. You can review the log at your leisure – save it If you want.



Step 6. Close Malwarebytes’ Anti-Malware and you’re done. No traces of Conflicker.B Spam Trojan should be left on your computer.

Manual removal guide

Using Task Manager, shut down and remove the processes:



Access the Windows Registry Editor and delete the following registry keys:



Locate and delete the following files:





Don't forget to:

Tags:

Link to this article:

Add comment:

Top Downloads

Copyright © FindMySoft.com 2005-2011
0.014 s