WebCom is an Internet Explorer Browser Helper Object )BHO). WebCom typically generates pop-up advertising, and tracks your online and Internet activity. WebCam may also redirect your search requests, and modify your browser settings and homepage.

Posted on March 17, 2008 in Browser Helper Object

How To Remove Cookies

Internet Cookies are files containing text that a web server stores on a computer users hard drive allowing a website to store pieces of information that it can retrieve later. A malicious cookie or tracking cookie, is very similar to a regular cookie only it is used to track internet activities with the intent of doing harm to a system or steal personal data. A cookie is not a program and therefore it is not able to run like other applications that may be installed on a computer. Cookies are stored in a location designated by your web browser application. If a user visits a malicious website, then their system is susceptible to becoming infected with a spyware parasite or tracking cookie. Normally, in the case of a malicious or tracking cookie infection, they can be used to compromise a computer users privacy by tracking online...

Posted on March 15, 2008 in Tutorials

Preview Unlocked 1.0

Preview Unlocked 1.0 is a Remote Remote Administration Tool which is a specific type of hacker spyware that enables the hacker to gain remote access control over the user's PC. This is achieved by the hacker infecting the PC via e-mail or File and Print Sharing. The hacker then uses a "server" which allows him to connect through a "client" on the hacker's own computer. Preview Unlocked 1.0 can be quite malicious as it has the ability to steal vital personal information from the user as well as delete important files. This application may also crash the user's system. Preview Unlocked 1.0 may take screen shots of the user's online activity and log keystrokes. Preview Unlocked is difficult to detect as it remains hidden as it operates.

Posted on March 14, 2008 in Remote Administration Tools

How to Backup and Restore Windows Registry

Your Windows registry stores important information about your computer including instructions that allow applications to function. The registry knows what kind of hardware you have, what software is installed, and how you have setup Windows. Backing it up when your computer is running well can be very useful if you ever run into problems. If you are unable to figure out why your computer is crashing, you can try restoring your registry. Why? If your computer is crashing and you are unsure as to why, then restoring a recent working registry can be very helpful and will often fix your problems. However, it is important to first back up your Windows registry before starting the process of restoring it. How to Backup the Windows Registry (Windows XP) There are many ways to back up the Windows Registry. The process listed below is the most...

Posted on March 12, 2008 in Tutorials


The Sonic Worm spreads through email with the subject: Choose your poison or I am your poison and no body text. The infected email attachment can be either girls.exe or lovers.exe. The Sonic Worm is activated by opening the infected attachment. The Sonic Worm displays a message containing one of the following text: Girls.exe is not a valid Win32 application. Or Lovers.exe is not a valid Win32 application. The Sonic Worm replicates itself under the Windows/System directory as GDI32.exe and changes the registry entry at the following location: HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Run If the user detects a program with the name gdi32a.exe, it is likely that the PC is infected with the Sonic Worm. Sonic Worm performs a number of malevolent acts such as stealing data from the user's PC (such as passwords, credit card...

Posted on March 12, 2008 in Worms


Anquiro is a third party Internet Explorer toolbar which monitors the user's web browsing activities. Anquiro hijacks the browser home page and modifies the Windows registry. By monitoring the user's web browsing activities, Anquiro generates commercial pop-up ads targeted to the browsing habits of the user. Anquiro must be installed manually. The user should run reliable anti-spyware software to detect and remove Anquiro immediately.

Posted on March 12, 2008 in Browser Plugins


AdRotator is adware that may launch pop-up advertisements onto your computer's desktop. AdRotator may also monitor your online and internet activity, placing your personal and financial information at great risk. AdRotator can be bundled with Spediabar Trojan.

Posted on March 9, 2008 in Adware


AntiSpywareMaster, AntiSpyware Master or AntiSpywareMaster.com is a malicious and rogue anti-spyware application. AntiSpywareMaster may be installed with the help of Trojans and other malware from the AntiSpywareMaster.com website. AntiSpywareMaster is designed to display deceptive warning messages stating that the user's computer is infected to sell its product. AntiSpywareMaster comes from the same makers of AntispywareDeluxe.

Posted on March 8, 2008 in Rogue Anti-Spyware Program


Do you have WinErrorFixer? This "WinErrorFixer Removal Guide" article will show you how to identify and remove WinErrorFixer. This guide will be updated as more information is available. WinErrorFixer Detection Test  Run SpyHunter’s Spyware Scanner to check for WinErrorFixer infections on your PC. WinErrorFixer Description WinErrorFixer, also known as WinErrorFixer 2007, is a rogue anti-spyware application that uses deceptive scanning tactics to persuade you to purchase their full version. WinErrorFixer may be brought into your computer by a Trojan, sneaking past weak security system points, or may be downloaded directly from www.WinErrorFixer.com. As soon as WinErrorFixer is installed, it will perform a fake scan that will result in exaggerated threat reports. Below is an example of a fake warning WinErrorFixer may...

Posted on March 8, 2008 in Rogue Anti-Spyware Program


IEMenuExt is an Internet Explorer browser plugin that adds a toolbar with malware and adware. Once installed IEMenuExt monitors and tracks the websites visited by the user. IEMenuExt then sends this information to remote servers where it is used to generate unwanted commercial pop-up ads targeting the user's web browsing activities. IEMenuExt is manually installed and automatically runs on every Windows startup and reboot.

Posted on March 7, 2008 in Browser Plugins


Scanbaseonline.com is a rogue website and browser hijacker that promotes the counterfeit application System Security. The user’s PC becomes infected with a Trojan which then redirects their web browser to the rogue website. A pretend scanner will appear and produce false results claiming an exaggerated number of infections. The user will be asked to purchase the full paid version of the System Security program. The user should ignore all warnings and results from this website as they are all fabricated. It is strongly recommended to use reliable anti-spyware software to scan, detect and remove all possible infections promptly. Author of Scanbaseonline.com: Innovagest2000

Posted on March 7, 2008 in Rogue Websites

Registry Defender

Registry Defender screenshot

Registry Defender is a fake registry cleaner that displays misleading and exaggerated warnings about the users system's registry errors. Registry Defender does not pose a serious security threat but is an annoyance. Registry Defender must be installed by you; therefore you may have downloaded the program on its official website, RegistryDefender.com. Once Registry Defender performs its fake scan it will load upon start up, and, after each restart of the system as well as display erroneous warning alerts. If you want to remove Registry Defender from your system you can use the uninstaller that is bundled with the program.

Posted on March 6, 2008 in Misleading Programs


GoInDirect is a porn dialer that takes control of the user's modem to gain access to pornographic websites and in the process dials high-rate numbers. GoInDirect is usually installed without the user's knowledge or consent.

Posted on March 1, 2008 in Dialers

KGB Keylogger

KGB Keylogger, also known as KGBSpy, is a commercial keylogger that monitors and records every keystroke the user makes. KGB Keylogger is a serious threat since it can be programmed to email the user's keystroke information to whoever installed KGB Keylogger. This can give an attacker sensitive private information such as passwords, emails, chat room conversations, credit card numbers, bank information and websites visited. KGB Keylogger can be installed without the user's knowledge or consent and runs automatically each time the user's PC is started or reboot. It is strongly recommended to use reliable anti-spyware or anti-virus software to detect and remove KGB Keylogger.

Posted on February 27, 2008 in Keyloggers


WinReanimator is the latest rogue anti-spyware application that may be brought into your computer system by a Trojan, infiltrating your machine via security system cracks, or may be downloaded directly from www.WinReanimator.com. After WinReanimator is executed, it will bombard your desktop with Windows-like threat notifications, such as the following: "Windows has detected spyware infection! It is recommended to use special antispyware tools to prevent data loss. Windows will now download and install the most up-to-date antispyware for you Click here to protect your computer from spyware!" This message is bogus and cannot be trusted. WinReanimator should be removed immediately to prevent further damage to your system.

Posted on February 26, 2008 in Rogue Anti-Spyware Program