Xvirusdescan.com is a browser hijacker promoting the rogue anti-spyware application called System Security 2009. Due to affiliated trojans infiltrating your system via security exploits and modifying browser settings, web-surfing activities are typically interrupted and then redirected to the Xvirusdescan.com domain. Here a fake online scan results in fictitious infection reports that are used to persuade you to purchase the fake spyware remover System Security 2009.

Posted on April 10, 2009 in Rogue Websites


Trojan.Agent.cchq is a malicious Trojan horse infection that may compromise a user's system. Trojan.Agent.cchq may allow an outside attacker to gain access to personal files or data that could be used for identity theft. Once Trojan.Agent.cchq opens up a back door to the compromised system, a hacker could also take over certain functions of the user's system, using it to perform illegal actions over the internet. To ensure the safety of personal information and data stored on the hard drive, it is best to detect and remove Trojan.Agent.cchq with a spyware removal tool.

Posted on April 9, 2009 in Trojans


Trojan.Agent.bpro is a Trojan horse infection that could modify or change a user's Internet Explorer settings. Trojan.Agent.bpro may have the capability to download other malicious files onto a system without permission. The system may be vulnerable to outside attacks where an attacker could steal personal information. Manual removal of Trojan.Agent.bpro may be difficult to perform in many cases. It is recommended that a spyware removal tool is used to safely detect and completely remove Trojan.Agent.bpro.

Posted on April 9, 2009 in Trojans

Conficker Worm Awakens to Drop Potentially Dangerous Payload

The Conficker worm is currently active and updating via peer-to-peer (P2P). Researchers and security experts are analyzing the code of the software that is being dropped onto infected computers. We suspect that the code may be some type of logging program that has the ability to steal or compromise data on an infected system. Many people are surprised as to the new developments of Conficker as they thought April 1st marked the date for Conficker performing any malicious actions but they failed to realize that Conficker only downloaded an update on April Fool’s day. Judging from today's actions, it is safe to say that we have yet to see the true devastation of Conficker.C. The Conficker worm, once awakened, attempted to connect to MySpace.com, CNN.com, MSN.com, AOL.com and eBay.com in order to determine if the infected computer had...

Posted on April 9, 2009 in Computer Security

Virus Sweeper

Virus Sweeper screenshot

Virus Sweeper is a fake anti-virus program, also known as a rogue. Malware researchers have identified Virus Sweeper as a possible update of the widespread rogue anti-virus Virus Doctor. Other clones of Virus Sweeper include Antivirus 2009, Power Antivirus 2009, Vista Antivirus 2009 and AntiVir64. Rogueware like Virus Sweeper are programs designed superficially to look like real anti-virus programs. In fact, there is little more to Virus Sweeper than Virus Sweeper's interface. Virus Sweeper's only other functional elements are Virus Sweeper's credit card information entry form, and a collection of Trojans and malicious scripts designed to cause problems deliberately on a computer system....

Posted on April 9, 2009 in Rogue Anti-Spyware Program


INF/Autorun is a dangerous computer infection that is known to use Autorun.inf files in order to launch backdoor and Trojan horse infections automatically. INF/Autorun may be hidden on an executable file making it very difficult to detect and remove. INF/Autorun may also spread through removable media such as USB flash drives and then infect another system that connects to the infected drive. INF/Autorun should be detected and removed with a spyware removal tool to insure you do not spread this infection onto other computers.

Posted on April 9, 2009 in Trojans


Hypersecurityshield.com screenshot

Hypersecurityshield.com is a malicious website associated with a browser hijacker known by the same name. Hypersecurityshield.com promotes the rogue security application System Security 2009. At this website, the victim will be urged to run a free online scan of their hard drives which will invariably return a large number of false positive results. This fake scan is done to convince visitors to the Hypersecurityshield.com site that their computer system is in severe trouble and that it is necessary to download and install the fake security program System Security 2009. This is part of an elaborate online scam that is quite prevalent and has claimed a huge number of victims over the...

Posted on April 8, 2009 in Rogue Websites


Win32/Qhost is a Trojan horse infection that is used to replace or change the HOSTS file where corresponding IP addresses and names of remote computers are contained. Win32/Qhost uses a tactic of increasing the incoming traffic volume to a particular site. Once your system is infected with Win32/Qhost, you may get several warning or pop-up messages that could redirect you to a malicious website. Manual removal of Win32/Qhost may be difficult and dangerous to perform as you could delete essential system files in the process.

Posted on April 8, 2009 in Trojans


INF/Conficker is an infection allowing the Conficker Worm to spread through Autorun.inf files. Through this propogating process, INF/Conficker is able to infect removable drives. Any system that the INF/Conficker infected drive is given access to, is vulnerable to being infected with Conficker. The Autorun.inf process is able to automatically execute a newly attached drive such as an USB flash device. Mapped network drives are also vulnerable to spreading infections through INF/Conficker infected Autorun.inf files.

Posted on April 8, 2009 in Trojans


Trojan.Popuper is known to hijack and change the default Internet Explorer web browser settings. If your system is infected with Trojan.Popuper, then it is very possible that your default home page has been changed to a malicious domain. Once your system has the Trojan.Popuper infection, it will start to pop-up fraudulent notification messages in an attempt to get you to download a rogue anti-spyware application. It is very important that you detect and remove Trojan.Popuper so you can avoid further damage to your system.

Posted on April 8, 2009 in Browser Hijackers


Worm.IM.Sohanad is a Trojan virus that spreads in systems using the Windows operating system using Yahoo Messenger. Worm.IM.Sohanad sends an Instant Message in an attempt to spread itself by sending a link that contains a download to the worm infection. Worm.IM.Sohanad has also been known to download additonal malware onto your PC, and broaden tis horizons by moving throughout removable storage devices.

Posted on April 8, 2009 in Trojans


Antivguardian.com is a browser hijacker promoting the rogue anti-spyware application called Spyware Protect 2009. The most common way to hit Antivguardian.com domain is through being redirected there from a misleading web page at Browser-security.microsoft.com which contains a link to push if you want to keep your computer secure. Once you follow the misleadingly suggested reference, you will be taken to Antivguardian.com domain which contains adware pushing Spyware Protect 2009 fraud. Another way of being diverted to the Antivguardian.com webpage is through affiliated trojan viruses infiltrating your system and altering browser settings.

Posted on April 7, 2009 in Rogue Websites


SearchAWeb.com is a rogue website that hijacks your searches and redirects them to SearchAWeb.com, due to intruding malware such as Hacktool.Rootkit and Backdoor.Trojan modifying browser settings. The SearchAWeb.com domain further diverts search results to other shopping websites, such as SmartBizSearch.com, CowSurvey.com, DealHero.com, and more.

Posted on April 7, 2009 in Rogue Websites


Fullantispywarescan.com is a browser hijacker promoting the rogue anti-spyware application Personal Antivirus. Through affiliated trojans that infiltrate the system and modify browser settings, web-surfing activities become interrupted and diverted to the Fullantispywarescan.com web page. Here the compromised machine is subject to a fake online scane that typically reports non-existent or exaggerated infection results. This is in order to frighten or intimidate a user into purchasing and installing Personal Antivirus.

Posted on April 7, 2009 in Rogue Websites

Timbar A

Timbar A is a Browser Helper Object (BHO) that is a basic component for Internet Explorer. Once installed, Timbar A may perform various malicious actions, such as creating annoying windows to display banner advertisements or similar ads with additional information. Timbar A may also monitor messages and a user’s actions. Most of the time, Browser Helper Objects will not be detected by a firewall, because it is seen as your browser itself.

Posted on April 6, 2009 in Browser Helper Object