FraudTool-AntiSpySpider Trojan removal

XBlock By Actiance - Home

Someone Spying on You? Fight Back!
Currently Notice: Undefined variable: incprefix in /data/www/xblock/product_show.php on line 123 25,860,543 Spy Software Busted!

Products

X-RayPC

Full Name:	FraudTool-AntiSpySpider
Type:	Trojan
Danger Level:	4
Category Description:	Trojans are malicious applications that pose themselves as legitimate software in order to trick users to install them. Once on the victim's machine, it may run any number of malicious process to steal vital information or inflict damage to other software.
Comment:	FraudTool-AntiSpySpider is used to disable the Windows Task Manager and Registry editor. Can display an infection message in the system tray. This tool is used with AntiSpySpider to trick the user into purchasing the application. Downloads and displays advertisements.

Properties:	Alters Key Windows Components Autostarts/Stays Resident Connects to the internet Fake You are infected alerts Shows Advertisements
Manual Removal:	Disable System Restore. Clean with X-Cleaner. Do not restart the computer when X-Cleaner prompts. Steps to re-enable the Task Manager and registry editor: Go to Start->Run-> type mmc and hit enter. The Console window will open. Click on File and choose ->Add/Remove snap-in- Then click on Add and you get a list of snap-in. Select "Group Policy Object Editor" and click Add then click finish, close and last click OK Under Console Root, expand the Local Computer Policy Then expand the User Configuration container. Click on Administrative Templates then click on System. In the right pane find "Prevent access to registry editing tools" double click on it and dot Disabled. Click OK Locate the Ctrl+Alt+Del Options folder. Click on it. In the right pane, find "Remove Task Manager" double click on it and DOT disabled. Click OK Close the Console window and reboot. After reboot, remove the following files: c:\WINDOWS\homepage.html c:\WINDOWS\index.html c:\WINDOWS\promo1.html c:\WINDOWS\promo2.html c:\WINDOWS\promo3.html c:\WINDOWS\promo4.html c:\WINDOWS\promo5.html c:\WINDOWS\promo6.html c:\WINDOWS\promogif1.gif c:\WINDOWS\promogif2.gif c:\WINDOWS\promogif3.gif c:\WINDOWS\system32\adult.txt c:\WINDOWS\system32\finance.txt c:\WINDOWS\system32\lt.res c:\WINDOWS\system32\other.txt c:\WINDOWS\system32\pharma.txt c:\WINDOWS\system32\sft.res c:\WINDOWS\system32\sn.txt

Back to the list of products removed by X-Cleaner

© Copyright 2003-2011, Actiance, Inc. All rights reserved. Privacy Policy