MyCentria will create various files and registry entries on infected computers. The purpose of this is to create browser add ons for Firefox and Internet Explorer.

The add on created for Firefox is called the Adcentria Infobar. For Internet Explorer users, it will be called MyCentria Internet Mate v2.0.

These addons can monitor search queries at various urls. It can also replace search results with other forms of advertising.

Scan and Remove MyCentria Adware

OneStep installs itself as a browser search plugin. Once the adware is installed it will create various registry keys and files. It will also create a “OneStep” folder in your program files directory. 

OneStep will redirect your browser to onestepsearch.net, as well as launching unwanted advertisements and popups etc.

Always be cautious when installing any browser related plugins.

Scan and Remove OneStep Adware

The worm will create a randomly named .dll file on infected computers. It will also remove Windows system restore points. The worm will then create a service called netsvcs and a new registry key.

The worm will also attempt to connect to remote servers and download files. The worm then continues to spread to other computers via the RPC vulnerability.

Scan and Remove Conficker.A

The process starts by prompting the user to run a scan for for malware and spyware. If the user performs the scan, it then displays a (fake) large list of infected files. The scan then attempts to get the user to purchase the software to remove the infected files.

To avoid adware such as this, all users are only recommended to scan their PC with quality software. If you do run an online scan, make sure it is from a trusted source. Keeping your anti-virus and spyware software up-to-date will also help.

Remove spyware and malware – Free download

If you are infected, the worm will create the following files:

C:\lo.tmp
%SYSTEM%\wuauclt.exe
%SYSTEM%\dllcache\wuauclt.exe
%SYSTEM%\wsotdet.dll
%SYSTEM%\wssndet.dll

It will also drop autorun files on drives that it infects.

The worm also edits the Windows Registry so that it will startup every time Windows starts. The registry key affected by this worm is:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\”explorer” = “%System%\wuauclt.exe”

The worm will also attempt to stop various security software and delete their processes. So infected you may become very vulnerable.

Run a scan now:

Scan and remove W32.Rispif.A

If a user attempts to open this trojan, Windows Media Player will open, but it will then prompt for a download of something like “Play_MP3.exe”.

As with any media file, be careful when opening. If the file is not opened and directly played in your media player program, then there could be a problem. If ever prompted to download a .exe when opening a media file, proceed with extreme caution.

Scan and remove Trojan.Downloader.Wimad.A

Trojans are a type of malware that appear to be legitimate, but instead perform some other type of malicious functions. That is how they came to be known as trojans, from the Trojan Horse story.

Trojans can be hidden in a variety of files, but commonly they will pose as screensaver files (.scr) or .exe files. So you must always be very careful when downloading and opening these files from untrusted sources.

Removing Trojans

Removing trojans manually can be quite a difficult task, especially if you are not sure which is the offending file or program. So in some cases it could take many hours to remove the trojans manually. Fortunately there are many great trojan scan and trojan removal tools currently on the market. We recommend that you run a scan at least once every 7-10 days, because you never know what might be running on your PC.

Try the free trojan scan here: Remove Trojans – Free Online Trojan Scan

Common Trojan Payloads

• Remote access
• Data destruction
• Downloader
• Server trojan
• Security software disabling
• Denial of service attack (DoS attack)

The type of damage caused by trojans can be quite extensive and just a few examples include: Erasing data, shutting down computer, rebooting, remote access, stealing data, installing other programs, taking screenshots, keylogging and much more.

Be careful and always run a trojan scan (anti-spyware/anti-virus).

——————————
Free Download – Remove Trojans , Malware and Spyware

This form of adware is disguised as a codec for viewing media files, or for listening to audio files. As mentioned in an earlier post, beware of any media file that requires any type of download in order to play. Adware.PlayMP3z.B will prompt the user with a popup that says “Play Free MP3s”. The popup also has some checkboxes and a license agreement, with an “I Agree” button.

If this adware is installed onto a PC, it will collect private information as well as displaying annoying ads randomly.

Run our free scan to protect your PC now

The hijacked PCs were used to attack other computers and install programs that plagued users with pop-up adverts. He was caught following an investigation by the Metropolitan Police’s Computer Crime Unit (CCU).

As the investigation widened into his activities – he was said to have used the online name ‘LSDigital’ – the US Secret Service became involved, as did security vendor Sophos, which rushed to claim some of the credit for the latest case. Other US-based suspects are still being investigated.

Bentley pleaded guilty to conspiring to commit, and committing computer fraud. He will pay £32,000 restitution costs and serve 41 months in jail followed by three years’ supervised release, the Florida court ordered.

——
Make sure your PC is free from dangerous Adware and Spyware. Click here for a free scan

But new statistics released by Microsoft would indicate that not all users are clamoring to uninstall adware programs, even if they’re flagged as somewhat suspicious by security software. Microsoft’s latest security data is particularly interesting because of the sheer number of machines that the company can electronically survey with one of its free security programs, the Malicious Software Removal Tool (MSRT).

Of the 129.5 million potentially unwanted programs detected by the MSRT, only 71.7 million were removed by users. Judging from this Information Week report, it’s not clear if the users actually “like” having spyware like WinFixer (3.4 million instances) on their systems, or if they’re just not tech savvy (or bright) enough to know it should be removed.