Monthly Archive: May 2013

movie2k down

Movie2k down – Movie2k seized by court-ordered warrant May 2013

Movie1k is down, seized by court order pushed by the Motion Pictures Association of America (MPAA). Courts have blocked access to the 201st most popular website in the world Movie2k and Download4all websites, you may be redirected to Google’s home page or a blank page with a notification. Movie2k websites such as,,, etc. are reported to be blocked on May 30, 2013 to help protect against copyright infringement. In released statement:

WebCake virus

How to remove the WebCake virus – WebCake malware removal instructions

The WebCake virus (Web Cake) is a broad term used to identify WebCake malware such as as adware, browser hijackers, and spyware including WebCake Deals, WebCake Ads, WebCake Related Searches, WebCake Toolbar, and more. The WebCake virus is responsible for a variety of symptoms including pop-up advertisements, in-text advertisements, coupon-deal advertisements, and unwanted browser redirections and startups to suspicious search engines such as Conduit.

Searchalgo virus removal

How to remove the Searchalgo virus – redirect removal instructions

The Searchalgo virus, also known as the Algo virus or Search Algorithm virus (Searchalgorithm redirection virus) are terms for malware categorized as a browser hijacker that changes internet browser settings of popular internet browsers such as Google Chrome, Mozilla Firefox, and Microsoft Internet Explorer without permission. The Searchalgo virus changes the home pages and default search engines of such browsers, in turn causing infected internet browsers to start up on and redirect to, as well as third-party websites that are fraudulently self-promoted as legitimate seach engines.

SpecialSavings virus removal

How to remove the SpecialSavings virus – SpecialSavings adware removal instructions

The SpecialSavings virus or virus are terms for a combination of malware categorized as adware and browser hijacker, preferably titled Special Savings adware that causes unwanted advertisements to appear in the form of pop-up ads, coupons and deal ads, in-text advertisements, and general advertisements that pop up when hovering over images, as well as high paying pop-under advertisements. Victims of SpecialSavings malware essentially notice SpecialSavings advertisements when browsing retail-eCommerce type websites such as or Kayak, though SpecialSavings ads may appear anytime the computer has intenret connectivity. The SpecialSavings pop-up appears once the internet user hovers over a product as displayed in the image below. Furthermore, SpecialSavings associates with third-party malware that may cause unwanted redirections to malicious web pages and search engines.

search Flipora redirect malware

How to remove the Flipora virus – redirect removal (

The Flipora virus, also referred to as the Flipora Facebook scam and Flipora hijacker are commonly used terms for a combination of malware categorized as a spyware and browser hijacker, that “hijacks” Facebook accounts (or entraps Facebook users who use the Flipora App), collects personal information (web history, submitted data) as well as changes internet browser settings, including the home page, default search engine, and more, often causing unwanted startups and redirections to Flipora websites and related domain names such as,, that acts as a border for syndicated content, and search engines including and third-party engine Certified Toolbar.

Trojan horse removal

How to remove the ZeroAccess virus – ZeroAccess Trojan (Removal Guide)

The ZeroAccess virus is a broad term for a dangerous Trojan horse that has been in circulation for several years. Since the ZeroAccess Trojan has been active there has been a lot of revisions and repackages focused on modifications to the functionality, the strategy of infection, and mechanism orchestrated when infiltrating a computer system. However, the primary objective of the ZeroAccess virus has essentially remained persistent, as the ZeroAccess Trojan is used to access and take control of the computer by adding it to the massive ZeroAccess botnet in order to monetize the new acquisition by downloading additional malware to the infected computer system.

BrotherSoft Toolbar virus removal

How to remove BrotherSoft Toolbar virus – redirect removal instructions

The BrotherSoft Toolbar virus or also referred to as the BrotherSoft virus or BrotherSoft redirect are terms for a malicious browser attachment (BHO, add-on, extension), categorized as malware, in particular a browser hijacker that changes browser settings including the home page, default search engine, browser shortcut, and other settings of popular internet browsers, as well as causes further privacy issues for computer and internet users. BrotherSoft Toolbar malware changes internet settings in order to causes unwanted redirections to (freeware, mobile, games, etc. engine) and other domain names and search engines related to the download site, which alike CNET’s, distrubutes privacy invading malware and software that may entrap computer users in order to generate affiliated revenue via bundled items. Redirects to often occur when using the browser’s address bar to search the web or while voluntarily submitting to the BrotherSoft Toolbar and third-party browser attachments.

remove Google redirection virus

How to remove the Google redirect virus

The Google redirect virus is a very broad term to describe 1. unwarranted redirects to the Google search engine, 2. general browser redirections, often caused by malware categorized as a browser hijacker (may occur when attemping to visit or use the browser’s address bar) and/or 3. browser redirects that occur when using the Google Chrome internet browser, but please note that the Google redirect virus is a problem for many computer users who may use any internet browser (Firefox, Internet Explorer, Safari, Opera). The Google redirect virus may direct internet users to search engine results pages that may not relate to the user’s search query, as well as dangerous websites that host malware and unethical websites, such as websites that designed to “trick” or ultimately entrap unsuspecting victims to destructive terms. The Google redirect virus may also refer to common browser hijackers and DNS changers that alter system and internet browser settings with or without consent, including the home pages, default, managed, and provided search engines, as well as browser shortcuts and Windows hosts files.

Trojan horse removal

How to remove Win32.downloader.gen Trojan horse – Win32.downloader.gen removal instructions

The Win32.downloader.gen trojan is a generic trojan or generic description from Antivirus companies such as Microsoft, Avira, and ESET of unknown Trojans which are detected by their Antivirus heuristic engine. In other words, Win32.downloader.gen is either a generic trojan or unidentified trojan horse. You may have noticed a quarantined file that says “win32.downloader.gen” after a scan or as a notification from your software. If so, it is recommended to quarantine the infection (by selecting “Move to quarantine“), and following the below removal guide further below to ensure deletion.

Coupon viruses

How to remove Coupon viruses – Coupon adware removal instructions (Coupon advertisements)

Coupon virus (in plural Coupon viruses), is a term we introduced used to describe malware or potentially unwanted programs categorized as adware that primarily serve coupon, deal, offer, and reward-based advertisements. Coupon viruses may display in-text advertisements, pop-up advertisements, “drop down tab” type advertisements, and/or scrolling-menu type advertisements on a variety of websites, especially eCommerce and retail websites such as Amazon and Sears or “deal” based websites such as, as well as advertisements that appear on and offline. Coupon virus advertisements often claim to contain “discounted offers,” coupons, and deals for products relative to what the internet user is currently searching for or viewing on the internet. When viewing a specific item online an advertisement may appear claiming to have a better deal or a coupon code for said item. Sometimes these advertisements display similar items, for example if hovering your mouse over the Microsoft surface tablet, coupon advertisements pop out that may display similar tablets such as ipads, as well as competing prices for the original item.

remove Computer Crime and Intellectual Property

How to remove the Computer Crime and Intellectual Property Section virus – Computer Crime and Intellectual Property Section ransomware

The Computer Crime and Intellectual Property Section virus, also referred to as the Computer Crime and/or simply the Intellectual Property virus is a very dangerous form of malware called ransomware, that locks computers, or in this case “blocks your PC” with a full screen page or window claiming to be from the Department of Justice and/or FBI, or other governing organization. The Computer Crime and Intellectual Property Section page contains fraudulent details that claim the computer user violated the law (copyright, illegal pornography, Illegal access) and must pay a fine using MoneyPak cards and other payment services to unlock the computer again. The usual fine for the Computer Crime and Intellectual Property Section is set to $300 but fines relating to FBI viruses often fluctuate from $100 to $500. Please note, this is a dangerous computer virus that is in no way associated with any government department and paying the “Computer Crime” fine or using a number to activate the Computer Crime and Intellectual Property Section virus will only cause further issues.

You shall not pass virus removal

How to remove the “YOU SHALL NOT PASS” virus – You Shall Not Pass removal instructions

The YOU SHALL NOT PASS virus, also referred to as the What is You lookin here? virus is malware categorized as a browser hijacker that utilizes trojan horses, because the You Shall Not Pass virus changes internet browser settings and system files, including home pages and default search engines, as well as Windows hosts files, overall causing internet browsers to redirect to unwanted websites when attempting to visit popular websites such as Facebook, PayPal, and even Botcrawl, as well a page that displays a picture of a wizard (Gandalf) hold a sword that says “You Shall Not Pass.” The You Shall Not Pass virus and associated third-parties may also display unwanted advertisements.