Trojan.Stylz
If you receive a Facebook messages or post about “Dad catches daughters on webcam (OMGGGG),” do not click on it. It will redirect your Internet browser to a harmful web site.
Trojan.Stylz is a computer infection that usually spread via FaceBook messages and posts. The Trojan will be able to log victims HTTP connection to a remote server and displays excessive advertisements. It aims to redirect users Internet browser to a malicious web sites that will provide fake video codec in order for visitors to view online video.
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Windows Vista
Characteristics
If Trojan.Stylz is executed, it will create a “ProfileStylez” under Program Files folder. Next, the Trojan will record HTTP connections to a remote computer. Then, it will receive JavaScript file intended to display advertisement while victim is browsing the web. If Trojan.Stylz sense that user is logon to Facebook, it will post malicious links that points to a location of the harmful code. However, the account owner does not know this action.
Distribution
Trojan.Stylz spreads via Facebook messages and posts. It was found out that the message bears an intriguing title such as “Dad catches daughters on webcam (OMGGGG).” If Facebook user happens to click this post, it will redirect the current page to a fake video web site. Before visitors can play the video, the web site will display an error and state that a plug-in is needed. If you proceed, it will download and install the Trojan on computer and execute the same tasks to infect other Facebook users.
Here is the screenshot image of the fake video web site.
How to Remove Trojan.Stylz
1. Temporarily Disable System Restore (Windows Me/XP). [how to]
2. To identify even the most recent variant of Trojan.Stylz, open your antivirus application and update the virus definitions.
3. Start Windows in Safe Mode with Networking.
- From a power-off state, turn on the computer and press F8 repeatedly.
- Your computer will display Windows Advanced Boot Options menu. Select Safe Mode with Networking.
- System will boot Windows loading only necessary drivers and system files.
4. Open your antivirus program and run a full system scan. After the scan, delete all infected items. If unable to delete, better place them in quarantine. Once the scan is complete please proceed with the next step.
Scan with McAfee Stinger:
Stinger is a portable security tool that can detect and remove particular viruses. It utilizes a highly developed scan engine technology that includes process scanning and scan function optimization.
5. Go to McAfee Labs Stinger web page and download the tool. Save it to your desktop.
6. Once the download completes, double click on the file to run the program.
7. The Stinger main program will open.
8. Default directory to scan is the system drive (C:\). You may add additional drives to scan by clicking on Add button.
9. Click on Scan Now button to begin scanning assigned drives.
10. Stinger will now scan and repair/delete all infected files.
11. When done, you may now close McAfee Stinger and restart Windows in normal mode.
Alternative Removal Method for Trojan.Stylz
Option 1 : Use Windows System Restore to return Windows to previous state
If Trojan.Stylz enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before Trojan.Stylz infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.
Option 2 : Trojan.Stylz manual uninstall guide
IMPORTANT! Manual removal of Trojan.Stylz requires technical skills. Deleting system files and registry entries by mistake may result to total disability of Windows system. We advise you to perform a backup of registry before proceeding with this guide.
1. Kill any running process that belongs to Trojan.Stylz.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for Trojan.Stylz files (refer to Technical Reference) and click End Process.
2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit and press Enter. This will open registry editor.
- Find and delete registry entries as mentioned in Technical Reference section below.
- Close registry editor. Changes made will be save automatically.
3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.
4. Delete all files dropped by Trojan.Stylz.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Technical Reference'. Make sure that you execute 'End Task' first before deleting the file. Otherwise, the system will not let you perform this action.