Cadzow Knowledgebase

Contact Us

Site Search

Remote Support

Print Friendly

Web Browser Opens

Your web browser opens (or other similar sites), with an offer to download an anti-virus program.

The anti-virus software offered is fake and malicious. Do not download it, or provide credit card information.

This redirection is caused by a rootkit infection which is very difficult to remove with traditional anti-virus software because it exists in the boot sector and is hidden from the system. Use Kaspersky's TDSSKiller.exe (direct link) to clean. (See also

This infection generally arises from other fake antivirus applications, so even after removing the rootkit there may be other malware on the system. Run a full virus scan after rootkit removal.

Also, some malware that is related to this infection is Cleansweep. This is hidden at C:\Cleanswepx.exe\cleanswepx.exe (note the folder name with the extension of .exe). This can be easily removed by mounting the volume offline, such as with the Repair option on the Vista/7 media.

See also:

Copyright © 1996-2021 Cadzow TECH Pty. Ltd. All rights reserved.
Information and prices contained in this website may change without notice. Terms of use.

Question/comment about this page? Please email