Home Guides Tapsnake, CronDNS, Dubfishicv virus removal from Windows 7/8/10

Tapsnake, CronDNS, Dubfishicv virus removal from Windows 7/8/10

3 min read
The only takeaway from browser alerts reporting Tapsnake, CronDNS, and Dubfishicv viruses is that the computer has redirect malware pushing PCKeeper scareware.
  1. What is the Tapsnake, CronDNS, Dubfishicv redirect virus?
  2. Automated removal of Tapsnake, CronDNS, Dubfishicv popup virus
  3. Restore web browser settings to their original defaults

What is the “Tapsnake, CronDNS, Dubfishicv” redirect virus?

The fact that cybercriminals exploit security vulnerabilities in popular software to spread malicious code is by all means disconcerting, but it turns out that the vast majority of malware is doing the rounds in a much simpler way. One of today’s dominating infection vectors relies on hoodwinking people to download harmful programs rather than employing entirely surreptitious hacking techniques. A demonstrative example is the campaign that involves browser redirects to a misleading site raising a red flag on the Tapsnake, CronDNS, Dubfishicv viruses. In this scenario, the victim is being brainwashed into thinking their Windows computer has serious security problems. This way, the operators of this malvertising stratagem are promoting a rogue application called PCKeeper, also referred to as PC Keeper.

Misleading web page reporting Tapsnake, CronDNS, Dubfishicv viruses to promote PCKeeper scareware
Misleading web page reporting Tapsnake, CronDNS, Dubfishicv viruses to promote PCKeeper scareware

The attack in question is a complex mix of several different steps and mechanisms. It starts with a browser hijack isolated to the victim’s web surfing activity. The cause of this interference is a malicious plugin that tailgates into the system via a bundle of different applications. The catch in this case is that the user is sure they are installing some great freeware, which is true but only to a certain extent. The installation client obfuscates extra components under the hood of the benign program so that the person is unaware of the danger as long as they stick with the express setup option. Once the perpetrating plugin is inside, it tweaks the configuration of the default web browser so that the plagued user visits a rogue website repeatedly. The URL of the dodgy page varies, but it’s often something like microsoft.scanner.com———–control.online, followed by a tail of campaign IDs. The unwelcome site says:

Your computer is heavily damaged! (33.2%)
Please download PC Keeper application to remove (3) viruses from your PC.

Virus Name: Tapsnake; CronDNS; Dubfishicv
Risk: HIGH
Infected Files: /windows/apps/hidden/system32/X/snake.exe;
/windows/local/conf/keyboard/retype.exe; /windows/remote/conf/services/defrag.exe

The scary names of the listed viruses supposedly affecting the PC are nothing but an element of pressure and manipulation aimed at fooling the confused user into repairing the “heavily damaged” system. That’s the pivot point of the attack, where the affiliated rogue utility comes into play.

PCKeeper, the infamous rogue system utility targeting Windows PCs
PCKeeper, the infamous rogue system utility targeting Windows PCs

Once the victim clicks the “Download and Repair” button on the deceptive page, they are prompted to install a tool marketed as if it were the best thing since sliced bread. It’s the above-mentioned PCKeeper rogue app that will get on board this way. The culprit has a well-designed interface, which is a red herring that might encourage some people to proceed. It will instantly begin scanning the host computer for security and performance bugs, returning a report with a slew of issues in it. Then, the user realizes that, alas, the fix won’t take place unless they activate their license key to unleash the entire repair functionality. Hopefully, most victims won’t go that far and will refrain from paying headlong for these cleanup services. First of all, the items listed in PC Keeper’s scan results are most likely as imaginary as the Tapsnake, CronDNS, and Dubfishicv threats. Secondly, registering the program’s full version to get rid of something bad that probably doesn’t even exist is a waste of money.

The problem is, the scareware will be bombarding the victim’s experience with follow-up activation reminder alerts and may deliberately cause the computer to slow down to a crawl to make the purportedly unsatisfactory system health status look true-to-life. Whilst this may seem like a loop of adverse effects reoccurring over and over, the way out isn’t as tough as some users think. Here’s a comprehensive walkthrough to stop the irritating browser redirects and popups in their tracks and get rid of PC Keeper if it’s already inside.

Automated removal of Tapsnake, CronDNS, Dubfishicv popup virus

Owing to an up-to-date database of malware signatures and intelligent behavioral detection, the recommended software can quickly locate the infection, eradicate it and remediate all harmful changes. So go ahead and do the following:

1. Download and install the antimalware tool. Open the solution and have it check your PC for PUPs and other types of malicious software by clicking the Start Computer Scan button

Download Tapsnake, CronDNS, Dubfishicv popup remover

2. Rest assured the scan report will list all items that may harm your operating system. Select the detected entries and click Fix Threats to get the troubleshooting completed.

Use Windows Control Panel to get rid of the PCKeeper virus

• Open up the Control Panel from your Start menu in Windows XP/Vista/7/8/8.1/10 and select Uninstall a program
Access program uninstall screen on Windows
• To facilitate the process of locating the threat, sort the programs list by date to get the latest ones displayed at the very top. Find PCKeeper (PC Keeper) or another unfamiliar, suspicious entry under the Name column, click Uninstall and follow further directions to get the removal doneUninstall unwanted program

Restore web browser settings to their original defaults

In the circumstances of a complex browser hijack like this, executing a reset makes the most sense despite a few obvious downsides. Customizations such as saved passwords, bookmarked pages etc. will be gone, but so will all the changes made by the potentially unwanted program. The instructions below address the workflow for the web browsers most targeted by Tapsnake, CronDNS, Dubfishicv redirect virus.

Reset Google Chrome

• Open Chrome, expand the Customize and control Google Chrome menu and choose Settings
Go to Settings in Chrome
• Scroll down the settings screen and click Advanced down at the bottom
Advanced settings in Chrome
• Move on to the Reset and clean up sub-section and select the option that says Restore settings to their original defaults
Restore Chrome settings to their original default
• Finally, confirm the restoration by clicking Reset settings on the warning message
Reset Chrome settings
• Restart Chrome.

Reset Mozilla Firefox

• Open Firefox, type about:support in the URL area and press Enter. Alternatively, you can click on the Open menu icon in the top right-hand part of the browser window, then select the Help option and proceed to Troubleshooting Information
Access Troubleshooting Information page in Firefox
• On the Troubleshooting Information screen, spot the Refresh Firefox button and click on it
Refresh Firefox button
• Follow subsequent directions to reset Firefox to its original settings
Complete refreshing Firefox
• Restart the browser.

Reset Internet Explorer

• Select Internet options under IE’s Tools (Alt+X)
Open up Internet options in Internet Explorer
• Proceed by clicking on Advanced tab, then select Reset
Locate and click the Reset button in IE
• To confirm the intended changes, click Reset on the Reset Internet Explorer Settings screen after ascertaining that the Delete personal settings checkbox is enabled
IE reset confirmation
• Reboot the machine to fully implement the fix.

Revise your security status

Post-factum assessment of the accuracy component in malware removal scenarios is a great habit that prevents the comeback of harmful code or replication of its unattended fractions. Make sure you are good to go by running an additional safety checkup.

Download PCKeeper virus removal tool

Rate article

5/5 (1)

Leave a Reply

Your email address will not be published. Required fields are marked *