Saturday, October 25, 2008

Zlob.Fam.ToolBar888 Trojan

Removing Zlob.Fam.ToolBar888
Categories: Trojan,Popups
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
The pop-ups generally will not be stopped by pop-up stoppers, and often are
not dependent on your having Internet Explorer open.

Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\FICHEI~1\{3048F~1\Bar888.dll
[%PROGRAM_FILES%]\FICHEI~1\{39CCC~1\Bar888.dll
[%PROGRAM_FILES%]\FICHIE~1\{3C8B2~1\Bar888.dll
[%PROGRAM_FILES%]\ToolBar888\Activate.exe
[%PROGRAM_FILES%]\ToolBar888\MyToolBar.dll
[%PROGRAM_FILES%]\ToolBar888\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{30170~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{303CA~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{304BB~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{30500~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{305D6~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{307FB~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{309E5~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{30CB1~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{30DC0~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{344CA~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{346AC~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{34A223A7-08DA-1033-0626-020409020001}\888.dll
[%PROGRAM_FILES_COMMON%]\{34AD5~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{34BDA~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{34E8F~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{38091~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{38A54~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{38B4C~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{38C1D~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3B9F4~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3C2D2~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3C8EB~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3CDAA~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3F1B0~2\Bar888.dll
[%PROGRAM_FILES%]\FICHEI~1\{3048F~1\Bar888.dll
[%PROGRAM_FILES%]\FICHEI~1\{39CCC~1\Bar888.dll
[%PROGRAM_FILES%]\FICHIE~1\{3C8B2~1\Bar888.dll
[%PROGRAM_FILES%]\ToolBar888\Activate.exe
[%PROGRAM_FILES%]\ToolBar888\MyToolBar.dll
[%PROGRAM_FILES%]\ToolBar888\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{30170~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{303CA~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{304BB~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{30500~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{305D6~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{307FB~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{309E5~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{30CB1~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{30DC0~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{344CA~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{346AC~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{34A223A7-08DA-1033-0626-020409020001}\888.dll
[%PROGRAM_FILES_COMMON%]\{34AD5~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{34BDA~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{34E8F~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{38091~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{38A54~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{38B4C~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{38C1D~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3B9F4~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3C2D2~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3C8EB~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3CDAA~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3F1B0~2\Bar888.dll

How to detect Zlob.Fam.ToolBar888:

Files:
[%PROGRAM_FILES%]\FICHEI~1\{3048F~1\Bar888.dll
[%PROGRAM_FILES%]\FICHEI~1\{39CCC~1\Bar888.dll
[%PROGRAM_FILES%]\FICHIE~1\{3C8B2~1\Bar888.dll
[%PROGRAM_FILES%]\ToolBar888\Activate.exe
[%PROGRAM_FILES%]\ToolBar888\MyToolBar.dll
[%PROGRAM_FILES%]\ToolBar888\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{30170~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{303CA~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{304BB~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{30500~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{305D6~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{307FB~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{309E5~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{30CB1~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{30DC0~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{344CA~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{346AC~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{34A223A7-08DA-1033-0626-020409020001}\888.dll
[%PROGRAM_FILES_COMMON%]\{34AD5~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{34BDA~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{34E8F~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{38091~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{38A54~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{38B4C~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{38C1D~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3B9F4~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3C2D2~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3C8EB~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3CDAA~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3F1B0~2\Bar888.dll
[%PROGRAM_FILES%]\FICHEI~1\{3048F~1\Bar888.dll
[%PROGRAM_FILES%]\FICHEI~1\{39CCC~1\Bar888.dll
[%PROGRAM_FILES%]\FICHIE~1\{3C8B2~1\Bar888.dll
[%PROGRAM_FILES%]\ToolBar888\Activate.exe
[%PROGRAM_FILES%]\ToolBar888\MyToolBar.dll
[%PROGRAM_FILES%]\ToolBar888\Uninst.exe
[%PROGRAM_FILES_COMMON%]\{30170~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{303CA~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{304BB~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{30500~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{305D6~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{307FB~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{309E5~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{30CB1~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{30DC0~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{344CA~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{346AC~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{34A223A7-08DA-1033-0626-020409020001}\888.dll
[%PROGRAM_FILES_COMMON%]\{34AD5~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{34BDA~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{34E8F~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{38091~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{38A54~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{38B4C~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{38C1D~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3B9F4~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3C2D2~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3C8EB~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3CDAA~1\Bar888.dll
[%PROGRAM_FILES_COMMON%]\{3F1B0~2\Bar888.dll

Folders:
[%PROGRAM_FILES%]\ToolBar888

Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}
HKEY_CLASSES_ROOT\CLSID\{C1B4DEC2-2623-438e-9CA2-C9043AB28508}
HKEY_CLASSES_ROOT\CLSID\{CBCC61FA-0221-4ccc-B409-CEE865CACA3A}
HKEY_CLASSES_ROOT\interface\{c6f2214e-0b54-45a9-b90d-7dd4ba45ed0b}
HKEY_CLASSES_ROOT\ToolBar.ToolBarObj
HKEY_CLASSES_ROOT\ToolBar.ToolBarObj.1
HKEY_CLASSES_ROOT\typelib\{569304ba-83ed-4cff-ac26-be3e482f7208}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bar888
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C004DEC2-2623-438E-9CA2-C9043AB28508}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1B4DEC2-2623-438e-9CA2-C9043AB28508}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CBCC61FA-0221-4ccc-B409-CEE865CACA3A}

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar

Removing Zlob.Fam.ToolBar888:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
TrojanDownloader.Win32.Envolo Downloader Symptoms
Insult.Media Backdoor Removal instruction
Shorty.Gopher Adware Cleaner
Bitch.Controller Trojan Removal
Remove Qoologic Trojan

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)