Categories: Trojan,Popups
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware is the class of programs that place advertisements on your screen.
These may be in the form of pop-ups, pop-unders, advertisements embedded in programs,
advertisements placed on top of ads in web sites, or any other way the authors can
think of showing you an ad.
The pop-ups generally will not be stopped by pop-up stoppers, and often are
not dependent on your having Internet Explorer open.
They may show up when you are playing a game, writing a document, listening to music,
or anything else. Should you be surfing, the advertisements will often be related to
the web page you are viewing.
Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\TrustIn Contextual\trustincontext.dll
[%WINDOWS%]\inetloader.dll
[%WINDOWS%]\se_spoof.dll
[%WINDOWS%]\ticads.exe
[%WINDOWS%]\tpopup.exe
[%WINDOWS%]\trustinbar.exe
[%WINDOWS%]\tse.exe
[%PROGRAM_FILES%]\TrustIn Contextual\trustincontext.dll
[%WINDOWS%]\inetloader.dll
[%WINDOWS%]\se_spoof.dll
[%WINDOWS%]\ticads.exe
[%WINDOWS%]\tpopup.exe
[%WINDOWS%]\trustinbar.exe
[%WINDOWS%]\tse.exe How to detect Zlob.Fam.TrustInBar:
Files:
[%PROGRAM_FILES%]\TrustIn Contextual\trustincontext.dll
[%WINDOWS%]\inetloader.dll
[%WINDOWS%]\se_spoof.dll
[%WINDOWS%]\ticads.exe
[%WINDOWS%]\tpopup.exe
[%WINDOWS%]\trustinbar.exe
[%WINDOWS%]\tse.exe
[%PROGRAM_FILES%]\TrustIn Contextual\trustincontext.dll
[%WINDOWS%]\inetloader.dll
[%WINDOWS%]\se_spoof.dll
[%WINDOWS%]\ticads.exe
[%WINDOWS%]\tpopup.exe
[%WINDOWS%]\trustinbar.exe
[%WINDOWS%]\tse.exe
Folders:
[%PROGRAM_FILES%]\TrustIn Contextual
Registry Keys:
HKEY_CLASSES_ROOT\changerbho.changerbho
HKEY_CLASSES_ROOT\ChangerBHO.ChangerBHO.1
HKEY_CLASSES_ROOT\CLSID\{0D4C7057-EAD2-44C6-AD18-9092905F28F1}
HKEY_CLASSES_ROOT\CLSID\{0EDC6C20-A31C-11DB-8AB9-0800200C9A66}
HKEY_CLASSES_ROOT\CLSID\{3AAC4C68-AFC8-11DB-80EF-8AF955D89593}
HKEY_CLASSES_ROOT\CLSID\{590FFB84-6A29-4797-9C0E-B15DF2C4CDCB}
HKEY_CLASSES_ROOT\CLSID\{631F7200-642E-11DB-BD13-0800200C9A66}
HKEY_CLASSES_ROOT\CLSID\{a19ef336-01d4-48e6-926a-fe7e1c747aed}
HKEY_CLASSES_ROOT\CLSID\{F67EEB12-AB09-11DB-A6F1-260856D89593}
HKEY_CLASSES_ROOT\CLSID\{FE6C16C4-16AD-47B6-B250-26AD1829E49A}
HKEY_CLASSES_ROOT\InetLoader.WeeklyExecuter
HKEY_CLASSES_ROOT\InetLoader.WeeklyExecuter.1
HKEY_CLASSES_ROOT\Interface\{60D3A642-0B03-46AD-B8B0-8D45989A0055}
HKEY_CLASSES_ROOT\Interface\{636FF82A-830A-42EA-938B-6DC78B2AC30C}
HKEY_CLASSES_ROOT\Interface\{81CDDAE8-3B92-4F0D-86C1-8DD5DB6A8471}
HKEY_CLASSES_ROOT\Interface\{8C88AAE2-A341-4DE8-B064-062194307E5F}
HKEY_CLASSES_ROOT\Interface\{A55C3BA7-DB1E-4652-867E-055CEAFE8018}
HKEY_CLASSES_ROOT\Interface\{C28EB22A-6966-4E4B-8592-E84C28D38402}
HKEY_CLASSES_ROOT\Se_spoof.SpoofBHO
HKEY_CLASSES_ROOT\Se_spoof.SpoofBHO.1
HKEY_CLASSES_ROOT\TrustInContext.ContextualAds
HKEY_CLASSES_ROOT\TrustInContext.ContextualAds.1
HKEY_CLASSES_ROOT\TypeLib\{42FC3840-020C-4E93-A34C-4DF1A6330FBB}
HKEY_CLASSES_ROOT\TypeLib\{506146FD-9499-49A8-AEDE-692C173B2AA4}
HKEY_CLASSES_ROOT\TypeLib\{B1C54189-72F0-4353-987B-18FA221BEF09}
HKEY_CLASSES_ROOT\TypeLib\{EFA1EC0F-8359-41B7-A178-7DD6805A0C79}
HKEY_CLASSES_ROOT\TypeLib\{FEBB9141-2FF9-4FC8-BA91-1CE79DDE25CF}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{590FFB84-6A29-4797-9C0E-B15DF2C4CDCB}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A19EF336-01D4-48E6-926A-FE7E1C747AED}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE6C16C4-16AD-47B6-B250-26AD1829E49A}
HKEY_CURRENT_USER\Software\TrustIn
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChangerBHO.ChangerBHO
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChangerBHO.ChangerBHO.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\InetLoader.WeeklyExecuter
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\InetLoader.WeeklyExecuter.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{636FF82A-830A-42EA-938B-6DC78B2AC30C}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{81CDDAE8-3B92-4F0D-86C1-8DD5DB6A8471}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8C88AAE2-A341-4DE8-B064-062194307E5F}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A55C3BA7-DB1E-4652-867E-055CEAFE8018}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C28EB22A-6966-4E4B-8592-E84C28D38402}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Se_spoof.SpoofBHO
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Se_spoof.SpoofBHO.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TrustInContext.ContextualAds
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TrustInContext.ContextualAds.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{42FC3840-020C-4E93-A34C-4DF1A6330FBB}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{506146FD-9499-49A8-AEDE-692C173B2AA4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B1C54189-72F0-4353-987B-18FA221BEF09}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EFA1EC0F-8359-41B7-A178-7DD6805A0C79}
HKEY_LOCAL_MACHINE\Software\Microsoft\Code Store Database\Distribution Units\{590FFB84-6A29-4797-9C0E-B15DF2C4CDCB}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0D4C7057-EAD2-44C6-AD18-9092905F28F1}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EDC6C20-A31C-11DB-8AB9-0800200C9A66}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2520BA45-3D97-4864-82FF-F47F951727BA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{590FFB84-6A29-4797-9C0E-B15DF2C4CDCB}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{631F7200-642E-11DB-BD13-0800200C9A66}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F67EEB12-AB09-11DB-A6F1-260856D89593}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE6C16C4-16AD-47B6-B250-26AD1829E49A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Contextual Ads
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Trust Cleaner Promo
HKEY_LOCAL_MACHINE\SOFTWARE\TrustIn Bar
HKEY_LOCAL_MACHINE\SOFTWARE\TrustIn Popups
Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
Removing Zlob.Fam.TrustInBar:
You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.
Or buy it to remove ALL viruses from your computer.Also Be Aware of the Following Threats:
Vxidl.BGF Trojan Symptoms
Spaeher Trojan Cleaner
DepthCharge Backdoor Symptoms
WhenU.WeatherCast Adware Cleaner
No comments:
Post a Comment