Spyware Removal News

• Home
• Categories
  • News
  • Malware
  • Spyware & Adware
  • Viruses & Trojans
  • Phishing & Spam
  • Privacy & Anonymity
  • Other Malware
  • Hacking
  • General Security
  • Malware Alerts
  • Vulnerability Alerts
  • MS Security Advisories
Downloads Links Contact Us

• Spyware Removal Links
  • How to Remove the Ist Bar Trojan.ISTsvc (Ist Bar Removal)
  • How to remove Winfixer (Winfixer Removal)
  • How to remove About:Blank Homepage Hijacker (About:Blank removal)
  • How to remove Satiloler.e (Satiloler.e Removal)
  • How to remove Hesive.b ( Hesive.b Removal )
  • How to remove Feebs (Feebs removal)
  • How to remove KillSec (KillSec Removal)
  • How to remove SpywareStrike (SpywareStrike Removal)
  • How to remove Snow (Snow Removal)

Welcome to Spyware Removal News

Trojan.Trafbrush

My colleague, Takashi Katsuki, posted a blog that describes how Trojan.Farfli provides a service to affiliates, which allows them to increase the number of hits for an affiliate’s tracker. Recently I came across another Trojan, which provides such a service: Trojan.Trafbrush. When Trojan.Trafbrush is executed, it drops several components and registers a browser helper object (BHO).

It then downloads two configuration files from 1.mailhunt.cn. One of the files is config.ini, which contains display options of a Web browser and URLs. Most of the URLs are related to search engines with affiliate IDs in them. The other file, list.dic, is a dictionary file of search keywords. The BHO periodically opens the URLs or performs searches using a keyword that is randomly picked from list.dic. Thus, the compromised computer aids the affiliate to increase the number of hits of their tracker. The Trojan also accesses another site, luckycn.cn, in order to check for updates to itself. Symantec Security Response Weblog: Trojan.Trafbrush: Providing Click Fraud Services to Affiliates

20% off PC Tools Spyware Doctor
20% off PC Tools Spyware Doctor Offer Expires 06/30/08

Coupon Code: pctools20

Home

More Spyware Removal News

• How to remove Total Protect 2009 (Total Protect 2009 removal)
  



• How to remove eXPress Antivirus 2009 (eXPress Antivirus 2009 removal)
  



• How to remove iSafe AntiVirus (iSafe AntiVirus removal)
  



• How to remove Astrum Antivirus Pro (Astrum Antivirus Pro removal)
  



• How to remove System Security (System Security removal)
  



• How to remove MS Antispyware 2009 (MS Antispyware 2009 removal)
  



• How to remove Antivirus 360 (Antivirus 360 removal)
  



• How to remove SystemBooster2009 (SystemBooster2009 removal)
  



• How to remove XP Protection Center (XP Protection Center removal)
  



• How to remove SpywareRemover 2009 (SpywareRemover 2009 removal)
  



• How to remove AntivirusTrigger (AntivirusTrigger removal)
  



• How to remove AntiSpywareGuard (AntiSpywareGuard removal)
  



• How to remove Extra Antivir (Extra Antivir removal)
  



• How to remove Winweb Security (Winweb Security removal)
  



• How to remove Secure Expert Cleaner (Secure Expert Cleaner removal)
  



• How to remove Nano Antivirus (Nano Antivirus removal)
  



• How to remove Perfect Defender 2009 (Perfect Defender 2009 removal)
  



• How to remove Privacy Commander (Privacy Commander removal)
  



• Malicious Holiday Coupons and Promotions
  



• Christmas Lures Being Distributed Via Spam
  

• Computer Forensics
• USB Duplicator

• Spyware Removal Links
  • How to remove AlfaCleaner (AlfaCleaner Removal)
  • How to Remove BlazeFind (BlazeFind Removal)
  • How to Remove SurfSideKick (SurfSideKick Removal)
  • How to remove SpyFalcon (SpyFalcon Removal)
  • How to remove SpyAxe (SpyAxe Removal)
  • How to remove PestTrap (PestTrap removal)
  • How to use smitRem, a smitRem tutorial
  • How to remove Winfixer (Winfixer Removal)
  • How to remove the Aurora, Nail.exe, Epolvy Hijackers (Nail, Aurora Removal)
  • How to remove SpySheriff (SpySheriff removal)
  • How to remove Winhound (Winhound Removal)
  • CmdService
  • Trojan.Abwiz.F
  • How to remove Twaintec.dll (Twaintec.dll Removal)
  • How to Remove SpywareQuake (SpywareQuake removal)