TopRebates Adware

TopRebates virus description
Technical details:
Categories: Adware
TopRebates Aliases:
[Kaspersky]TrojanClicker.Win32.Delf.z,TrojanDownloader.Win32.Agent.y,TrojanSpy.Win32.Spung.a;
[Panda]Adware/TopRebates,Trojan Horse

TopRebates Files:
[%PROFILE_TEMP%]\djtopr1150.exe
[%PROFILE_TEMP%]\temp.fr????\websrebates\Images\topr_c_hdr_autotrack_remove.gif
[%PROFILE_TEMP%]\temp.fr????\websrebates\Images\topr_c_hdr_settings.gif
[%PROFILE_TEMP%]\temp.fr????\websrebates\Images\topr_c_pop_circles_bg2.gif
[%PROGRAM_FILES%]\Rebate_Nation\Sy5300\Sy5300\5300_1.dat
[%SYSTEM%]\FWNToolbar.dll.manifest
[%WINDOWS%]\345a8.exe
[%WINDOWS%]\artmmp.ini
[%WINDOWS%]\neti.dll
[%SYSTEM%]\webrebates.exe
[%WINDOWS%]\cache371\b_371_0_1_501300.htm
[%WINDOWS%]\cache371\b_371_0_1_569200.htm
[%WINDOWS%]\cache371\b_371_0_1_582200.htm
[%PROFILE_TEMP%]\djtopr1150.exe
[%PROFILE_TEMP%]\temp.fr????\websrebates\Images\topr_c_hdr_autotrack_remove.gif
[%PROFILE_TEMP%]\temp.fr????\websrebates\Images\topr_c_hdr_settings.gif
[%PROFILE_TEMP%]\temp.fr????\websrebates\Images\topr_c_pop_circles_bg2.gif
[%PROGRAM_FILES%]\Rebate_Nation\Sy5300\Sy5300\5300_1.dat
[%SYSTEM%]\FWNToolbar.dll.manifest
[%WINDOWS%]\345a8.exe
[%WINDOWS%]\artmmp.ini
[%WINDOWS%]\neti.dll
[%SYSTEM%]\webrebates.exe
[%WINDOWS%]\cache371\b_371_0_1_501300.htm
[%WINDOWS%]\cache371\b_371_0_1_569200.htm
[%WINDOWS%]\cache371\b_371_0_1_582200.htm

TopRebates Registry Keys:
HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext\web rebates

TopRebates Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

TopRebates indications of infection

This symptoms of TopRebates detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
MailFlash Trojan Cleaner
Windows.AdStatus Adware Information
Vxidl.AGQ Trojan Removal

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)