Home Malware Programs Browser Hijackers Asafetyliner.com

Asafetyliner.com

Posted: December 13, 2007

Asafetyliner.com is a browser hijacker that is usually downloaded and installed by a Zlob Trojan. If you have a Zlob in your PC, it is a serious security risk to all your sensitive data, including your personal information and banking passwords. After the infection, user's home site is changed to Asafetyliner.com and notifications such as "Virus Alert", "Your Computer is Infected", "Security Alert" are displayed. Once you click on one of those fake warning messages, you will be redirected to one of the illicit sites offering you to purchase various rogue anti-spyware applications, such as IEDefender, MalwareBurn, AntiVirGear and others.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 fdpzgi.dll
    2 gtawclv.dll
    3 iesuninst.exe
    4 isamini.exe
    5 isamonitor.exe
    6 isfmdl.dll
    7 khtbpdl.dll
    8 Online Security Guide.url
    9 pmmon.exe
    10 pmsngr.exe
    11 Security Troubleshooting.url
    12 veptlh.dll
    13 vjxwnn.dll
    14 vmlwp.dll

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70d17a5f-ef27-4295-90f5-20ad6f24834f}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80ced3d6-ece9-48ba-8df8-2503d8d87c2b}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D61D7E1A-6613-49CA-B6F9-51DB248E209D}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa6d4f53-4c8d-4549-84d2-02d584acc4e9}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper objects\{D61D7E1A-6613-49CA-B6F9-51DB248E209D}HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}IExplorer Security Plug-inInternet Explorer Secure BarMessenger Service
Loading...