Trojan.Tracur
Trojan.Tracur is a multi-component dropper Trojan that attacks your web browser and security, while also installing malicious files. Different portions of a Trojan.Tracur infection are classified by slightly different names and can perform a variety of duties that harm your computer, including browser hijacks and reducing your firewall's effectiveness. All types of Trojan.Tracur infections are serious security threats and should be removed hastily to prevent harm to your PC; Removing Trojan.Tracur Trojans is least likely to fail when performed by high-quality security software.
The Varied Tentacles of a Trojan.Tracur Attack
Unlike more self-contained PC threats, Trojan.Tracur is a Trojan that uses multiple components to support Trojan.Tracur's malicious behavior. For example, a TrojanDownloader:Win32/Tracur.A Trojan will download and install a TrojanDownloader:Win32/Tracur.B Trojan without your consent. In turn, TrojanDownloader:Win32/Tracur.B will proceed to download and install other malicious programs. Trojan:VBS/Tracur will attack your firewall while Trojan:JS/Tracur.A and TrojanDownloader:Win32/Tracur.J will attack your web browser.
All of these parts of Trojan.Tracur may be found working together to harm your computer, although some may also be found working alone. Many varieties of Trojan.Tracur are still recent and may not be detected by out of date security software. Keep your anti-virus scanners and related software updated with regards to the latest PC threats to avoid being damaged by a Trojan.Tracur attack.
Most Trojan.Tracur components are randomly-named fake .dll files that hide in your Windows folder. These files will launch themselves automatically, but may infect normal Windows processes or use the names of such processes to avoid being seen.
What Happens When Trojan.Tracur Gets Its Grip on Your PC
As you can see from the list below, attacks related to a Trojan.Tracur infection can be varied but are always harmful and potentially serious:
- Trojan.Tracur may download and launch files without your consent. This can include keyloggers and other spyware, rogue security programs that fake security features or Remote Administration Tools (RATs). In particular, some Trojan.Tracur variants have been confirmed to create spyware files such as '\\.\pipe\82781219D3C34ebcA476079C6EC9FDF40.'
- Trojan.Tracur may hijack your web browser and redirect you to an URL chosen by the attacker. Trojan.Tracur components that are capable of this may also maximize the browser window.
- Trojan.Tracur can add exceptions to your firewall. This allows Trojan.Tracur and related threats to send or receive information without being blocked by your network security.
- Several different types of Trojan.Tracur are also installed in the form of Browser Help Objects or BHOs. These parts of a Trojan.Tracur infection specialize in redirecting you away from legitimate search results and towards harmful websites.
Obviously, the well-developed and complex nature of any Trojan.Tracur infection makes manual removal of Trojan.Tracur less than ideal when performed by a novice. In most situations, using an anti-virus or other security program to delete Trojan.Tracur is your best chance of defeating this multi-pronged Trojan.
File System Modifications
- The following files were created in the system:
# File Name 1 C:ProgramData1808284557c1 2 C:ProgramData1808284557c2 3 C:ProgramData1808284557c3 4 C:ProgramData1808284557c4 5 c:programdataapi-ms-win-core-memory-l1-1-032.exe 6 c:programdatair50_qc32.exe 7 C:ProgramDataiscsidsc32.exe 8 C:ProgramDataiTVData32.exe 9 C:ProgramDataWsmRes32.exe 10 C:UsersclehighAppDataRoamingSysWinlsass.exe 11 C:UsersclehighDesktopsetupQuickTime_Update_KB118012.exe 12 C:WindowsSystem32api-ms-win-core-localregistry-l1-1-032.exe 13 C:WindowsSystem32configsystemprofileAppDataRoamingD91F.tmp 14 C:WindowsSystem32configsystemprofileAppDataRoamingF316.tmp 15 C:WindowsSystem32GnuHashes.ini 16 C:WindowsSystem32iscsium32.exe 17 C:WindowsSystem32iTVData32.exe 18 C:WindowsSysWOW64api-ms-win-core-localregistry-l1-1-032.exe 19 C:WindowsSysWOW64configsystemprofileAppDataRoamingD91F.tmp 20 C:WindowsSysWOW64configsystemprofileAppDataRoamingF316.tmp 21 C:WindowsSysWOW64iscsium32.exe 22 C:WindowsSysWOW64iTVData32.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOTCLSID{01d4a14f-1259-42dd-be2b-b0c27c7f7eb1}HKEY_CLASSES_ROOTCLSID{09794aad-bd6c-4e4b-b0f7-cc81335a2145}HKEY_CLASSES_ROOTCLSID{1915590a-ead8-83b5-faa2-70e93fa820cd}HKEY_CLASSES_ROOTCLSID{227276bb-4b9a-75da-3dca-66fb7219f22c}HKEY_CLASSES_ROOTCLSID{2909414b-5416-b9b4-ef70-b405692858ec}HKEY_CLASSES_ROOTCLSID{2a257ecc-739c-a456-466f-b5d31916a2a3}HKEY_CLASSES_ROOTCLSID{3bac86e3-3df7-81ee-4147-55f42eed5f2d}HKEY_CLASSES_ROOTCLSID{3ecbb1e6-d40f-32ce-7cee-9daf87800363}HKEY_CLASSES_ROOTCLSID{4f704af0-bbf2-6cf7-c502-2131ec65acb1}HKEY_CLASSES_ROOTCLSID{5ab42b4d-a790-80a9-5303-e90a1ac2b7bd}HKEY_CLASSES_ROOTCLSID{6528e954-e5f3-1ef0-d267-46bd4d2f838d}HKEY_CLASSES_ROOTCLSID{671a19dd-6141-e723-2f8e-fb842c5e7690}HKEY_CLASSES_ROOTCLSID{6be07ae5-1e0a-45fb-379f-a219a2ea5a66}HKEY_CLASSES_ROOTCLSID{6e571a72-906e-d8f5-ae9e-a8683f651cf0}HKEY_CLASSES_ROOTCLSID{75730417-a7b1-fc72-cd7e-ac54f4bf0b0f}HKEY_CLASSES_ROOTCLSID{760261e9-c6c5-4627-d749-b3abcf2beaa4}HKEY_CLASSES_ROOTCLSID{8768e79f-2b38-c5ad-9af2-d3234bb93030}HKEY_CLASSES_ROOTCLSID{984db96d-4451-3a41-2ea9-6516013bcfbc}HKEY_CLASSES_ROOTCLSID{9aa43ddf-8321-cbe8-e190-23377f4d6546}HKEY_CLASSES_ROOTCLSID{9dc368e2-1a39-7cc8-1c36-6bf2d8e1097d}HKEY_CLASSES_ROOTCLSID{9e53a81d-6546-0daf-b527-809955bbac9f}HKEY_CLASSES_ROOTCLSID{a0ab2b8f-a516-9e55-680e-3dbad3cc4329}HKEY_CLASSES_ROOTCLSID{a4b20b57-6288-c136-78ff-59afed22a8d4}HKEY_CLASSES_ROOTCLSID{a5175f41-2409-89a9-cebf-620a8c054b5b}HKEY_CLASSES_ROOTCLSID{a6e91e3c-6fc0-df9a-6f90-ec10acaa7051}HKEY_CLASSES_ROOTCLSID{ab28655b-396d-92ce-6e4f-7cf925a74087}HKEY_CLASSES_ROOTCLSID{ae47905e-d085-43ae-a9f5-c4b47f3be4be}HKEY_CLASSES_ROOTCLSID{b02f530b-5a61-653b-f6cd-967c79271e6a}HKEY_CLASSES_ROOTCLSID{b4a6f399-ccc6-f735-6ccd-9dcb16a2e0f3}HKEY_CLASSES_ROOTCLSID{b8885e08-7791-0360-73cc-b83e3d3b4065}HKEY_CLASSES_ROOTCLSID{bb742680-e27d-ca62-0d40-60c86c5ab13e}HKEY_CLASSES_ROOTCLSID{bb8b1c4a-bd21-e672-41b9-aafb0c774dbc}HKEY_CLASSES_ROOTCLSID{c7819f87-c1e1-4fc2-ad73-b3ad3b0e51be}HKEY_CLASSES_ROOTCLSID{d1c7d556-ad83-d463-33b0-5e19078bffd7}HKEY_CLASSES_ROOTCLSID{d3a50f56-7ce9-f132-801e-51c7a9e18ebd}HKEY_CLASSES_ROOTCLSID{de4710dc-6b55-902c-5f2d-83ee5656210f}HKEY_CLASSES_ROOTCLSID{e2289070-4be2-5d07-6b02-2b51af1880ca}HKEY_CLASSES_ROOTCLSID{e36b19ed-9563-9d9d-8588-ff08cd500617}HKEY_CLASSES_ROOTCLSID{eab687bc-04b6-b738-98cd-d2461418f512}HKEY_CLASSES_ROOTCLSID{f1077ebc-c0d2-42f6-c66f-850378bea7ad}HKEY_CLASSES_ROOTCLSID{f1cf1665-b497-b3a3-d7a1-100f19163d22}HKEY_CLASSES_ROOTCLSID{f4b7da12-3e74-d531-2479-e3d7140276ce}HKEY_CLASSES_ROOTCLSID{f4bcdab2-b9e4-cbc7-21ae-4dc7c43d7223}HKEY_CLASSES_ROOTCLSID{f5ae2ef1-bb7e-4aad-c742-27e6114b9d18}HKEY_CLASSES_ROOTCLSID{f5ea6a42-d6e4-45ef-1131-752c31963c3a}HKEY_CLASSES_ROOTCLSID{fa9df4db-ca4c-15e1-81d8-f17ad0ad6b5f}HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtSettings{0 1d4a14f-1259-42dd-be2b-b0c27c7f7eb1}HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtStats{01d4 a14f-1259-42dd-be2b-b0c27c7f7eb1}HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtStats{2a25 7ecc-739c-a456-466f-b5d31916a2a3}HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtStats{671a 19dd-6141-e723-2f8e-fb842c5e7690}HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtStats{7573 0417-a7b1-fc72-cd7e-ac54f4bf0b0f}HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtStats{8768 e79f-2b38-c5ad-9af2-d3234bb93030}HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtStats{e36b 19ed-9563-9d9d-8588-ff08cd500617}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindowsAppInit_DLLsHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{01d4a14f-1259-42dd-be2b-b0c27c7f7eb1}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{09794aad-bd6c-4e4b-b0f7-cc81335a2145}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{1915590a-ead8-83b5-faa2-70e93fa820cd}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{227276bb-4b9a-75da-3dca-66fb7219f22c}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{2909414b-5416-b9b4-ef70-b405692858ec}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{2a257ecc-739c-a456-466f-b5d31916a2a3}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{3bac86e3-3df7-81ee-4147-55f42eed5f2d}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{3ecbb1e6-d40f-32ce-7cee-9daf87800363}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{4f704af0-bbf2-6cf7-c502-2131ec65acb1}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{5ab42b4d-a790-80a9-5303-e90a1ac2b7bd}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{6528e954-e5f3-1ef0-d267-46bd4d2f838d}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{671a19dd-6141-e723-2f8e-fb842c5e7690}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{6be07ae5-1e0a-45fb-379f-a219a2ea5a66}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{6e571a72-906e-d8f5-ae9e-a8683f651cf0}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{75730417-a7b1-fc72-cd7e-ac54f4bf0b0f}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{760261e9-c6c5-4627-d749-b3abcf2beaa4}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{8768e79f-2b38-c5ad-9af2-d3234bb93030}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{984db96d-4451-3a41-2ea9-6516013bcfbc}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{9aa43ddf-8321-cbe8-e190-23377f4d6546}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{9dc368e2-1a39-7cc8-1c36-6bf2d8e1097d}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{9e53a81d-6546-0daf-b527-809955bbac9f}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{a0ab2b8f-a516-9e55-680e-3dbad3cc4329}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{a4b20b57-6288-c136-78ff-59afed22a8d4}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{a5175f41-2409-89a9-cebf-620a8c054b5b}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{a6e91e3c-6fc0-df9a-6f90-ec10acaa7051}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{ab28655b-396d-92ce-6e4f-7cf925a74087}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{ae47905e-d085-43ae-a9f5-c4b47f3be4be}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{b02f530b-5a61-653b-f6cd-967c79271e6a}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{b4a6f399-ccc6-f735-6ccd-9dcb16a2e0f3}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{b8885e08-7791-0360-73cc-b83e3d3b4065}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{bb742680-e27d-ca62-0d40-60c86c5ab13e}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{bb8b1c4a-bd21-e672-41b9-aafb0c774dbc}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{c7819f87-c1e1-4fc2-ad73-b3ad3b0e51be}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{d1c7d556-ad83-d463-33b0-5e19078bffd7}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{d3a50f56-7ce9-f132-801e-51c7a9e18ebd}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{de4710dc-6b55-902c-5f2d-83ee5656210f}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{e2289070-4be2-5d07-6b02-2b51af1880ca}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{e36b19ed-9563-9d9d-8588-ff08cd500617}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{eab687bc-04b6-b738-98cd-d2461418f512}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{f1077ebc-c0d2-42f6-c66f-850378bea7ad}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{f1cf1665-b497-b3a3-d7a1-100f19163d22}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{f4b7da12-3e74-d531-2479-e3d7140276ce}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{f4bcdab2-b9e4-cbc7-21ae-4dc7c43d7223}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{f5ae2ef1-bb7e-4aad-c742-27e6114b9d18}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{f5ea6a42-d6e4-45ef-1131-752c31963c3a}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrows er Helper Objects{fa9df4db-ca4c-15e1-81d8-f17ad0ad6b5f}HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunrthdbplHKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesvss32HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceswersvc32
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.