safeprojects.com
Safeprojects.com is a browser hijacker which is a variant of Zlob Trojan. It hijacks your homepage and redirects your Internet Explorer to "www.safeprojects.com". Once installed onto your computer, Zlob will bombard you with hundreds of popup Warning messages claiming that your computer is infected. Warning messages may look like the following: "Critical System Error", "Your computer is infected", "System Alert", "Trojan-Spy.win32@mx", "Internet connection speed decreased by 39%" and so on. This is the way how safeprojects.com attempts to trick you into buying a rogue anti-spyware application (such as AntiSpyGolden, AntiVirGear, VirusHeal, etc.). Moreover, safeprojects.com may transfer back and forth information from infected computer to a third party which is a serious risk to the security of your sensitive information.
File System Modifications
- The following files were created in the system:
# File Name 1 afzdbl.dll 2 bgwttyl.dll 3 cfqbw.dll 4 cqsfk.dll 5 dxovx.dll 6 dyrwls.dll 7 fdpzgi.dll 8 gtawclv.dll 9 iesplugin.dll 10 iesuninst.exe 11 isaddon.dll 12 isamini.exe 13 isamonitor.exe 14 khtbpdl.dll 15 lrnjnzf.dll 16 pmmon.exe 17 pmsngr.exe 18 pmuninst.exe 19 psndz.dll 20 tkrsw.dll 21 ugofuq.dll 22 vgibz.dll 23 vjxwnn.dll 24 wzhtjqo.dll 25 zpuwriz.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70d17a5f-ef27-4295-90f5-20ad6f24834f}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80ced3d6-ece9-48ba-8df8-2503d8d87c2b}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D61D7E1A-6613-49CA-B6F9-51DB248E209D}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa6d4f53-4c8d-4549-84d2-02d584acc4e9}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{967A494A-6AEC-4555-9CAF-FA6EB00ACF91}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSDNS.MSDNSAppHKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSVPS.MSVPSAppHKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{A8954909-1F0F-41A5-A7FA-3B376D69E226}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\browsers.StockBarHKEY_LOCAL_MACHINE\SOFTWARE\Classes\browsers.ToolBar.1HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VideoExtensionHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49CF52D7-8D58-4E22-A874-AAD721F5B523}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49CF52D7-8D58-4E22-A874-AAD721F5B523}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5574E139-F59C-4bee-9A61-150B0D3A16C7}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper objects\{D61D7E1A-6613-49CA-B6F9-51DB248E209D}HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}IExplorer Security Plug-inInternet Explorer Secure BarMessenger Service
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.