« JS/Downloader-BNL
Dream Media Player »

TrustNinja

No Comments
LoneStar By LoneStar in Rogue Anti-Spyware Program | 0 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

TrustNinja Description

TrustNinja (also known as Trust Ninja) is a fake optimization tool presented as a useful program in order to gain the trust of the user. TrustNinja must be installed manually, and once active, begins display fake infection results in order to trick the user into believing that the computer has been compromised. The user is then prompted to purchase the commercial version of TrustNinja in order to combat these threats or fix the various problems.

Type: Rogue AntiSpyware Programs

How Can You Detect TrustNinja?

 
 

Download SpyHunter’s Detection Scanner
to Detect TrustNinja.

 
 

TrustNinja Technical Report

As new TrustNinja details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following TrustNinja files with its MD5s were created in the system:

File Name File Size MD5
TrustNinjaSvc.exe 65536 e92f901fb0a487d9aac6ae40b8e05d56
TrustNinja.exe 724992 c9f6764aede6c4384af2d50bf00e6da8

TrustNinja has typically the following processes in memory:

  • %ProgramFiles%\TrustNinja Software\TrustNinja\uninstall.exe
  • TrustNinjaSvc.exe
  • %ProgramFiles%\TrustNinja Software\TrustNinja\TrustNinjaSvc.exe
  • %Temp%\nsm2.tmp\nsSCM.dll
  • %ProgramFiles%\TrustNinja Software\TrustNinja\TrustNinja.exe
  • %Temp%\nsm2.tmp\nsProcess.dll
  • TrustNinja.exe

TrustNinja created the following directories, files, paths:

  • %ProgramFiles%\TrustNinja Software

TrustNinja creates the following registry entries:

  • HKEY_LOCAL_MACHINE\SOFTWARE\TrustNinja
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “TrustNinja”
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TRUSTNINJASVC\0000\Control
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrustNinjaSvc\Security
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TrustNinjaSvc\Enum
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TrustNinja
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrustNinjaSvc
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TRUSTNINJASVC\0000
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TRUSTNINJASVC\0000\Control
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TrustNinjaSvc\Security
  • HKEY_CURRENT_USER\Software\TrustNinja
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TrustNinjaSvc
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TRUSTNINJASVC
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TRUSTNINJASVC\0000
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrustNinjaSvc\Enum
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TRUSTNINJASVC

Important Article Disclaimer

ESG Support Center

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 08/26/09 and is filed under Rogue Anti-Spyware Program. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Top Malware

Recommended Products

Featured Videos

Poll

How much money have you spent trying to rid your PC of spyware?
View Results

Recent Articles

Top FAQs

Follow Us on Twitter

Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Copyright 2003-2010. Enigma Software Group USA, LLC. All Rights Reserved.