TrustNinja

TrustNinja Description

TrustNinja (also known as Trust Ninja) is a fake optimization tool presented as a useful program in order to gain the trust of the user. TrustNinja that is a member of the FakeSmoke family, must be installed manually, and once active, begins display fake infection results in order to trick the user into believing that the computer has been compromised. The user is then prompted to purchase the commercial version of TrustNinja in order to combat these threats or fix the various problems.

The family of TrustNinja has various members, all of them clones of TrustNinja. These members include WiniGuard, WiniFighter, WiniShield, SaveKeep, SaveDefense, BlockDefense, SaveKeeper, SoftSafeness, TrustWarrior, SecurityFighter, Security Soldier, Security Soldier, SecureVeteran, Secure Warrior, Trust Cop, Safe Fighter, Trust Soldier, Virus Protector.

Technical Information

File System Details

TrustNinja creates the following file(s):
# File Name Size MD5
1 %ProgramFiles%\TrustNinja Software\TrustNinja\uninstall.exe
2 %ProgramFiles%\TrustNinja Software\TrustNinja\TrustNinjaSvc.exe
3 %Temp%\nsm2.tmp\nsSCM.dll
4 %ProgramFiles%\TrustNinja Software\TrustNinja\TrustNinja.exe
5 %Temp%\nsm2.tmp\nsProcess.dll
6 %ProgramFiles%\TrustNinja Software\TrustNinja\data.bin
7 %Documents and Settings%\All Users\Start Menu\Programs\TrustNinja\2 Homepage.lnk
8 TrustNinja
9 %ProgramFiles%\TrustNinja Software\TrustNinja
10 %Documents and Settings%\All Users\Start Menu\Programs\TrustNinja\1 TrustNinja.lnk
11 %Program Files%\TrustNinja Software
12 %Documents and Settings%\All Users\Desktop\TrustNinja.lnk
13 %ProgramFiles%\TrustNinja Software\TrustNinja\license.txt
14 %Documents and Settings%\All Users\Start Menu\Programs\TrustNinja\3 Uninstall.lnk
15 %ProgramFiles%\TrustNinja Software
16 TrustNinja.exe 724,992 c9f6764aede6c4384af2d50bf00e6da8
17 TrustNinjaSvc.exe 65,536 e92f901fb0a487d9aac6ae40b8e05d56

Registry Details

TrustNinja creates the following registry entry or registry entries:
RegistryKey
HKEY_LOCAL_MACHINE\SOFTWARE\TrustNinja
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “TrustNinja”
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TRUSTNINJASVC\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrustNinjaSvc\Security
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TrustNinjaSvc\Enum
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TrustNinja
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrustNinjaSvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TRUSTNINJASVC\0000
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TRUSTNINJASVC\0000\Control
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TrustNinjaSvc\Security
HKEY_CURRENT_USER\Software\TrustNinja
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TrustNinjaSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TRUSTNINJASVC
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TRUSTNINJASVC\0000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrustNinjaSvc\Enum
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TRUSTNINJASVC

More Details on TrustNinja

The following URL's were found:
Tip: We recommend blocking the domain names as well as the IP addresses associated with them.
  • akeoqpxcer.com
  • probanitos.com
  • trustninja.com

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

One Comment

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.