TrustToolbar

TrustToolbar Plug-in is a free browser enhancement that integrates seamlessly into Internet Explorer. It provides with a trusted, safe and easier way to surf the web. It also ensures always know who is really behind a website. It is a group of buttons which perform common tasks. A toolbar for Internet Explorer is normally located below the menu bar at the top of the form. Toolbars may be created by Browser Helper Objects. It is a component that Internet Explorer will load whenever it starts, shares IE's memory context, can perform any action on the available windows and modules. A BHO can detect events, create windows to display additional information on a viewed page, monitor messages and actions. Microsoft calls it 'a spy we send to infiltrate the browser's land.' BHOs are not stopped by personal firewalls, because they are seen by the firewall as browser itself. Some exploits of this technology search all pages view in IE and replace banner advertisements with other ads. Some monitor and report on our actions. Some change our home page.0

General information:

Malware Name:	TrustToolbar
Malware Type:	Toolbar
Company Name:
Company URL:	http://www.trusttoolbar.com/
Threat Level:	High Risk
Operating System:	WIN XP
Installation Type:	Installed through EXE
Operation:	Time of After Installation.

Company Description:

TrustToolbar is a software application that provides additional navigability, security and trust functionality to Microsoft Internet Explorer browser. It is so called because it helps create a trusted Internet environment using a toolbar (and underlying technology), and because it 'plugs in' to browser. Once installed browser is enhanced to provide a secure interface that makes surfing easier and transactions safer. TrustToolbar has been developed to translate the physical world intellectual property rights (IPR) to the online world. IPR have existing for decades in the physical world protecting such rights as trademarks, brand names, company names, product names, etc. We may not even realise it, but it all rely on and use IPR every day of its lives. Every time it look in the yellow pages, or see an advert on television it being exposed to an infrastructure that is protected by IPR.

Spyware Description:

TrustToolbar Plug-in is a free browser enhancement that integrates seamlessly into Internet Explorer. It provides with a trusted, safe and easier way to surf the web. It also ensures always know who is really behind a website. It is a group of buttons which perform common tasks. A toolbar for Internet Explorer is normally located below the menu bar at the top of the form. Toolbars may be created by Browser Helper Objects. It is a component that Internet Explorer will load whenever it starts, shares IE's memory context, can perform any action on the available windows and modules. A BHO can detect events, create windows to display additional information on a viewed page, monitor messages and actions. Microsoft calls it 'a spy we send to infiltrate the browser's land.' BHOs are not stopped by personal firewalls, because they are seen by the firewall as browser itself. Some exploits of this technology search all pages view in IE and replace banner advertisements with other ads. Some monitor and report on our actions. Some change our home page.0

Characteristics/Symptoms:

    -> It has a search function and provides search results for paid advertisers -> Track browsing habits -> Adds a third-party utility bar to the web browser -> Changes browser -> Shows Advertisements0

Additional information might be found here:

	Search at Google for TrustToolbar
	Search at Bing for TrustToolbar
	Search at Yahoo for TrustToolbar

Processes Running:

TTBSETUP.exe

File information Created after Installation:

File Location	Size (Bytes)	Type
C:\WINDOWS\system32\TTBSREB.DLL	284	Application Extension
C:\WINDOWS\system32\WVO_CTRL.exe	36	Application
C:\WINDOWS\system32\WVO_UTIL.DLL	69	Application Extension

Folder information Created after Installation:

Folder Location

Registry information Created after Installation: