WinRAR 5.2 msi and WinRAR 5.11 Final, which explains why so many users do not know that they have allowed Trojan.Redirector to enter their computers. In the case of Trojan.Redirector, it seems that it might take the name of a seemingly reliable application, e.g. It has been found that they might find different ways to enter systems, but they always do that secretly. It is always a bad idea to allow a Trojan infection to enter the computer. Therefore, you should hurry to remove this Trojan from the system and, in the meantime, ignore those advertisements. It has been found that these ads look quite harmless however, in reality, they might redirect you to bad web pages quickly. Speaking generally, Trojan.Redirector acts like this to ensure its persistence on the system.Īll these banners, pop-up ads, and sponsored search results which you will see if you keep Trojan.Redirector on your computer are not only very irritating, but might also be dangerous. The infected computer starts with those scripts every time. In addition, scripts reset.txt and update.txt are placed in %COMMONPROGRAMFILES(x86)% and %COMMONPROGRAMFILES%. In order to be able to reset proxy with every system restart, it creates its own Task in the Tasks folder %WINDIR%\System32\Tasks or %WINDIR%\Tasks, depending on the version of your Windows OS. Even though you change those settings, Trojan.Redirector will set its own settings after the computer restart again. Of course, Trojan.Redirector does not need to get your permission to carry out those modifications.Īt first glance, it might seem to be easy to uncheck boxes and delete the Address line in the Local Area Network (LAN) Settings panel however, it is not true. On top of that, two options Automatically detect settings and Use automatic configuration script will be enabled. You will see the URL from the Value data in the Address line. it might enter the URL there, you will notice changes in the Local Area Network (LAN) Settings panel too. If it has already changed the Value data, e.g. It has been found that it, first of all, changes the Value data of the Value AutoConfigURL which can be found by following this path \SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS. In order to be able to redirect traffic, Trojan.Redirector makes several changes on the infected computer. It is especially true if you cannot find an ad-supported application responsible for the presence of these ads on your computer. It seems that it has already infected 900 000 IPs worldwide, so the presence of irritating ads on your screen might really indicate that there is Trojan.Redirector hiding on your computer. Research has shown that Trojan.Redirector is quite an old infection, but it is still prevalent. They just see a bunch of irritating commercials, they might notice such a message as Waiting for proxy tunnel in the status bar of the default browser, and, finally, the search tool they use might need more time to display the search results. Of course, users do not get anything good from that. It is very likely that it works like this to help cyber criminals to earn some money from online advertising. There is, of course, a particular reason why this computer infection acts like that. Google and Yahoo! with unreliable search results (usually sponsored search results) in order to redirect traffic. According to specialists at, this Trojan might even replace the search results provided by popular search engines, e.g. Trojan.Redirector is a serious computer infection that enters computers with an intention of setting proxy on the Internet Explorer browser and then showing irritating advertisements, banners, and pop-ups.
0 Comments
Leave a Reply. |