Severity scale:  

Tinba. How to remove? (Uninstall guide)

removal by Jake Doevan - -   Also known as Trojan.Tinba, zusy | Type: Trojans

Tinba is a malicious Trojan horse, which steals personal and sensitive information from the compromised computer. This malicious parasite is able to add/remove files and folders, make registry changes and inject into other programs. Additionally it monitors and records network traffic information in the following file:

%SystemDrive%\Documents and Settings\All Users\Application Data\default\web.dat

Moreover, Tinba modifies Mozilla Firefox, to disable warnings when you’re visiting insecure sites. It also modifies system registry to be able to execute every time Windows starts. It will inject malicious code to Internet Explorer, Google Chrome and Mozilla Firefox. Then it injects itself to explorer.exe and svchost.exe processes, and tries to end them.

Trojan Timba has another name – Zusy. Timba is famous for its really small size. Including all webinjects and configs it weights only 20kb. It comes without any packing or encryption. Trojan Tinba (Zusy) belongs to the completely new family of malware, security experts believe that we will see more activity from this family this year. The first ones who discovered this trojan were CSIS Security Group A/S. The name was shortened from the words “Tiny Banker” – Tinba. This is a trojan which hooks into browsers and steals all sensitive data, including but not limited to logins and credit card numbers. Trojan is not detected by most antivirus software.
Trojan timba uses really sneaky techniques, it infects itself into legitimate processes like explorer.exe, svchost.exe, firefox.exe also it creates process called winvert.exe. It target very small list or sites, moslty financial websites.

Here’s a list of command-and-control (C&C) servers, to which Tinba tries to send the stolen information:

  • [http://]
  • [http://]
  • [http://]
  • [http://]
  • [http://]
  • [http://]
We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove Tinba you agree to our privacy policy and agreement of use.
do it now!
Reimage (remover) Happiness
Reimage (remover) Happiness
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Tinba. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

More information about this program can be found in Reimage review.
Press mentions on Reimage

Tinba manual removal:

Kill processes:

Delete registry values:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun"default" = "%SystemDrive%Documents and SettingsAll UsersApplication Datadefaultbin.exe"

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet SettingsZones3"1609" = "0"

Delete files:
%SystemDrive%Documents and SettingsAll UsersApplication Datadefaultbin.exe

About the author

Jake Doevan
Jake Doevan - Computer technology expert

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Jake Doevan
About the company Esolutions