Tuesday, January 27, 2009

Comforest Trojan

Removing Comforest
Categories: Trojan,Adware,Hijacker
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Hijackers take control of various parts of your web browser, including your home page,
search pages, and search bar. They may also redirect you to certain sites should you
mistype an address or prevent you from going to a website they would rather you not,
such as sites that combat malware. Some will even redirect you to their own search engine
when you attempt a search.
Comforest Also known as:

[Kaspersky]Trojan.Win32.Delf.cn;
[Other]ComforestDial,comforest dialer,W32/Delf.TWV
Visible Symptoms:
Files in system folders:
[%DESKTOP%]\Club del Vizio - Foto Video Calendari - VM18.lnk
[%PROGRAMS%]\Club del Vizio - Foto Video Calendari - VM18.lnk
[%SYSTEM%]\Winsystemas\fotoieri.EXE
[%WINDOWS%]\$hf_mig$\KB090545\semail.exe
[%WINDOWS%]\$hf_mig$\KB090545\semail.tpl
[%WINDOWS%]\$hf_mig$\KB090545\target.dat
[%DESKTOP%]\Club del Vizio - Foto Video Calendari - VM18.lnk
[%PROGRAMS%]\Club del Vizio - Foto Video Calendari - VM18.lnk
[%SYSTEM%]\Winsystemas\fotoieri.EXE
[%WINDOWS%]\$hf_mig$\KB090545\semail.exe
[%WINDOWS%]\$hf_mig$\KB090545\semail.tpl
[%WINDOWS%]\$hf_mig$\KB090545\target.dat

How to detect Comforest:

Files:
[%DESKTOP%]\Club del Vizio - Foto Video Calendari - VM18.lnk
[%PROGRAMS%]\Club del Vizio - Foto Video Calendari - VM18.lnk
[%SYSTEM%]\Winsystemas\fotoieri.EXE
[%WINDOWS%]\$hf_mig$\KB090545\semail.exe
[%WINDOWS%]\$hf_mig$\KB090545\semail.tpl
[%WINDOWS%]\$hf_mig$\KB090545\target.dat
[%DESKTOP%]\Club del Vizio - Foto Video Calendari - VM18.lnk
[%PROGRAMS%]\Club del Vizio - Foto Video Calendari - VM18.lnk
[%SYSTEM%]\Winsystemas\fotoieri.EXE
[%WINDOWS%]\$hf_mig$\KB090545\semail.exe
[%WINDOWS%]\$hf_mig$\KB090545\semail.tpl
[%WINDOWS%]\$hf_mig$\KB090545\target.dat

Folders:
[%SYSTEM%]\Winsystemp

Registry Keys:
HKEY_CURRENT_USER\software\freeware\{491a5872-c30f-4e54-8ff1-bf31cc73dc4b}

Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\extensions\cmdmapping
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{1de8619d-8dd8-40ba-8a42-e1d12f119524}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{1de8619d-8dd8-40ba-8a42-e1d12f119524}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{1de8619d-8dd8-40ba-8a42-e1d12f119524}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{1de8619d-8dd8-40ba-8a42-e1d12f119524}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{1de8619d-8dd8-40ba-8a42-e1d12f119524}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{1de8619d-8dd8-40ba-8a42-e1d12f119524}

Removing Comforest:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Spyboter.aq Backdoor
Delf.id Trojan Removal
Removing Pigeon.ACZ Trojan
SMEG.encrypted Trojan Information

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)