Trojan is a general term for malicious software that is installed under false or deceptive pretenses or is installed without the user's full knowledge and consent. Most Trojans exhibit some form of malicious, hostile, or harmful functionality or behavior.Trojan.Farfli can download and execute additional threat on the infected computer. It can also modify the Internet Explorer Start Page and change many settings related to online transaction and one such example would be the Affliate ID to get more profits through the clicks.
Takashi Katsuk from Symantec is under an investigation of Trojan.Farfli. He Says" Trojan has daily tasks that are closely related to updating Trojan.Farfli. We have seen Trojan.Farfli updated three times a day on average and sometimes as much as seven times a day, and the total number of variants has reached more than 300 since July. In comparison, Trojans discovered around the same time have far fewer variants. For example, Trojan.Hachilem and Trojan.Srizbi have only 150 variants and 40 variants, respectively. Precisely speaking, because there are files dropped by this Trojan that are polymorphic there are hundred and hundred variants of this Trojan "
To read the complete report use the following link
http://www.symantec.com/enterprise/security_response/weblog/2007/11/trojan_writer_lusts_for_money.html
HOW TO REMOVE Trojan.Farfli:
1. Temporarily Disable System Restore (Windows Me/XP).
2. Update the virus definitions.
3. Reboot computer in SafeMode
4. Run a full system scan and clean/delete all infected file
5. Delete/Modify any values added to the registry. [Take extream caution when editing the registry- Use this only if you are tech savy]
Navigate to and delete the following entries:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_[random 1] HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_[random 2] HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\[random 1] HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\[random 2] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_[random 1] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_[random 2] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\[random 1] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\[random 2] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IE4\"Main"= [random]
6. Exit registry editor.
7. Delete the Web sites added to the Internet Explorer Favorites menu.
a) Start Microsoft Internet Explorer
b) Click Favorites > Organize Favorites
c) Delete the Favorites added by the risk: http://www.6781.com/?001
8. Restore the default settings in Internet Explorer. [how to]
9. Restart the computer.
Ensure you have Norton Internet Security installed in your computer to be confident and safe in this connected world.
Support us by making a link back to this post or simply bookmark this post for us. |
0 comments on "Trojans can use your Affliate I-D | An Exclusive report -Takashi Katsuki"
Subscribe in a Reader
Post a Comment