Resolve for CoreFloo-D 1.05
Updated on 12 Jul 2011
By Anthony Buckner
By Anthony Buckner
77 KB Safe To Install
Advertising
Specifications
License:
Freeware (Free)
Updated:
Downloads:
218
Platform:
Windows All
Publisher:
Sophos Plc(more)
Website:
Unknown
User Reviews:
Other versions:
Do you like
Resolve for CoreFloo-D?
Resolve for CoreFloo-D?
Publisher's Descriptions
Resolve is the name for a set of small, downloadable Sophos utilities designed to remove and undo the changes made by certain viruses, Trojans and worms. They terminate any virus processes and reset any registry keys that the virus changed. Existing infections can be cleaned up quickly and easily, both on individual workstations and over networks with large numbers of computers.
Troj/CoreFloo-D is a backdoor Trojan which allows a remote intruder to access and control the computer from a remote location.
The Trojan arrives as an executable with a random filename consisting of 7 characters A-Z with an EXE extension.
When the installation executable is run on Windows 95, 98 or ME it drops a DLL to the Windows System folder with a filename consisting of 7 random characters A-Z with a DLL extension.
When the installation executable is run on Windows NT, 2000 or XP it drops the DLL as an ADS stream associated with the Windows System folder (typically System32). The new ADS stream will also have a random 7 character name with an extension of DLL.
The installation executable then launches the DLL component which adds its pathname to the following registry entry, so that it is run automatically each time Windows is started:
HKLMSoftwareMicrosoftWindowsCurrentVersionRunOnce
= rundll32 %SYSTEM% .dll,Init 1
HKLMSoftwareMicrosoftWindowsCurrentVersionRun
= rundll32 %SYSTEM% ,Init 1
The DLL component injects itself into the EXPLORER process making it invisible in the Task Manager process list.
The DLL queries a hosts from a list in the Trojan body in order to receive parameters for further processing usinf HTTP POST request and a CGI script on the remote host. The HTTP response contains various parameters for the backdoor built into the DLL such as listening ports and other information.
Troj/CoreFloo-D also has anti-delete functionality which restarts viral processes that have been terminated and resets the above registry entries if they are removed.
Troj/CoreFloo-D can be removed from Windows computers automatically with the following Resolve tools:
Windows disinfector
CORFDGUI is a disinfector for standalone Windows computers. To use it you have to do the following:
· Open CORFDGUI.com file from your desktop after downloading it.
· Click on the Start Scan Button.
· Wait for the process to complete.
Command line disinfector
CORFDSFX.EXE is a self-extracting archive containing CORFDCLI, a Resolve command line disinfector for use on Windows networks.
Troj/CoreFloo-D is a backdoor Trojan which allows a remote intruder to access and control the computer from a remote location.
The Trojan arrives as an executable with a random filename consisting of 7 characters A-Z with an EXE extension.
When the installation executable is run on Windows 95, 98 or ME it drops a DLL to the Windows System folder with a filename consisting of 7 random characters A-Z with a DLL extension.
When the installation executable is run on Windows NT, 2000 or XP it drops the DLL as an ADS stream associated with the Windows System folder (typically System32). The new ADS stream will also have a random 7 character name with an extension of DLL.
The installation executable then launches the DLL component which adds its pathname to the following registry entry, so that it is run automatically each time Windows is started:
HKLMSoftwareMicrosoftWindowsCurrentVersionRunOnce
= rundll32 %SYSTEM% .dll,Init 1
HKLMSoftwareMicrosoftWindowsCurrentVersionRun
= rundll32 %SYSTEM% ,Init 1
The DLL component injects itself into the EXPLORER process making it invisible in the Task Manager process list.
The DLL queries a hosts from a list in the Trojan body in order to receive parameters for further processing usinf HTTP POST request and a CGI script on the remote host. The HTTP response contains various parameters for the backdoor built into the DLL such as listening ports and other information.
Troj/CoreFloo-D also has anti-delete functionality which restarts viral processes that have been terminated and resets the above registry entries if they are removed.
Troj/CoreFloo-D can be removed from Windows computers automatically with the following Resolve tools:
Windows disinfector
CORFDGUI is a disinfector for standalone Windows computers. To use it you have to do the following:
· Open CORFDGUI.com file from your desktop after downloading it.
· Click on the Start Scan Button.
· Wait for the process to complete.
Command line disinfector
CORFDSFX.EXE is a self-extracting archive containing CORFDCLI, a Resolve command line disinfector for use on Windows networks.
Do you like Resolve for CoreFloo-D
Resolve for CoreFloo-D Disclamer
Please be aware FindMySoft.com accepts no responsibility for the file you are downloading. The same applies to the information provided about the software products listed.
We do not allow the inclusion of any Resolve for CoreFloo-D serial, keygen or crack and we disclaim any liability for the inappropriate use of Resolve for CoreFloo-D.
FindMySoft advises that Resolve for CoreFloo-D should be only used in accordance with the rules of intellectual property and the existing Criminal Code.
For your own protection ALWAYS check downloaded files for viruses.
We do not allow the inclusion of any Resolve for CoreFloo-D serial, keygen or crack and we disclaim any liability for the inappropriate use of Resolve for CoreFloo-D.
FindMySoft advises that Resolve for CoreFloo-D should be only used in accordance with the rules of intellectual property and the existing Criminal Code.
For your own protection ALWAYS check downloaded files for viruses.
Advertising
Popular News
As of yesterday, March 23, Yahoo! can boast that it has its own web browser: Yahoo! Axis.
A week after the RC, the final edition of Linux Mint 13 codename Maya has been released.
Your Rating
1.0
out
of
5
of
5
Rated By
1 Users
1 Users
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Resolve for CoreFloo-D
HTML Linking Code
HTML Linking Code
Latest Reviews