Trojan.Peacomm.D
Trojan.Peacomm.D is capable of collecting system information and email contacts from the infected computer. Trojan.Peacomm.D will arrive on the system as packed executable files like sony.exe and halloween.exe. It can reduce security settings on the compromised PC by ending security-related programs. Trojan.Peacomm.D may register the computer as a peer in file-sharing networks and open its files to the public. The backdoor port created by Trojan.Peacomm.D will allow a remote attacker to gain access on the affected computer.
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Windows Vista
Technical Details and Additional Information:
What can Trojan.Peacomm.D do to infected system?
- This Trojan will use rootkit techniques to hide its running process.
- It will end process related to anti-virus programs.
- It can disable drivers that were found related to security software.
Malicious Files Added by Trojan.Peacomm.D
halloween.exe
sony.exe
%Windir%\noskrnl.exe
%System%\noskrnl.sys
Associated Windows Registry Entries:
HKEY_CURRENT_USER\Microsoft\Windows\Current Version\Run\”noskrnl” = “%Windir%\noskrnl.exe”
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\noskrnl
Trojan.Peacomm.D – Removal
Removing Trojan.Peacomm.D Manually:
1. If using Windows ME or XP, System Restore must be disabled to prevent the threat from restoring itself. [Windows XP System Restore]
2. Update the virus definitions.
3. Reboot Windows in SafeMode [how to]
4. Run a full system scan and clean/delete all infected file(s)
5. Delete/Modify any values added to the registry. [how to edit registry]
6. Exit registry editor and restart Windows.
Anti-virus Tools
Online Virus Scanner:
Online virus scanner can provide scan and clean functions just like any anti-virus software without the need to install additional AV product. Perform a thorough scan with free Online Virus Scanner that can be found here or on web sites of legitimate security software provider.
Scan with Norton Power Eraser:
Norton Power Eraser is a virus removal tool created by Norton Antivirus to remove unfamiliar threats without using the traditional AV signatures. Download the tool from this location and start scanning the computer for viruses.