Trojan.Win32.Refroso.chsg
Just what you'd think by looking at its name, Trojan.Win32.Refroso.chsg is a Trojan with the ability to download files to your system and then install them without so much as a warning. Besides this, Trojan.Win32.Refroso.chsg may also shut down security and Windows-centric programs, spy on your computer to send sensitive information to remote attackers and even disguise itself as another application. This Trojan has been identified as a very severe security threat, and the only proper response to its existence is to delete Trojan.Win32.Refroso.chsg utterly from your hard drive.
Hitching a Ride on Your Favorite Instant Messenger
Trojan.Win32.Refroso.chsg and variations of Trojan.Win32.Refroso.chsg are known for being able to market themselves as emoticons (smiling face graphics) generators for Yahoo's instant messaging application. Use extreme caution when downloading an emoticon generator or other IM-related application, and you may be able to dodge ever needing to know the right way to remove Trojan.Win32.Refroso.chsg before damage is done.
The true workings of Trojan.Win32.Refroso.chsg's code have little to do with its outer disguise. Trojan.Win32.Refroso.chsg's main purpose is to spy on your keyboard input, saved file information, passwords and the like. All confidential information Trojan.Win32.Refroso.chsg gets its hands on will be sent out to remote attackers to use for fraudulent charges, identity theft and other crimes.
What Else Trojan.Win32.Refroso.chsg Has in Store for You
Trojan.Win32.Refroso.chsg isn't restricted to just being a spy, and may cause any or all of the following:
- Trojan.Win32.Refroso.chsg may download other malware onto your computer and run it without your consent. Other malware will make it progressively more difficult to delete Trojan.Win32.Refroso.chsg and the remaining infections, and can cause a wide variety of security and privacy issues.
- Your registry may be corrupted by Trojan.Win32.Refroso.chsg to allow Trojan.Win32.Refroso.chsg to restore itself after being deleted and to let Trojan.Win32.Refroso.chsg run whenever Windows boots. Registry additions may be difficult to remove without expert knowledge or appropriate security programs, and can make dealing with Trojan.Win32.Refroso.chsg and other malware appropriately nearly impossible.
- Your security programs and other necessary tools such as Task Manager, the Registry Editor and anti-virus scanners may all be blocked by Trojan.Win32.Refroso.chsg. Without access to these programs, you'll have no way to restore your computer to good health, making it only a matter of time before the damage becomes irreparable.
As a wicked trinity of Trojan, spy and security-disabler, this Trojan's presence is an incredibly threat that shouldn't be underestimated. If you don't delete Trojan.Win32.Refroso.chsg the very minute Trojan.Win32.Refroso.chsg is found, your computer may suffer harm that you can't fix later.
File System Modifications
- The following files were created in the system:
# File Name 1 %PROGRAM_FILES%\Trojan.Win32.Refroso.chsg 2 %ProgramFiles%\system32 3 %ProgramFiles%\system32\system.exe 4 c:\Documents and Settings\All Users\Start Menu\Trojan.Win32.Refroso.chsg\ 5 c:\Documents and Settings\All Users\Trojan.Win32.Refroso.chsg\
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{580436CB-1895-C6A8-9B2C-905E98802114}HKEY_LOCAL_MACHINE\SOFTWARE\micrsoftHKEY_LOCAL_MACHINE\Software\Trojan.Win32.Refroso.chsgHKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MediaResources\msvideoHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MediaResources\msvideo
Itˇs in reality a nice and useful piece of information. I am glad that I was able to remove this Trojan after the 5th try searching google. thanks for assistance.