Net-Worm.Win32.Koobface.eyf
Net-Worm.Win32.Koobface.eyf is a complex network-aware worm that spreads by replicating across existing networks. Net-Worm.Win32.Koobface.eyf can hijack the web browser to change the homepage, and also has the ability to change security settings on the PC. The Net-Worm.Win32.Koobface.eyf infection is accompanied by a variety of threats which include a program that downloads files to the local computer and a keylogger program that can capture all user keystrokes. Net-Worm.Win32.Koobface.eyf also produces a code with rootkit-specific techniques designed to hide malicious software in the system, and a hacktool for hackers to access the PC. Use a proven malware remover to remove all the threats associated with Net-Worm.Win32.Koobface.eyf.
File System Modifications
- The following files were created in the system:
# File Name 1 %ProgramFiles%\captcha.dll 2 %ProgramFiles%\webserver\webserver.exe 3 %System%\drivers\fio32.sys 4 %System%\fio32.dll 5 %Temp%\129406.jpg 6 %Temp%\zpskon_1265782585.exe 7 %Temp%\zpskon_1265791546.exe 8 %Windir%\01011201014610799.xxe 9 %Windir%\010112010146114101.xxe 10 %Windir%\01011201014650115.xxe 11 %Windir%\bk23567.dat 12 %Windir%\fdgg34353edfgdfdf 13 %Windir%\freddy100.exe 14 %Windir%\ld16.exe 15 %Windir%\pp14.exe 16 %Windir%\rdr_1265780342.exe 17 %Windir%\rdr_1265780353.exe 18 %Windir%\rdr_1265780433.exe 19 %Windir%\rdr_1265780445.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceCurrent][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceCurrent]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.