Worm:Win32/Vobfus.AD
Worm:Win32/Vobfus.AD is a malicious computer worm that creates autorun.inf to allow secret drives autoplay. Worm:Win32/Vobfus.AD is able to slow down your system and make it work weirdly. Worm:Win32/Vobfus.AD tries to copy itself via networks or security tools vulnerability. Worm:Win32/Vobfus.AD will try to propagate by sending a link that involves a malicious download to all the users email contacts. Worm:Win32/Vobfus.AD is one of the Windows illegitimate malicious programs which may take over system resources.
File System Modifications
- The following files were created in the system:
# File Name 1 %Temp%\winfkjk.exe 2 %UserProfile%\buoufo.exe 3 c:\autorun.inf 4 c:\tymrtg.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\ApcrmkehHKEY_CURRENT_USER\Software\Apcrmkeh\-72398023HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]UacDisableNotify = 0x00000001HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AMSINT32HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AMSINT32\0000HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_IPFILTERDRIVERHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_IPFILTERDRIVER\0000HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amsint32HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amsint32\Security
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.