Worm Kassbot, also known as Nanspy, spreads in local area networks. It infects PCs running vulnerable Windows version with unpatched security holes. Kassbot modifies essential computer settings to block access to certain web sites. It contacts predefined web servers to receive commands from the attacker and download updates. It also compromises other vulnerable network PCs. Kassbot is relatively easy to remove. It depends on a single executable located in the default computer folder and one registry entry.
File System Modifications
- The following files were created in the system:
# File Name 1 mmsvc32.exe
- The following newly produced Registry Values are:
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to Kassbot may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.