Net-Worm.Koobface!sd6
Net-Worm.Koobface!sd6 is a computer worm which contains characteristics of the W32.Koobface.B Worm which uses popular social networks to spread. The Koobface Worm is very deceptive and clever because it users ordinarily trustworthy messages left by "friends" on social networking sites. Once Koobface begins to run, it configures itself to run automatically whenever the system starts, checks for MySpace (Facebook, Twitter) cookies, and then if it finds them, modifies your profile by adding links to malevolent sites that contain the worm. Avoid clicking on funny video links from unknown MySpace, Twitter or Facebook users. Use updated anti-malware software to remove this worm from your system immediately once detected.
Aliases
Net-Worm.Win32.Koobface.cr (Kaspersky Lab)
W32/Koobfa-Gen (Sophos)
Win32/Koobface.worm.26112.N (AhnLab)
W32/Koobfa-Gen (Sophos)
Win32/Koobface.worm.26112.N (AhnLab)
File System Modifications
- The following files were created in the system:
# File Name 1 %Windir%\bolivar30.exe 2 %Windir%\fm123.dat
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/xhtml+xml]HKEY..\..\..\..{RegistryKeys}[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating\.Current][HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating\.Default][HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.