WORM_KOOBFACE.IT
WORM_KOOBFACE.IT uses social engineering methods to lure users to perform certain actions for malicious purposes. WORM_KOOBFACE.IT uses Facebook and a fake YouTube page as platforms to spread. WORM_KOOBFACE.IT is dropped by other malware or may be downloaded unknowingly by a user when visiting malicious websites. WORM_KOOBFACE.IT drops a copy of itself and connects to certain URLs to send system information and receive commands. Once connected to the servers, the hackers may perform commands on the affected machine. The received commands may include downloading of other malicious files from the remote server. Remove WORM_KOOBFACE.IT using a reliable anti-virus program before it wreaks havoc on your system.
File System Modifications
- The following files were created in the system:
# File Name 1 %Windows%\bill102.exe 2 %Windows%\bk23567.dat
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\HKEY..\..\..\..{RegistryKeys}Windows\CURRENTVERSION\Runsysfbtray = "%Windows%\bill102.exe"
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.