How to remove worm W32.Koobface.C ?


Computer worm W32.Koobface.C passes or downloaded through compromised Twitter account. Once executed the computer worm searches for cookies related to social networking sites, if found it modifies settings to add malicious site links in users profile. This computer worm is getting into the system in the form of Video codec by displaying fake alert message to install missing Video Codec. Then worm connects to remote site and notify attacker about new installation.

How to remove worm W32.Koobface.C ?

1. Perform standard procedure for virus removal
** Standard procedure for virus removal.

2. Delete these registry values added by the worm.
** How to edit registry ?

KEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"systwtray" = "%Windir%\twitty[TWO DIGIT NUMBER].exe"


Source: http://www.symantec.com/norton/security_response/writeup.jsp?docid=2009-071514-3245-99&tabid=1

Share/Bookmark
Ebugg-ed
Labels: , ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

About This Site

Ebugg-i help you to learn and discover new technology, news, reviews, Tutorials, how to, threat alerts and other security
information, Network Testing tools. - www.mydigg.in

Our sites
http://network-speed.com
http://imygs.com

Blog Archive