|
|
Remove Feebs |
|
Feebs is a worm that spreads through file sharing networks using popular peer-to-peer clients. Once executed, the parasite installs itself to the system and runs a spreading routine. It creates infected files with meaningful names in all shared folders it finds in the compromised system. Then it runs a payload. Feebs terminates running antiviruses, firewalls, anti-trojan tools and other security-related programs and prevents them from loading on next system startup. The worm also disables the Windows Firewall and deletes few system files. In some cases it may collect certain passwords, account details and e-mail addresses. Feebs automatically runs on every Windows startup. Feebs manual removal:Kill processes:command.exe, ms[X].exe, ms[X]32.exe, web.exe, websetup.exe Delete registry values: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ms[X] HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\EnableFirewall=0 HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\EnableFirewall=0 HKEY_CURRENT_USER\Software\Policies\Microsoft\WindowsFirewall\DomainProfile\EnableFirewall=0 HKEY_CURRENT_USER\Software\Policies\Microsoft\WindowsFirewall\StandardProfile\EnableFirewall=0 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\web=[site address] Delete files: command.exe, ms[X].exe, ms[X]32.exe, web.exe, websetup.exe Misc: [X] is a set of random characters. [site address] is an address of a web site on the popcapfree.t35.com domain. Exact file location: command.exe, web.exe - C: ms[X].exe, ms[X]32.exe - C:\Windows\System, C:\Windows\System32 or C:\Winnt\System32 websetup.exe - inside Zip archives that the worm distributes through file sharing networks
|
|
||||||
Previous: Feebs.b Next: Fear Trojan |
|||||||
| | 1-9 | O | P | Q | R | S | T | U | V | W | X | Y | N | M | L | A | B | C | D | E | F | G | H | I | J | K | Z | |||||||
Copyright ©
SpywareDot 2004-2009| Spyware Removal. All rights reserved. |
|||||||