Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
29 entries found. Displaying page 1 of 2.
Updated on Mar 03, 2009
Windows Defender Antivirus detects and removes this threat.
 
Win32/Koobface is a multi-component family of malware used to compromise machines and direct them in various ways at the attacker's will.
This could include using the affected machine to distribute additional malware, generate 'pay per click' advertising revenue, steal sensitive data, break captchas, and subvert the affected user's online experience.
Its components are varied, but include a worm that spreads by utilizing social networking sites such as Facebook and MySpace.
 
Alert level: severe
Updated on May 22, 2009
TrojanProxy:Win32/Koobface.gen!B is a generic detection for the proxy component of the Win32/Koobface family. It creates a proxy on an infected machine to redirect the users' Web browser.
Alert level: severe
Updated on Aug 20, 2009
TrojanProxy:Win32/Koobface.gen!F is a generic detection for the proxy component of the Win32/Koobface family. It creates a proxy on an infected machine to redirect the users' Web browser.
Alert level: severe
Updated on Sep 17, 2009
VirTool:WinNT/Koobface.B is a detection for the device driver component used by other malware to monitor and redirect network connections.
Alert level: severe
Updated on Nov 20, 2009
TrojanProxy:Win32/Koobface.gen!G is the generic detection for a DLL component of the Win32/Koobface family. It is installed as a system service and redirects the browser to an attacker-controlled server when certain legitimate Web sites are accessed.
Alert level: severe
Updated on Mar 12, 2010
VirTool:Win32/VBInject.DR is a detection for obfuscated Visual Basic compiled malicious code. The malicious code or file is usually encrypted and/or compressed, and is decrypted and decoded before it is injected into a process or dropped and executed.
Alert level: severe
Updated on Mar 19, 2010
Trojan:Win32/Oficla.M is a trojan that attempts to inject code into a running process to download a rogue security program identified as TrojanDownloader:Win32/FakeScanti. It may arrive as a spammed e-mail attachment to a message pretending to be a Facebook password reset.
Alert level: severe
Updated on Apr 26, 2010
TrojanProxy:Win32/Koobface.gen!J is the generic detection for a DLL component of the Win32/Koobface family. It is installed as a system service and redirects the browser to an attacker-controlled server when certain legitimate Web sites are accessed.
Alert level: severe
Updated on Apr 26, 2010
TrojanProxy:Win32/Koobface.gen!K is the generic detection for a DLL component of the Win32/Koobface family. It is installed as a system service and redirects the browser to an attacker-controlled server when certain legitimate Web sites are accessed.
Alert level: severe
Updated on Apr 28, 2010
VirTool:WinNT/Koobface.gen!E is a generic detection of a kernel-mode device driver component used by other malware to intercept and manipulate DNS queries, TCP/UDP connections, and other traffic. The malware can redirect DNS results and block network connections and traffic.
Alert level: severe
Updated on Aug 29, 2010
TrojanDropper:Win32/Koobface.N is the detection for the malware dropper component of certain members of the Win32/Koobface family. It drops and installs the proxy and driver components.
Alert level: severe
Updated on Sep 05, 2010
VirTool:WinNT/Koobface.gen!F is a detection for a driver component that is used by other malware to redirect TCP connections to specified addresses.
Alert level: severe
Updated on Nov 16, 2010
VirTool:WinNT/Koobface.P is a device driver used by variants of Win32/Koobface to divert web traffic to a web search hijacker component.
Alert level: severe
Updated on Nov 18, 2010
TrojanProxy:Win32/Koobface.AL is a trojan that hijacks web search results. When users click on a result, they are diverted to a third-party search engine that may not display correct search results.
Alert level: severe
Updated on Jan 28, 2011
Worm:Win32/Koobface.gen!G is a generic detection for various components used by the Win32/Koobface family. This malware family spreads via social networking sites and may download and install arbitrary files. Some of its components hijack web searches to generate pay-per-click revenue, install additional malware such as rogue security software, and may also steal sensitive information. Its components are varied, but include a worm that spreads by utilizing social networking sites such as Facebook and MySpace.
Alert level: severe
Updated on Aug 08, 2008
Worm:Win32/Koobface.A is a worm that may spread when a user logs into their profile account on the Internet social network sites 'MySpace' or 'Facebook'.
Alert level: severe
Updated on Feb 03, 2009
Worm:Win32/Koobface.I is a worm that spreads via Facebook, Friendster, and other social networking Web sites.
Alert level: severe
Updated on Mar 03, 2009
Worm:Win32/Koobface.gen!A is a generic detection for a worm spreads when a user logs into their profile account on the Internet social network sites 'MySpace', 'Facebook' and others.
Alert level: severe
Updated on Jun 30, 2009
Worm:Win32/Koobface.gen!C is a generic detection for worms that spread via social networking sites such as Facebook and MySpace.
Alert level: severe
Updated on Dec 15, 2009
Microsoft security software detects and removes this worm.
 
Worm:Win32/Koobface is a worm that spreads by posting messages, containing a link to the worm, to the pages of other contacts on social network sites such as Facebook.com.
The worm can download and run other malware that could include updates of the worm.
The worm can also display pop-up messages or windows that attempt to lure users to install rogue security software.
 
Alert level: severe