Remove Feebs.j. Description and removal instructions
Once executed, Feebs.j silently installs itself to the system and runs a spreading routine. The worm sends malicious letters to all the addresses it finds on the compromised computer. It also creates infected files with meaningful names in shared folders of installed peer-to-peer programs. The parasite's payload is comprised of several harmful functions. Feebs.j collects user sensitive information including various passwords, account details and e-mail addresses, and transfers it to the attacker. The worm terminates running antiviruses, firewalls and other security-related programs and prevents them from running on system startup. It also cripples and disables most system services and shuts down the Windows Firewall. Furthermore, Feebs.j may run a hidden web server used to spread the infection. The parasite uses an integrated rootkit component, which injects malicious code into all active processes in order to hide the worm's files and registry entries. Feebs.j automatically runs on every Windows startup. Feebs.j properties: • Sends out logs by FTP or email • Connects itself to the internet • Hides from the user • Stays resident in background Automatic Feebs.j removal:remover for Feebs.j
Feebs.j manual removal:Kill processes:ms[X1].exe, userinit.exe Delete registry values: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\[filename] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CD5AC91B-AE7B-E83A-0C4C-E616075972F3} HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\mal HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\web HKEY_CURRENT_USER\Software\Policies\Microsoft\WindowsFirewall\DomainProfile\EnableFirewall=0 HKEY_CURRENT_USER\Software\Policies\Microsoft\WindowsFirewall\StandardProfile\EnableFirewall=0 HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\EnableFirewall=0 HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\EnableFirewall=0 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS[X4] Delete files: ms[X1].exe, userinit.exe, ms[X2]32.dll, ms[X3] Misc: [X1], [X2], [X3] and [X4] are four different strings comprised of random characters. Filenames may vary. Feebs.j creates randomly named registry keys. Exact file location: userinit.exe - C:\Recycled ms[X1].exe, ms[X2]32.dll, ms[X3] - C:\Windows\System, C:\Windows\System32 or C:\Winnt\System32 Other programs to remove Feebs.j:• Malwarebytes Anti Malware - Review - Download• Malwarebytes Anti Malware - Review - Download • Windows Defender - Review - Download Information added: 17/01/06 Information updated: 17/01/06 Additional resources related to Feebs.j:Attention: If you know or you have a website or page about Feebs.j removal, feel free to add a link to this list: add url
more resources Post Comment:Attention: Use this form only if you have additional information about Feebs.j parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
|
Latest spyware news:
 Rogue security applications impersonate leading anti-virus manufacturers Attack of Waledac Worm is schedulled on July 4 Another Parasite Attack Spreads Via Twitter Free security product vets Twitter links Mac trojan targets game sites to infect users Security Threat at Fanny Mae Some web sites to avoid for today British Government will track all e-mail's YOUR SISTER NAKED LOLZ com “intervalhehehe” popupSubscribe to news 
Similar parasites:
|
FORUM:
HELP:
