Technical details:
Categories: Spyware
Employee.Watcher Folders:
c:\windowsupdate\ufp\ew7
Employee.Watcher Registry Keys:
HKEY_CLASSES_ROOT\clsid\{0468c950-83e2-11d3-be51-00c0dfc2e32c}
HKEY_CLASSES_ROOT\clsid\{22b4c8f5-a686-42cc-8224-e4817445109f}
HKEY_CLASSES_ROOT\clsid\{8b8bb3a2-8576-11d3-be51-00c0dfc2e32c}
HKEY_CLASSES_ROOT\clsid\{de5c2449-65d5-4413-bfcf-6bfcdf294665}
HKEY_CLASSES_ROOT\interface\{0468c94f-83e2-11d3-be51-00c0dfc2e32c}
HKEY_CLASSES_ROOT\interface\{0468c951-83e2-11d3-be51-00c0dfc2e32c}
HKEY_CLASSES_ROOT\interface\{3e3621c0-8635-11d3-be51-00c0dfc2e32c}
HKEY_CLASSES_ROOT\interface\{8b8bb3a1-8576-11d3-be51-00c0dfc2e32c}
HKEY_CLASSES_ROOT\interface\{8b8bb3a3-8576-11d3-be51-00c0dfc2e32c}
HKEY_CLASSES_ROOT\interface\{ab14f05e-4c1d-49dc-8bd5-9e6b510b3eba}
HKEY_CLASSES_ROOT\interface\{b78b0e98-0431-4a6b-8c3d-f240fe8725f5}
HKEY_CLASSES_ROOT\interface\{d937a3c0-8634-11d3-be51-00c0dfc2e32c}
HKEY_CLASSES_ROOT\interface\{f7c1a3fa-c511-488a-b583-4f153b9368c4}
HKEY_CLASSES_ROOT\typelib\{0468c933-83e2-11d3-be51-00c0dfc2e32c}
HKEY_CLASSES_ROOT\typelib\{0468c941-83e2-11d3-be51-00c0dfc2e32c}
HKEY_CLASSES_ROOT\typelib\{1faa49c4-16b7-4d28-8930-31be1810d943}
Employee.Watcher Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
Employee.Watcher indications of infection
This symptoms of Employee.Watcher detection are the files, registry, and network communication referenced in the technical details section.Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.
Also Be Aware of the Following Threats:
Fucoudbg Trojan Cleaner
SillyDl.CGI Trojan Cleaner
Removing SubSeven.Stop RAT
Pigeon.BBV Trojan Cleaner
Remove Brave Sentry Ransomware
No comments:
Post a Comment