drv.sys is worm Koobface
This is a harmful program.
It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum. |
Name: drv
Filename: drv.sys
Registry key:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DRV
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\drv
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost | drv
Command: c:\program files\drv\drv.sys
Startup Type: driver, svchost
Combofix/RSIT Line:
R1 drvdrv;drvdrv;c:\program files\drv\drv.sys [7/1/2009 2:55 PM 9344]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
drv REG_MULTI_SZ drv
Description: worm Koobface also known as Win32.Agent.auoy, Trojan-Dropper.Agent
How to remove: use Malwarebytes Antimalware
Leave a Reply