Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


koobface and andy144.exe

  • Please log in to reply
No replies to this topic

#1 Jayson201


  • Members
  • 208 posts
  • Gender:Male
  • Local time:07:26 PM

Posted 30 November 2010 - 01:56 PM

So, I was bored and decided to ... "stalk" my friends wall (I'm in love with the girl, I cant help but look at her facebook page...Im creepy...)
Somebody had posted a link, I instinctively had said to myself "Bull, It's gotta be an attempt to infect me with malware"
A I had said, I was bored. and I haven't had an infection on my laptop in, literally, months.
So I went to the website, and there was a "youtube video" (I instantly knew it was fake.) and then it said I needed to update my flashplayer, and a download window popped up. Again, I had instinctively smelled BS.
You're going to call me either stupid, inconsiderate, or ignorant, but....
I decided to download the fake flashplayer update.
I ran the "update" and my laptops screen shut off, and the hard drive slowed down, almost as if it had turned off too.
So I turned off my laptop, and restarted it. As soon as I logged in, Malwarebytes and Microsoft Security instantly nailed the koobface worm. I let Microsoft remove it first. Microsoft deserves more glory than its getting ;)
After removing the koobface worm/trojan
(Mbam called it a worm, Microsoft called it a trojan...Trojans and worms arent too far apart in definition, if I remember correctly)
MSE informed me of andy144.exe. I googled it, and found nothing on andy144.exe so I sent it into Microsoft, like MSE asked me to do.
Im 100% sure if it's malicious and 75% sure it's still on my laptop.
I'm going to do a scan with both MSE and Mbam.....
In the meantime, I'd like to know what kind of damage the koobface worm and the andy***.exe strains do. (* being any number, in my case 144)

I would have posted this somewhere else, but this part of the forum is the most on topic part for me to ask.
Please and thank you.


I did the scan with Mbam, 6 found, All KoobFace. 4 were worms, and 2 were traces. Turns out Andy144.exe is an extension of koobface.
Still don't know why koobface is so significant, All I know is that people are complaining about it.

Edited by ComputerTalk-Jayson, 30 November 2010 - 03:13 PM.

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users