Remove the AdKoob Malware — a Facebook Stealing Hybrid Trojan/Hjacker Virus

The AdKoob malware is a hybrid Trojan and hijacker virus which has recently been discovered in a global attack campaign. It is distributed using various methods and features many modules that are executed following the infection. Our article gives a detailed overview of the infection process and a full removal guide on deleting the AdKoob malware and restoring the victim computers.

Threat Summary

TypeBrowser Hijacker, Trojan
Short DescriptionThe AdKoop malware features an extensive list of modules that are configured to steal user data and modifying sensitive system settings.
SymptomsThe victims may not experience any apparent symptoms of infection.
Distribution MethodFreeware Installations, Bundled Packages, Scripts and others.
Detection Tool See If Your System Has Been Affected by AdKoob

Malware Removal Tool

User ExperienceJoin Our Forum to Discuss AdKoob.

AdKoob Malware – Distribution Methods

The research into the AdKoob malware began when security experts detected suspicious behavior of a legitimate Windows binary file (svchost.exe). During the investigation the experts were able to identify a new threat resulting in AdKoob’s discovery. This clearly shows that there is an advanced delivery method used to spread the initial payloads leading to the infection. There are several possible scenarios how this can be achieved.

The first method is the coordination of SPAM email campaigns that utilize various phishing techniques. A typical message includes design elements taken from famous companies or Internet services attempting to coerce the victim uses into interacting with the malicous element. The AdKoob malware payload file can be either attached or linked in the body contents.

The other strategy is to create fake download sites that are used to host the malicious instances. Usually virus files that contain the AdKoob malware come under the form of infected payloads. Two main types are the following:

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | authored by Martin Beltov. Read the original post at: