COOKIE_REVSCI
Windows 2000, Windows XP, Windows Server 2003
Threat Type: Adware
Destructiveness: No
Encrypted: No
In the wild: Yes
OVERVIEW
Cookies may also be used by malware to gather information related to site preferences, sessions or other computer activities. For example, WORM_KOOBFACE makes use of cookies related to social networking sites, such as Facebook and Twitter, to allow the malware to post malicious links using the affected user's account credentials.
TECHNICAL DETAILS
Varies
No
30 Mar 2011
NOTES:
This tracking cookie arrives on a system as a dowloaded file from the Internet when a affected user visits the website, http://{BLOCKED}ci.net.
Note that tracking cookies (also known as data miners) are cookies used by two or more Web sites to track the affected user's Web browsing habits and display advertisement or other material the users might be interested in. Similar to adware, tracking cookies collect user information for third-party recipients.
Cookies may also be used by malware to gather information related to site preferences, sessions or other computer activities. For example, WORM_KOOBFACE makes use of cookies related to social networking sites, such as Facebook and Twitter, to allow the malware to post malicious links using the affected user's account credentials.
SOLUTION
8.900
Step 1
For Windows XP and Windows Server 2003 users, before doing any scans, please make sure you disable System Restore to allow full scanning of your computer.
Step 2
Scan your computer with your Trend Micro product to delete files detected as COOKIE_REVSCI If the detected files have already been cleaned, deleted, or quarantined by your Trend Micro product, no further step is required. You may opt to simply delete the quarantined files. Please check this Knowledge Base page for more information.
Did this description help? Tell us how we did.