W32.Extrat
W32.Extrat is a worm that proliferates by creating copies of itself on removable drives and P2P file-sharing networks. W32.Extrat opens a back door on the infected computer system and steals information from the victim. W32.Extrat is connected with the remote access tools (RATs) called 'Spy-Net RAT' and 'Xtreme RAT'. When activated, W32.Extrat creates the particular file on the affected PC. W32.Extrat then creates the specific registry entry so that it can launch automatically whenever you boot up Windows. W32.Extrat enables cybercriminals to connect to a control server on TCP, create an HTTP proxy, log keystrokes, and make other harmful activities. W32.Extrat may embed itself into 'iexplore.exe', or any other process, which can be customized. W32.Extrat then proliferates further by creating copies of itself onto shared folders.
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %Windir%\installdir\server.exe |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.