Win32.MoonPie
Title: Win32.MoonPie
Also Known as: Win32.MoonPie, Win32MoonPie, MoonPie
Severity scale:
The author of pleasant sounding spyware program, Win32.MoonPie, is Simon Moon. He proudly named all of his infections after himself. As pleasant as these programs sound, they are nothing but trouble for your system. Created in June of 2001, Win32.MoonPie will make its way into your system through various shareware and freeware programs. It may also attempt to infiltrate through a massive spam e-mail campaign. Difficult to detect by design, this contagion will run secretly because it hides its processes and files.
AKA:
Backdoor.Win32.MoonPie.03
Backdoor.MoonPie.03
BackDoor-KO
BackDoor.MoonPie.3
Troj/Moonpie-03
Trojan:Win32/Moonpie.0_3
BKDR_MOONPIE.03
BDC/MoonPie.03.Cli
Win32:Trojan-gen.
BackDoor.Moonpie
Backdoor.MoonPie.0.3
Bck/MoonPie.03
Win32/Moonpie.03
Related Files:
editserver.exe
moonpie.exe
moonpie.nfo
readme.txt
server.exe
writetag.exe
editserver.exe
moonpie.exe
server.exe
writetag.exe
%RECYCLER%]\autorun.exe
[%SYSTEM%]\autorun3.exe
[%SYSTEM%]\KOfcpfwSvcs.exe
[%SYSTEM%]\OfcpfwSvcs.exe
[%DESKTOP%]\My Lockbox.lnk
[%PROGRAM_FILES%]\xerox\folderlockbox.exe
[%SYSTEM%]\drivers\mprifl.sys
[%SYSTEM%]\drivers\Yrfzvmec.sys
[%SYSTEM%]\Xubkmwau.d1l
[%SYSTEM%]\Xubkmwau.sys
[%SYSTEM%]\Yrfzvmec.d1l
Category:
Backdoor Trojan
Recommended Action:
Remove at once.
Manual removing can be painstaking and complicated. However, if you choose to do it, the process requires that you stop all of the running processes that are running in memory. This can be done from Task Manager. Then delete the registry values and remaining files related to the program. If you want to save yourself the headache, SpyZooka is a safer option. SpyZooka can eliminate all spyware hidden on your PC and its proprietary system can keep you protected from here on out.
It is so good to read things like this. Thanks to this post I was able to get rid of Win32.MoonPie. Great job!