Trojan.AgentMB.VB
Trojan.AgentMB.VB is a mischievous computer trojan that enters your computer system without your knowledge through vulnerabilities or security program exploits. Trojan.AgentMB.VB is able to steal the private details and personal information such as bank details, passport details, credit card number etc. Trojan.AgentMB.VB usually blocks the Internet users from visiting legitimate websites and reroutes them to visit corrupt websites. By capturing most of the system resources, Trojan.AgentMB.VB can make your computer work slowly and ineffectively. Trojan.AgentMB.VB disguises itself so deeply in the background of the computer; that's why it becomes very difficult for the anti-virus software to detect and remove it. Remove Trojan.AgentMB.VB immediately from the computer system in order to keep your system free of virus.
File System Modifications
- The following files were created in the system:
# File Name 1 %ProgramFiles%\Messenger\Messenger.exe 2 %ProgramFiles%\microsoft frontpage\microsoft frontpage.exe 3 %ProgramFiles%\Movie Maker\Movie Maker.exe 4 %ProgramFiles%\MSN Gaming Zone\MSN Gaming Zone.exe 5 %ProgramFiles%\MSN\MSN.exe 6 %ProgramFiles%\NetMeeting\NetMeeting.exe 7 %ProgramFiles%\Online Services\Online Services.exe 8 %ProgramFiles%\Outlook Express\Outlook Express.exe 9 %ProgramFiles%\Program Files.exe 10 %ProgramFiles%\Uninstall Information\Uninstall Information.exe 11 %ProgramFiles%\Web Publish\Web Publish.exe 12 %ProgramFiles%\Windows Media Player\Windows Media Player.exe 13 %ProgramFiles%\Windows NT\Windows NT.exe 14 %ProgramFiles%\WindowsUpdate\WindowsUpdate.exe 15 %ProgramFiles%\WinPcap\WinPcap.exe 16 %ProgramFiles%\xerox\xerox.exe 17 %Windir%\addins\addins.exe 18 %Windir%\AppPatch\AppPatch.exe 19 %Windir%\assembly\assembly.exe 20 c:\RECYCLER\RECYCLER.exe 21 c:\RECYCLER\S-1-5-21-606747145-764733703-839522115-1003\S-1-5-21-606747145-764733703-839522115-1003.exe 22 c:\System\System.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\Boot file systemHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\BrowserHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\CryptSvcHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\DcomLaunchHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\DhcpHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\DnsCacheHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\EventLogHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\File systemHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\FilterHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\HelpSvcHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\LanmanServerHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\LanmanWorkstationHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\LmHostsHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\MessengerHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\NDISHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\NDIS WrapperHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\NdisuioHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\NetBIOSHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\dmadminHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\dmboot.sysHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\dmio.sysHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\dmload.sysHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\dmserverHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\ip6fw.sysHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\ipnat.sys
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.