Agentdoc.c
Agentdoc.c is a Trojan that installs malicious software on your PC, without your consent. Rootkit-based techniques help Agentdoc.c avoid detection, although an initial Agentdoc.c attack may begin with the appearance of a Word document written in Chinese or Japanese. Agentdoc.c infections can record keystrokes and run whenever Windows starts. As a serious threat to both your privacy and your computer's security, you should delete Agentdoc.c with an anti-malware application, whenever you think Agentdoc.c might be on your PC.
The Invisible Agentdoc.c Threat
Although Agentdoc.c is an infection that was first seen in 2006 and may be incapable of infecting the recent operating systems, Agentdoc.c uses surprisingly sophisticated techniques to harm your computer. Agentdoc.c has been confirmed to attack Windows operating systems ranging from Windows 95 up to Windows XP, and can still present a dangerous hazard to PC security.
As a Trojan, Agentdoc.c's main purpose is to download and install other malicious applications onto your computer. However, most Agentdoc.c infections can escape notice, by using rootkit-based techniques to hide themselves. Agentdoc.c will run as a service whenever Windows starts, but you may not see any Agentdoc.c memory processes, or other observable signs of Agentdoc.c being active. This rootkit-based evasion can also hide Agentdoc.c's Windows Registry entries.
If you do manage to see an Agentdoc.c file, this file may use an icon similar to one that's used for standard Word documents. The icon in use doesn't necessarily determine the file type of the Agentdoc.c file.
Agentdoc.c's Keyboard-Spying Misadventures
Besides using rootkit components, Agentdoc.c will also install a keylogger. Keyloggers can record keyboard-based information such as keystrokes, usually in an attempt to gather passwords and other personal information. This information is stored on your PC in a local file, before Agentdoc.c sends it out to a remote criminal.
Agentdoc.c may also download and install other harmful programs, and uses .dll files to complicate Agentdoc.c's removal. Removing Agentdoc.c you should use a trusted anti-virus program when such a program is available, with full threat database updates to insure that all threats are detected. Using Safe Mode may also help you delete Agentdoc.c threats. If you delete Agentdoc.c manually, you may find your PC subjected to other errors, while partial Agentdoc.c components are still on your hard drive.
Given the continuous activity and monitoring of Agentdoc.c, you should consider all private data on an infected computer to be vulnerable, until you've verified that Agentdoc.c is deleted.
File System Modifications
- The following files were created in the system:
# File Name 1 dbacf.exe 2 icesword.exe 3 nbsanovj.dll 4 nbsanovj.drv 5 nbsanovj.sys 6 nbsanovj.tmp
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NBSANOVJHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Sens\Parameters\ServiceDll=%System%\nbsanovj.dllHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nbsanovjHKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_NBSANOVJHKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\nbsanovjHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NBSANOVJHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sens\Parameters\ServiceDll=%System%\nbsanovj.dllHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nbsanovj
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.