Trojan.VBS.Starter.eq
Trojan.VBS.Starter.eq is a Trojan horse that hides in a local computer or network and downloads malicious files that may represent a high security risk.
Trojan.VBS.Starter.eq may also program the computer to display fake alerts in order to persuade users to purchase rogue anti-spyware programs. Trojan.VBS.Starter.eq penetrates the system without the user's knowledge or permission. Trojan.VBS.Starter.eq redirects the homepage and can easily contact a remote server to download other harmful parasites onto the infected computer from corrupt webisites. Other symptoms for Trojan.VBS.Starter.eq include the computer screen flipping upside down or inverting and documents or messages printing by themselves. For the safety of your computer, Trojan.VBS.Starter.eq should be removed immediately.
File System Modifications
- The following files were created in the system:
# File Name 1 %System%\WinH11.exe 2 %System%\WinH12.exe 3 %Temp%\RarSFX0\ser.vbs 4 %Temp%\RarSFX0\Ser11.exe 5 %Temp%\RarSFX0\Ser12.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows Script HostHKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\SettingHKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINHE11HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINHE11\0000HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINHELP12HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINHELP12\0000HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinHe11HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinHe11\SecurityHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinHelp12HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinHelp12\SecurityHKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINHE11HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINHE11\0000HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINHELP12HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINHELP12\0000HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WinHe11HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WinHe11\SecurityHKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WinHelp12HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WinHelp12\Security
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.