Max Secure Software: Encyclopedia

Home / Spyware Encyclopedia / IM.VB << Back

Recommendation to Automatically remove IM.VB

Our products can remove IM.VB and thousands of other Virus and Spyware automatically and instantly.

IM.VB Details

Category IM
Discovered 2/9/2009 1:45:33 PM
Modified 7/14/2023 12:15:34 PM
Threat Level High
Category Description
A threat that is capable to cause Denial-Of-Service attacks against other instant messenger client systems.

The following Files were created:

VALUE	FILESIZE	COMPANYNAME	VERSION	SIGNATURE
8827BF6D.EXE	1052672	ghostin	1.00	86bc814bc2a0141b93e8de14e8def1b5
D344C3E4.EXE	1056768	ghostin	1.00	4c65b77be0b9ddcdf23b790ee4e242ce
F2018ACF.EXE	1056768	ghostin	1.00	42b4a519dcde037f7aece646b386e63c
Trojan-Dropper.Win32.StealthBat.exe	114688	Faceless Wonder	1.0.0.0	29e33f2b38dbdee462a8af706cd9870e
5E94B588.EXE	163880	America Online	1.0.0.0	ad39a11496c4cc2a3e84a09c1c518eca
E108D377.EXE	109126	America Online	1.0.0.0	96b68f79efcab285fabbbad3c952d95d
E2C07C30.EXE	163880	America Online	1.0.0.0	7bfc3571cf878d4d9544db7d8a717a8e
E2D5F6C2.EXE	289456		1.0.0.0	728fdcbd9eee0f4bf5b9b875673c6a7e
2A89C477.EXE	29676		1.0.0.0	5fb22af612ac44501090073865fc11d2
wsys.dll	49153			f55a09473bb1c5b7c33d19574adbb4dd

The following Registry Entries were created:

..\Software\Microsoft\Mrv3\(Default)

..\Software\Microsoft\Windows\CurrentVersion\Run\\"wsys"\"%PF%\STARo\wsys.exe"

..\Software\Microsoft\Windows\CurrentVersion\Run\\"Windows Spooler"\"%ROOT%\WINNT\spooler.exe"

..\Software\Microsoft\Windows\CurrentVersion\Run\\"Services"\"%WIN%\svchost.exe"

..\Software\Microsoft\Windows\CurrentVersion\Run\\"RunWin32"\"%WIN.SYS32%\RunWin32.exe"

..\Software\Microsoft\Msdrv\(Default)

..\Software\Microsoft\Active Setup\Installed Components\{F146C9B1-VMVQ-A9RC-NUFL-D0BA00B4E2851929}\(Default)

..\Software\Microsoft\Active Setup\Installed Components\{Y479C6D0-OTRW-U5GH-S1EE-E0AC10B4E9941929}\(Default)

..\Software\surfsidekick2\(Default)

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Recommendation to Automatically remove IM.VB

IM.VB Details

Useful Links