msvbdll.pif - Dangerous
msvbdll.pif
Manual removal instructions:
Antivirus Report of msvbdll.pif:
msvbdll.pif
Worm W32.Aimdes.A@mm.
MsVBdll spreads via e0mail and AOL Instant Messenger.
Adds the value:
"MsVBdll" = "%Windir%\MsVBdll.pif"
to the Windows startup registry keys.
Adds the registry entries:
"FirewallDisableNotify" = "1"
"UpdatesDisableNotify" = "1"
"AntiVirusDisableNotify" = "1"
to the following registry keys
HKEY_CURRENT_USER\Software\Microsoft\security center
HKEY_LOCAL_MACHINE\Software\Microsoft\security center
to lower computer security.
MsVBdll adds:
"DisableTaskMgr" = "1"
"DisableRegistryTools" = "1"
to the registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\
Policies\System
to disable access to the Windows Task Manager and registry editing tools.
MsVBdll adds the registry entry:
"NoAutoUpdate" = "1"
to the registry key
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU
to disable Windows Update.
MsVBdll deletes the following registry key if present:
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\
CurrentVersion\Run\"Windows" = "Auto Update.exe"
MsVBdll tries to copy itself to:
A:\homework.exe
Kills the system processes:
* svchost.exe
* lsass.exe
It will break network connections.
| msvbdll.pif | Malware |
| msvbdll.pif | Dangerous |
| msvbdll.pif | High Risk |
MsVBdll spreads via e0mail and AOL Instant Messenger.
Adds the value:
"MsVBdll" = "%Windir%\MsVBdll.pif"
to the Windows startup registry keys.
Adds the registry entries:
"FirewallDisableNotify" = "1"
"UpdatesDisableNotify" = "1"
"AntiVirusDisableNotify" = "1"
to the following registry keys
HKEY_CURRENT_USER\Software\Microsoft\security center
HKEY_LOCAL_MACHINE\Software\Microsoft\security center
to lower computer security.
MsVBdll adds:
"DisableTaskMgr" = "1"
"DisableRegistryTools" = "1"
to the registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\
Policies\System
to disable access to the Windows Task Manager and registry editing tools.
MsVBdll adds the registry entry:
"NoAutoUpdate" = "1"
to the registry key
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU
to disable Windows Update.
MsVBdll deletes the following registry key if present:
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\
CurrentVersion\Run\"Windows" = "Auto Update.exe"
MsVBdll tries to copy itself to:
A:\homework.exe
Kills the system processes:
* svchost.exe
* lsass.exe
It will break network connections.
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.