Troj/Agent-MSB

Category: Viruses and Spyware Protection available since:15 Mar 2010 21:45:39 (GMT)
Type: Trojan Last Updated:15 Mar 2010 21:45:39 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Agent-MSB is a Trojan for the Windows platform.

Troj/Agent-MSB includes functionality to:

- run automatically
- create files in the <System> folder
- access the internet and communicate with a remote server via HTTP

Troj/Agent-MSB communicates via HTTP with the following locations:

checkwebspeed . net
imagehut4 . cn


When Troj/Agent-MSB is installed the following files are created:

<User>xplore.exe
<System>\exts4.exe

The following registry entry is set:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
Run
BKVXVML

Registry entries are created under:

HKLM\SOFTWARE\zpppmcegc
HKLM\SOFTWARE
HKCU\Software\zpppmcegc
HKCU\Software

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy