Is your computer infected with Trojan.AgentMB.VB? This step-by-step guide can help you safely and quickly remove Trojan.AgentMB.VB. If you have any problem during the removal process, please contact Tee Support agents 24/7 online for more detailed instructions.

Trojan.AgentMB.VB Description

Trojan.AgentMB.VB is determined by Tee Support Labs as malicious worm. Trojan.AgentMB.VB is able to set the infected computer drive to autoplay by creating autorun.inf file in its root directory. If that drive is shared across the network then other remote computers can be infected if they try to access this share. What’s worse, Trojan.AgentMB.VB can create an executable file in the fake Recycle Bin folder to conceal its presence in the system. If you find your computer cannot boot in safe mode, that means your SafeBoot registry key(s) has already been infected. Trojan.AgentMB.VB is a highly dangerous worm to break up a system, once detected, Trojan.AgentMB.VB should be removed as soon as possible.

Trojan.AgentMB.VB has security threat shows in the following aspects

  1. Trojan.AgentMB.VB often infect computer without your permission at the background.
  2. Trojan.AgentMB.VB allow hacker remotely access to the computer.
  3. Trojan.AgentMB.VB can spread via network if the infected drive is shared at the network.
  4. Your antivirus software (Ikarus) may alert you to get rid of this infection Trojan.AgentMB.VB.

Trojan.AgentMB.VB Step-by-Step Removal Instructions

1)The associated processes of Trojan.AgentMB.VB to be stopped are listed below:

All Users.exe
Default User.exe
Documents and Settings.exe
LocalService.exe
NetworkService.exe
back_qxd.exe

2)The associated files of Trojan.AgentMB.VB to be deleted are listed below:

c:\Autorun.inf
%AllUsersProfile%\All Users.exe
%Profiles%\Default User\Default User.exe
%Profiles%\Documents and Settings.exe
%Profiles%\LocalService\LocalService.exe
%Profiles%\NetworkService\NetworkService.exe
%Temp%\Virus Sample\av_clients_32-bit.exe
%Temp%\Virus Sample\back_qxd.exe
%Temp%\Virus Sample\j back.exe
%Temp%\Virus Sample\Virus Sample.exe
%UserProfile%\%UserName%.exe
c:\Inetpub\Inetpub.exe
c:\Inetpub\wwwroot\wwwroot.exe
%ProgramFiles%\Adobe\Adobe.exe
%ProgramFiles%\Common Files\Common Files.exe
%ProgramFiles%\ComPlus Applications\ComPlus Applications.exe
%ProgramFiles%\Internet Explorer\Internet Explorer.exe
%ProgramFiles%\Messenger\Messenger.exe
%ProgramFiles%\microsoft frontpage\microsoft frontpage.exe
%ProgramFiles%\Movie Maker\Movie Maker.exe
%ProgramFiles%\MSN\MSN.exe
%ProgramFiles%\MSN Gaming Zone\MSN Gaming Zone.exe
%ProgramFiles%\NetMeeting\NetMeeting.exe
%ProgramFiles%\Online Services\Online Services.exe
%ProgramFiles%\Outlook Express\Outlook Express.exe
%ProgramFiles%\Program Files.exe
%ProgramFiles%\Uninstall Information\Uninstall Information.exe
%ProgramFiles%\Web Publish\Web Publish.exe
%ProgramFiles%\Windows Media Player\Windows Media Player.exe
%ProgramFiles%\Windows NT\Windows NT.exe
%ProgramFiles%\WindowsUpdate\WindowsUpdate.exe
%ProgramFiles%\WinPcap\WinPcap.exe
%ProgramFiles%\xerox\xerox.exe
c:\RECYCLER\RECYCLER.exe
c:\RECYCLER\S-1-5-21-606747145-764733703-839522115-1003\S-1-5-21-606747145-764733703-839522115-1003.exe
c:\System\System.exe
%Windir%\addins\addins.exe
%Windir%\AppPatch\AppPatch.exe
%Windir%\assembly\assembly.exe
%Windir%\Cache\Cache.exe
%Windir%\Config\Config.exe
%Windir%\Connection Wizard\Connection Wizard.exe
%Windir%\Cursors\Cursors.exe
%Windir%\Debug\Debug.exe
%DownloadedProgramFiles%\Downloaded Program Files.exe
%Windir%\Driver Cache\Driver Cache.exe
%Windir%\ehome\ehome.exe
%FontsDir%\Fonts.exe
%Windir%\Help\Help.exe
%Windir%\ime\ime.exe
%Windir%\inf\inf.exe
%Windir%\Installer\Installer.exe
%Windir%\java\java.exe
%Windir%\Media\Media.exe
%Windir%\Microsoft.NET\Microsoft.NET.exe
%Windir%\msagent\msagent.exe
%Windir%\msapps\msapps.exe
%Windir%\mui\mui.exe
%Windir%\Offline Web Pages\Offline Web Pages.exe
%Windir%\pchealth\pchealth.exe
%Windir%\PeerNet\PeerNet.exe
%Windir%\Provisioning\Provisioning.exe
%Windir%\Registration\Registration.exe
%Windir%\repair\repair.exe
%Windir%\Resources\Resources.exe
%Windir%\srchasst\srchasst.exe
%Windir%\system\system.exe
%System%\Com\LSASS.exe
%System%\system32.exe
%Windir%\Tasks\Tasks.exe
%Windir%\Temp\Temp.exe
%Windir%\twain_32\twain_32.exe
%Windir%\Web\Web.exe
%Windir%\WINDOWS.exe
%Windir%\WinSxS\WinSxS.exe
%Windir%\inf\safe.reg
%Windir%\repair\Sys
%Windir%\repair\System.vbs

3)The registry entries of Trojan.AgentMB.VBthat need to be removed are listed as follows (Take Note: Back up the Windows registry before editing it, so that you can quickly restore it later if something goes wrong.):

 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\AppMgmt
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\Base
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\Boot Bus Extender
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\Boot file system
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\CryptSvc
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\DcomLaunch
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\dmadmin
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\dmboot.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\dmio.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\dmload.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\dmserver
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\EventLog
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\File system
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\Filter
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\HelpSvc
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\Netlogon
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\PCI Configuration
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\PlugPlay
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\PNP Filter
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\Primary disk
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\RpcSs
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\SCSI Class
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\sermouse.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\sr.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\SRService
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\System Bus Extender
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\vga.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\vgasave.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\WinMgmt
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\AFD
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\AppMgmt
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\Base
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\Boot Bus Extender
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\Boot file system
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\Browser
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\CryptSvc
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\DcomLaunch
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\Dhcp
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\dmadmin
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\dmboot.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\dmio.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\dmload.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\dmserver
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\DnsCache
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\EventLog
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\File system
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\Filter
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\HelpSvc
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\ip6fw.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\ipnat.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\LanmanServer
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\LanmanWorkstation
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\LmHosts
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\Messenger
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\NDIS
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\NDIS Wrapper
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\Ndisuio
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\NetBIOS
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\NetBIOSGroup
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\NetBT
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\NetDDEGroup
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\Netlogon
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\NetMan
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\Network
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\NetworkProvider
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\nm
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\nm.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\NtLmSsp
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\PCI Configuration
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\PlugPlay
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\PNP Filter
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\PNP_TDI
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\Primary disk
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\rdpcdd.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\rdpdd.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\rdpwd.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\rdsessmgr
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\RpcSs
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\SCSI Class
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\sermouse.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\SharedAccess
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\sr.sys
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\SRService
 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\Streams Drivers



Bookmark and Share
VN:F [1.9.18_1163]
Rating: 0.0/10 (0 votes cast)

Tee Support

Services | Review

Tee Support is an award-winning online tech service 24/7. Tee Support experts provide sophisticated manual solutions:

  • terminate latest, stubborn virus/spyware that an antivirus program can not!
  • specific solution for your specific system: Safe, Effective, Complete.
  • many more services covering various PC problems to meet your requirements.

A good spyware remover can safeguard your computer at real-time automatically. So, pick up one of your favorite to protect your system easily.

However, professional online technical support is highly recommended if you want a more specific, accurate and effective solution toward your specific issue in your specific computer system.

Malwarebytes Anti-Malware

Download | Review

Malwarebytes is one of the most popular and widely used anti-virus and malware-removal software applications for both home and corporate computer users alike.

Spyware Doctor

Download | Review

Award-winning Spyware Doctor with AntiVirus software protects your PC against privacy and tracking threats. Spyware Doctor with AntiVirus detects, removes and secures your PC from potential spyware, viruses, worms and tracking threats.

SpyHunter

Download | Review

SpyHunter is a powerful, real-time anti-spyware application designed to assist computer users in protecting their PC from trojans, rootkits and others.