Trojan-Downloader.Win32.VB.bj

tag:Trojan Downloaders

Once launched, the Trojan downloads files from the following URL:

http://w1.***.telia.com/~u46129234/xpnv.exe

At the moment of writing, this link was not working.

The downloaded file will be saved as:

%WinDir%\xpnv.exe

The Trojan then launches this file for execution.

Use Task Manager to terminate the Trojan process:
Delete the original Trojan file (the location will depend on how the program originally penetrated the victim machine).
Delete the following file:
```
%WinDir%\xpnv.exe
```
Update your antivirus databases and perform a full scan of the computer (download a trial version of Kaspersky Anti-Virus)

This Trojan downloads software via the Internet without the knowledge or consent of the user. The program itself is a Windows PE EXE file. The file is 24,576 bytes in size. It is written in Visual Basic.

Payload

previous:Trojan-Downloader.Win32.Tiny.abt
previous:Trojan-Downloader.Win32.VB.jl

Virus Source from:

New articles

Trojan.Win32.Oficla.dvThis Trojan downloads files from the Internet and launches them without the user’s knowledge or consent. It is a Windows PE EXE file. It is 35840 byte...Conficker.CIt exploits the vulnerability MS08-067 in the Windows Server Service in order to spread itself. It also spreads through shared and removable drives. It reduces ...Downloader.MDW It reduces the security level of the computer: it notifies the attacker that the computer has been compromised and is ready to be used maliciously; it chan...Trojan.Downloader.WMA.Wimad.ZThis is another copy of the Trojan.Downloader.Wimad.A . It behaves in a similar way and even downloads from the same webpage ( hxxp://missing-codecs.net ) which...Trojan.Downloader.WMA.Wimad.SThis is another copy of the Trojan.Downloader.Wimad.A . It behaves in a similar way and even downloads from the same webpage ( www.fastmp3player.com ) which mea...

Hot Articles

Trojan-Downloader.Win32.VB.bj

Computer Virus Clounds