BKDR_VBOT.A
BKDR_VBOT.A is a malicious Backdoor virus which enters the system after the computer user visits a malicious website. BKDR_VBOT.A uses a vulnerability in Adobe Acrobat and Adobe Reader to drop and execute malicious files. BKDR_VBOT.A poses a serious threat to PC security and should be removed once detected.
File System Details
BKDR_VBOT.A may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %Program Files%\Windows Defender\MPSvc.exe | |
| 2. | %system%\Setup\MPClient.exe | |
| 3. | %Program Files%\Windows Defender\MPClient.exe | |
| 4. | %Program Files%\Windows NT\Windows Update\zf32.dll | |
| 5. | %system%\Setup\zf32.dll | |
| 6. | %Program Files%\Adobe\zf32.dll | |
| 7. | %Program Files%\Windows NT\Windows Update\wuauclt.exe | |
| 8. | %system%\Setup\MPSvc.exe | |
| 9. | %system%\Setup\jucheck.exe - detected by Trend Micro as BKDR_VBBOT.AP | |
| 10. | %system%\Setup\AdobeUpdateManager.exe - detected by Trend Micro as TROJ_VB.ZAA | |
| 11. | %system%\Setup\wuauclt.exe - detected by Trend Micro as BKDR_VBBOT.AM | |
| 12. | %Program Files%\Adobe\AdobeUpdateManager.exe - detected by Trend Micro as TROJ_VB.ZAA | |
| 13. | %system%\Setup\OSA.exe - also detected as BKDR_VBOT.A |
Registry Details
BKDR_VBOT.A may create the following registry entry or registry entries:
Microsoft Office quick launch = "%Program Files%\Microsoft Office\OFFICE11\OSA.exe"
Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
