Win32.Mebroot.J

By LoneStar in Trojans

Win32.Mebroot.J is a terrible Trojan which can download and install additional malware threats from the Internet. Win32.Mebroot.J can use a large amount of your system resources to trace your computer activities or display pop-up ads that may notably slow down the infected PC or make it crash randomly. Win32.Mebroot.J allows web attackers to obtain remote access to the compromised machine. Win32.Mebroot.J can gather and transmit your email address book to a predetermined email spammer stealthily without your consent or awareness. To safeguard your machine from harm, eliminate Win32.Mebroot.J as quickly as possible.

Table of Contents

SpyHunter Detects & Remove Win32.Mebroot.J

File System Details

Win32.Mebroot.J may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%UserProfile%\Application Data\antispy.exe
Name: %UserProfile%\Application Data\antispy.exe Type: Executable File Group: Malware file
2.	setupapp7070010000.exe
Name: setupapp7070010000.exe Type: Executable File Group: Malware file
3.	%PROGRAM_FILES%\Win32.Mebroot.J \Win32.Mebroot.J
Name: %PROGRAM_FILES%\Win32.Mebroot.J \Win32.Mebroot.J Group: Malware file
4.	108275699.exe	fc2aa89be20043d92f334f6b94726c6e	0
Name: 108275699.exe MD5: fc2aa89be20043d92f334f6b94726c6e Size: 37.37 KB (37376 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: October 4, 2011
5.	84275699.exe	e29df7f7101e4a4d68c556ed81b10975	0
Name: 84275699.exe MD5: e29df7f7101e4a4d68c556ed81b10975 Size: 86.01 KB (86016 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: October 4, 2011
6.	18475699.exe	e7a9694e96465d878090c3f3c04c1db6	0
Name: 18475699.exe MD5: e7a9694e96465d878090c3f3c04c1db6 Size: 417.79 KB (417792 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: October 4, 2011
7.	99675699.exe	9ea5bd082bb2c7a163ca87ebf276be42	0
Name: 99675699.exe MD5: 9ea5bd082bb2c7a163ca87ebf276be42 Size: 56.32 KB (56320 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: October 4, 2011
8.	53675699.exe	341c326ffd596e77f3b350940f52a8b6	0
Name: 53675699.exe MD5: 341c326ffd596e77f3b350940f52a8b6 Size: 56.32 KB (56320 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: October 4, 2011

Registry Details

Win32.Mebroot.J may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments 'SaveZoneInformation' = '1'

HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run 'tmp'

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run '[random string]'

HKEY_LOCAL_MACHINE\Software\ Win32.Mebroot.J

HKEY_CLASSES_ROOT\MiniBugTransporter.MiniBugTransporterX.1

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run 'Protection Center'v

HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\SimpleShlExt

HKEY_CURRENT_USER\Software\Malware Defense

HKEY_CLASSES_ROOT\TypeLib\{3C2D2A1E-031F-4397-9614-87C932A848E0}

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Win32.Mebroot.J

SpyHunter Detects & Remove Win32.Mebroot.J

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen