msvbdll32.exe - Dangerous
%program files%\sony\vaio action setup\msvbdll32.exe
Jeff's Story:
My PC had gotten a bad rootkit that my ISP antivirus software (powered by McAfee) could not detect, nor could fix.
I sought a solution on the Internet and discovered your product and tried out the trial.
You quickly found the rootkit and SAVED my PC!
I haven't had any problems since, and I'm extremely grateful.
Manual removal instructions:
MsVBdll spreads via e0mail and AOL Instant Messenger.
Adds the value:
"MsVBdll" = "%Windir%\MsVBdll.pif"
to the Windows startup registry keys.
Adds the registry entries:
"FirewallDisableNotify" = "1"
"UpdatesDisableNotify" = "1"
"AntiVirusDisableNotify" = "1"
to the following registry keys
HKEY_CURRENT_USER\Software\Microsoft\security center
HKEY_LOCAL_MACHINE\Software\Microsoft\security center
to lower computer security.
MsVBdll adds:
"DisableTaskMgr" = "1"
"DisableRegistryTools" = "1"
to the registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\
Policies\System
to disable access to the Windows Task Manager and registry editing tools.
MsVBdll adds the registry entry:
"NoAutoUpdate" = "1"
to the registry key
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU
to disable Windows Update.
MsVBdll deletes the following registry key if present:
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\
CurrentVersion\Run\"Windows" = "Auto Update.exe"
MsVBdll tries to copy itself to:
A:\homework.exe
Kills the system processes:
* svchost.exe
* lsass.exe
It will break network connections.