New
#1
HELP! *Urgent* A Trojan.VBAgent Virus
I Don't know how to remove this Virus .
But Please help me remove this virus .. I have alot of imporant files in my computer please!
I Don't know how to remove this Virus .
But Please help me remove this virus .. I have alot of imporant files in my computer please!
Well, I'm no security expert but I suggest you to use your preferred Anti Virus application to scan your system. Once done, run 3 full scans of Malwarebytes Anti-Malware Free Download - Scan For Viruses Make sure to restart after each scan. Let's wait for the security experts to join in and give the more accurate suggestions.
I Don't know how to remove this Virus .
But Please help me remove this virus .. I have alot of imporant files in my computer please!
I already use Malwarebytes .. When it detects a trojan in a folder .. the whole folder will be deleted.
For example C:/Windows/Program Files/Trojan.VBAgent (QUARANTINED) ..
It delete all Window folder.
Need Help
and what is this?
and what is this?
Win32:VBCrypt-BFB [Trj]
RogueKiller for 32bit <==== Download Link
RogueKiller for 64bit <==== Download Link
Click on one of the links above that goes with your Windows 7 bit versions
Save to the Desktop.
Close all windows and browsers
Right click on and choose
Press: SCAN
provide the RKreport.txt (Mode: Scan) in your reply.
Thank you ..!
RogueKiller V8.6.3 [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : Forum
Website : RogueKiller download
Blog : tigzy-RK
Operating System : Windows 7 (6.1.7600 ) 32 bits version
Started in : Normal mode
User : Prince [Admin rights]
Mode : Scan -- Date : 07/21/2013 08:50:24
| ARK || FAK || MBR |
¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] eGdpSvc.exe -- C:\ProgramData\eSafe\eGdpSvc.exe [7] -> KILLED [TermProc]
¤¤¤ Registry Entries : 6 ¤¤¤
[RUN][ROGUE ST] HKCU\[...]\Run : (C:\Windows\820681872.exe [-]) -> FOUND
[RUN][ROGUE ST] HKUS\S-1-5-21-4197590477-4063348244-817859574-1001\[...]\Run : (C:\Windows\820681872.exe [-]) -> FOUND
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD800BD-08MRA1 ATA Device +++++
--- User ---
[MBR] d977b8415fdf2ca8f7181a57f9f6f226
[BSP] f86c0c7ebe73b1311a45b7a2a0691511 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 35000 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 71682030 | Size: 41315 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_07212013_085024.txt >>
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
Malwarebytes : Free anti-malware download
Database version: v2013.07.21.06
Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Prince :: CZECH [administrator]
Protection: Disabled
7/21/2013 8:53:36 AM
MBAM-log-2013-07-21 (08-55-25).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 31122
Time elapsed: 1 minute(s), 42 second(s) [aborted]
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 2
HKCR\CLSID\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} (PUP.DealPly) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66} (PUP.DealPly) -> No action taken.
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run| (Trojn.VBAgent) -> Data: C:\Windows\820681872.exe -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 17
C:\Windows\820681872.exe (Trojn.VBAgent) -> No action taken.
C:\Program Files\DealPly\DealPlyIE.dll (PUP.DealPly) -> No action taken.
C:\*$Recycle.Bin.exe (Trojn.VBAgent) -> No action taken.
C:\*Avenger.exe (Trojn.VBAgent) -> No action taken.
C:\*Boot.exe (Trojn.VBAgent) -> No action taken.
C:\*CherryDeGames.exe (Trojn.VBAgent) -> No action taken.
C:\*Config.Msi.exe (Trojn.VBAgent) -> No action taken.
C:\*Documents and Settings.exe (Trojn.VBAgent) -> No action taken.
C:\*GarenaDownload.exe (Trojn.VBAgent) -> No action taken.
C:\*NVIDIA.exe (Trojn.VBAgent) -> No action taken.
C:\*PerfLogs.exe (Trojn.VBAgent) -> No action taken.
C:\*Program Files.exe (Trojn.VBAgent) -> No action taken.
C:\*ProgramData.exe (Trojn.VBAgent) -> No action taken.
C:\*Recovery.exe (Trojn.VBAgent) -> No action taken.
C:\*Users.exe (Trojn.VBAgent) -> No action taken.
C:\*Windows.exe (Trojn.VBAgent) -> No action taken.
C:\Kzzvxhikhwc.exe (Trojn.VBAgent) -> No action taken.
(end)