Information about Trojan Virus File,Vcrt80.exe (Vcrt80)
Apr 21, 2009 Trojan and Worm Removal
Vcrt80.exe is a malicious file which produces activities on the users’ computers which may be highly unsafe.This file is normally bundled with files such as system32:vcrt80.exe and fxstaller.exe.
Type: Trojan Virus
Location: C:\WINDOWS\system32\vcrt80.exe
Risk Level: Medium
Manual Removal
Normally,Vcrt80.exe can be removed by analyzing your HijackThis log.
Details about Vcrt80.exe File
- File Type – EXE – Vcrt80.exe is a executable file
- First Identified – April 20 2009
Expecting your comments and suggestions
Tags: "c:windowssystem32vcrt80.exe", "system32:vcrt80" worm, 32:vcrt80 remove, 32:vcrt80.exe, ALL, Apr, April, c:windowssystem32: vcrt80.exe, C:WINDOWSsystem32:vcrt.exe, com, computer, ctfmon trojan remove 2009, D:WINDOWSsystem32:vcrt80.exe, Download, download vcrt80.exe, Erro: system32: vcrt80.exe, error, error de vcrt80.exe, error system32.vcrt80.exe, error system:vcrt80.exe, error vcrt80.exe, errore vcrt80.exe, errore in vcrt80.exe, exe type, executable file, Expecting, Files, fxstaller, help vcrt80, High, hijack, hijackthis, hijackthis log, how to remove c:windowssystem32:vcrt80.exe, how to remove system32 vcrt80.exe, how to remove system32:vcrt80.exe error, how to remove the system32 vcrt80.exe virus, how to remove vcrt80, how to remove vcrt80 error, how to remove vcrt80.exe, How to remove vcrt80.exe manually, Identified, Information, is vcrt80.exe a virus?, Level, Location, location c, Log, Malicious, malicious code in c:windowssystem32VCRT80.EXE, malware vcrt80, Man, Manual, manual removal, manually remove system32:vcrt80.exe, me sale error en vcrt80.exe, me sale error vcrt80.exe, medium, medium removal, prevx system32.vcrt, Removal, removal of vcrt80.exe, removal SYSTEM32:VCRT80.EXE, removal tool, removal tool for vcrt80.exe, Remove, remove vcrt80, remove vcrt80.exe, remove vcrt80.exe windows 2000, remover system32:vcrt80.exe, Risk, risk level, sistem32/vcrt80 manualmente, Suggestions, sysem32.vcrt80.exe, system, system32, system32 vcrt, system32 vcrt80, system32 vcrt80 removal, system32 vcrt80 remove, system32 vcrt80.exe has encountered, system32.vcrt.exe, system32.vcrt80.exe has encountered an error, System32: vcrt80.exe, system32:vcrt, system32:vcrt.exe, system32:vcrt.exe error, system32:vcrt.exe removal, system32:vcrt80, system32:vcrt80 error, System32:vcrt80 remove tool, system32:vcrt80.exe, system32:vcrt80.exe + how to remove, system32:vcrt80.exe ???, system32:vcrt80.exe Application error, SYSTEM32:VCRT80.EXE ERROR, system32:vcrt80.exe manual removal, system32:vcrt80.exe removal, system32:vcrt80.exe removal tool, system32:vcrt80.exe remove, system:vcrt80 Windows XP error, system:vcrt80.exe, sytem32:vcrt.exe, tool, Tool to remove System32:vcrt80, trojan, trojan virus, Type, Use, USER, users computers, vcrt, vcrt.exe, vcrt.exe removal, vcrt.exe virus, vcrt80, vcrt80 error, VCRT80 REMOVAL, vcrt80 removal tool, vcrt80 remove tool, vcrt80 removed no internet, vcrt80 virus, vcrt80.dll, vcrt80.exe, vcrt80.exe error, vcrt80.exe error windows xp, vcrt80.exe error winxp, vcrt80.exe file, vcrt80.exe how to remove, vcrt80.exe malwarebyte, vcrt80.exe removal, VCRT80.EXE removal tool, vcrt80.exe remover, vcrt80.exe tool, vcrt80.exe trendmicro, vcrt80.exe trojan, vcrt80.exe vacina, vcrt80.exe virus, vcrt80.exe virus -site:.es, vcrt80.exe virus removal, virus, virus system 32 : vcrt80, virus system32:vcrt80.exe manual removal, virus VCRT80.EXE, what is the use of vcrt80.exe, Win, Windows, windows system32 error vcrt.exe, windows xp startup remove tools system32:vcrt80.exe, windows/system32/vcrt80.exe, winxp system32:vcrt80.exe removal
April 21st, 2009 at 5:39 pm
My PC got infected with this virus on 18/04/2009.
This is the HijackThis Log file:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:57:32, on 20/04/2002
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Archivos de programa\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Archivos de programa\REALTEK Semiconductor Corp\REALTEK RTL8185 Wireless LAN Driver and Utility\RtlWake.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Archivos de programa\Prevx\prevx.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Archivos de programa\Prevx\prevx.exe
C:\explorer.exe
D:\Archivos de programa\Internet Explorer\iexplore.exe
D:\Documents and Settings\admin\Escritorio\HiJackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O4 – HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 – HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 – HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] “D:\Archivos de programa\Malwarebytes’ Anti-Malware\mbam.exe” /runcleanupscript
O4 – HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 – HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICIO LOCAL’)
O4 – HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User ‘Servicio de red’)
O4 – HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 – HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 – Global Startup: Realtek Wireless LAN Utility.lnk = ?
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – D:\Archivos de programa\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – D:\Archivos de programa\Messenger\msmsgs.exe
O17 – HKLM\System\CCS\Services\Tcpip\..\{9D4618D3-60D8-4AF1-9AAB-F72B1DE9AD12}: NameServer = 192.168.2.100
O23 – Service: Ad-Aware 2007 Service (aawservice) – Lavasoft – D:\Archivos de programa\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 – Service: CSIScanner – Prevx – D:\Archivos de programa\Prevx\prevx.exe
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – D:\WINDOWS\system32\nvsvc32.exe
–
End of file – 3009 bytes
I´ve already re-installled Windows XP, and it still keeps appearing.
I hope you could help me. Thanks in advance.