VirTool:Win32/Vbcrypt.AD

VirTool:Win32/Vbcrypt.AD Description

VirTool:Win32/Vbcrypt.AD is a Trojan program that can install additional malware onto a PC, as well as destroy or modify certain registry files. VirTool:Win32/Vbcrypt.AD may spread through malicious drive-by downloads or web pages. VirTool:Win32/Vbcrypt.AD is a computer threat that should be removed with a reliable security program.

Aliases: Generic25.CJCV [AVG], W32/BDoor.CEP!tr.bdr [Fortinet], Trojan/Win32.ADH [AhnLab-V3], Trojan/Midgare.hjp, BDS/Bifrose.A.394 [AntiVir], Trojan.Generic.KDV.414944 (B), Trojan.Win32.A.Midgare.260726.A, Backdoor.Bifrose!xrrnonPYKCw, Trojan.Win32.Midgare.bbsz [Kaspersky], Trojan.Midgare-167 [ClamAV], TROJ_SPNR.15L411, Suspicious_Gen2.SOTQB, Trojan.Win32.Midgare.mbivp, Trojan.Midgare.bbsz [CAT-QuickHeal] and Trojan.Generic.KDV.414944.

Technical Information

File System Details

VirTool:Win32/Vbcrypt.AD creates the following file(s):
# File Name Size MD5 Detection Count
1 D:\Program Files\Adobe_Audition_1\Soft\SonicFoundry Sound Forge 6.0e\KEYGEN.EXE\KEYGEN.EXE 32,768 c78823c750512ab280b62ec17ee2173a 313
2 C:wuauclt.exe 135,168 2e2d0c602a60fba0ee1f3c68d2532237 76
3 %WINDIR%csrs.exe 115,775 a94dc5a0361bb54f4c40abf404441379 34
4 %USERPROFILE%winsrvcn.exe 48,640 f75a8c506ed70d465e15065146843385 4
5 %PROGRAMFILES%\Bifrost\server.exe 27,517 1bf5e02e439c6cf09c220d5710b46ad5 4
6 %APPDATA%csrss.exe 389,148 b6c30f087bb3cbc38c7abb3e2ca4eaf2 2
7 %USERPROFILE%\Local Settings\alvsvpd.exe 90,909 61e2355a9bc4d852c06571b51f084448 2
8 %APPDATA%camfrog.exe 39,389 c8b0f1482d5026134d4be7f3b906b21f 1
9 %APPDATA%system32.exe 2,582,165 e83b9b6a0f906ad6564afc890ea5c6bd 1
10 win23.exe 335,872 0ab35874ae5d12db56ba7df38159427c 0
11 file[1].exe 38,919 9b1b8011f18ac6b95c87cc5c115514e7 0
12 ffx.exe 143,872 905d88c67659fe04a35ec2c0f86c4ed0 0
13 winsystem.exe 100,063 4920b9bcc50cac48ce4cb3f4ce4c527e 0
14 svchost.exe 584,192 624f45f8ef3f192e8eb09a529fe0e3fe 0
15 spoolsv.exe 47,616 c665a55e56966c44171d9c8900fbb529 0
16 ccdrive32.exe 75,264 39f2c3805d88cf76c5d79c54c1e37349 0
17 rundll32.exe 61,440 8d08b75195561ed02caa6f0abb3b4fd8 0
18 msn.exe 237,568 2afb4ee104bc1d0be383845845a9b511 0
19 H2sfasH.exe 81,408 31eb4ff720d93075a2fcbb203c590ff2 0
20 Update.exe 1,152,784 9b8cfda3a3f06d22d1c3722ebddd8ba2 0
21 msvmcls64.exe 219,136 ae7fa2384864f34947ac24f45ca9e4bf 0
22 file.exe 370,688 d948009c57aa4ef2d0e1944b561c12ba 0
More files

Registry Details

VirTool:Win32/Vbcrypt.AD creates the following registry entry or registry entries:
Regexp file mask
%ALLUSERSPROFILE%\cachemgr.exe
%SystemDrive%\Setup\CacheMgr.exe
%TEMP%\XX--XX--XX.txt

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.