Rootkit.Win32.Agent.bdvg rootkit
Threat Name: Rootkit.Win32.Agent.bdvg rootkit
Spread Method:
External Storage Device (USB Device etc.)
Threat type:Rootkit.Win32
Rootkit.Win32.Agent.bdvg rootkit first detected:2010-03-25
Virus file known is PE EXE file written in Basic
File Size:380K Bytes.
Behavior:places the file shown below in the root of the disk:
Level of Spread:1
Level of Threat:2
Reported Path:
%ProgramFiles%\MSDN\One.sys
%ProgramFiles%\MSDN\One.inf
MD5:rBqQ82moDVCmj1Rk3rhbO8wyUNtvt7Jt
SHA1..:0i8rFPnplxk4k4A45s5jwH12vou10Dq0H320nx78
Alias:
Suspicious.IRCBot [Symantec]
Rootkit.Win32.Agent.bdvg [Kaspersky Lab]
Mal/EncPk-CK [Sophos]
TrojanDownloader:Win32/Dogrobot.D [Microsoft]
Report Countries:
Portugal
Iceland
United States
Poland
Japan
Russian
Rootkit.Win32.Agent.bdvg rootkit Removal instructions:
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\ONE\0000]
ClassGUID = “{9B2E08D6-619B-45F3-9521-0A3FC09FB474}”
HardwareID = “*OneDevice”
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\ONE\0000]
ClassGUID = “{9B2E08D6-619B-45F3-9521-0A3FC09FB474}”
HardwareID = “*OneDevice”
How to remove Rootkit.Win32.Agent.bdvg rootkit :
1.Delete Rootkit.Win32.Agent.bdvg rootkit file ,Restart your computer to safe mode and run a whole scan of your PC.
Need help? Post you problem on Free Malware Remove Help forum
Rootkit.Win32.Agent.bdvg rootkit Summary
1.Temporarily Disable System Restore;2.Reboot computer in SafeMode;3.delte Rootkit.Win32.Agent.bdvg rootkit virus files and kill Rootkit.Win32.Agent.bdvg rootkit file task process(if have);4.Delete/Modify any values added to the registry by Rootkit.Win32.Agent.bdvg rootkit ;5.delete IE temp files,restart the computer and run a whole scan with Kaspersky, Microsoft, Sophos. Rootkit.Win32.Agent.bdvg rootkit virus files as following: