VirusRescue Trojan

Virus description: VirusRescue
Category:Trojan,Ransomware

VirusRescue Detection :

Files:
[%DESKTOP%]\Install WinAntiVirus Pro 2006 .lnk
[%DESKTOP%]\VirusRescue v3.0.1.lnk
[%PROFILE_TEMP%]\temp.fr????\vrExt.dll
[%PROGRAM_FILES%]\VirusRanger\pl.dll
[%PROGRAM_FILES%]\VirusRescue\kernel40.dll
[%PROGRAM_FILES%]\VirusRescue\pl.dll
[%PROGRAM_FILES%]\VirusRescue\vrext.dll
[%PROGRAM_FILES%]\VirusRescue\vrsvc.exe
[%STARTMENU%]\VirusRescue v3.0.1.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusRescue v3.0.1.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusRescue v3.0.2.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusRescue v3.0.3.lnk
[%DESKTOP%]\VirusRescue v3.0.2.lnk
[%DESKTOP%]\VirusRescue v3.0.3.lnk
[%PROGRAMS%]\VirusRescue\VirusRescue v3.0.1 Un-Installer.lnk
[%PROGRAMS%]\VirusRescue\VirusRescue v3.0.1 Website.lnk
[%PROGRAMS%]\VirusRescue\VirusRescue v3.0.1.lnk
[%PROGRAMS%]\VirusRescue\VirusRescue v3.0.2 Un-Installer.lnk
[%PROGRAMS%]\VirusRescue\VirusRescue v3.0.2 Website.lnk
[%PROGRAMS%]\VirusRescue\VirusRescue v3.0.2.lnk
[%PROGRAM_FILES%]\VirusRescue\asc4.dll
[%PROGRAM_FILES%]\VirusRescue\backdoor.avb
[%PROGRAM_FILES%]\VirusRescue\base.dat
[%PROGRAM_FILES%]\VirusRescue\ca.avb
[%PROGRAM_FILES%]\VirusRescue\config.ini
[%PROGRAM_FILES%]\VirusRescue\daily.avb
[%PROGRAM_FILES%]\VirusRescue\kernel4.avb
[%PROGRAM_FILES%]\VirusRescue\malware.avb
[%PROGRAM_FILES%]\VirusRescue\OE.api
[%PROGRAM_FILES%]\VirusRescue\OE4.api
[%PROGRAM_FILES%]\VirusRescue\sdebug.log
[%PROGRAM_FILES%]\VirusRescue\stop.set
[%PROGRAM_FILES%]\VirusRescue\stopapi4.dll
[%PROGRAM_FILES%]\VirusRescue\TheBAT.api
[%PROGRAM_FILES%]\VirusRescue\tips.txt
[%PROGRAM_FILES%]\VirusRescue\trojan.avb
[%PROGRAM_FILES%]\VirusRescue\UnACE.api
[%PROGRAM_FILES%]\VirusRescue\UnARJ.api
[%PROGRAM_FILES%]\VirusRescue\uninst.exe
[%PROGRAM_FILES%]\VirusRescue\UnMSCAB.api
[%PROGRAM_FILES%]\VirusRescue\unrar.api
[%PROGRAM_FILES%]\VirusRescue\unzip.api
[%PROGRAM_FILES%]\VirusRescue\updater.plb
[%PROGRAM_FILES%]\VirusRescue\virusdos.avb
[%PROGRAM_FILES%]\VirusRescue\VirusRescue.exe
[%PROGRAM_FILES%]\VirusRescue\VirusRescue.tlb
[%PROGRAM_FILES%]\VirusRescue\VirusRescue.url
[%PROGRAM_FILES%]\VirusRescue\virusw32.avb
[%PROGRAM_FILES%]\VirusRescue\weekly.avb
[%STARTMENU%]\VirusRescue v3.0.2.lnk
[%STARTMENU%]\VirusRescue v3.0.3.lnk
[%DESKTOP%]\Install WinAntiVirus Pro 2006 .lnk
[%DESKTOP%]\VirusRescue v3.0.1.lnk
[%DESKTOP%]\Install WinAntiVirus Pro 2006 .lnk
[%DESKTOP%]\VirusRescue v3.0.1.lnk
[%PROFILE_TEMP%]\temp.fr????\vrExt.dll
[%PROGRAM_FILES%]\VirusRanger\pl.dll
[%PROGRAM_FILES%]\VirusRescue\kernel40.dll
[%PROGRAM_FILES%]\VirusRescue\pl.dll
[%PROGRAM_FILES%]\VirusRescue\vrext.dll
[%PROGRAM_FILES%]\VirusRescue\vrsvc.exe
[%STARTMENU%]\VirusRescue v3.0.1.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusRescue v3.0.1.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusRescue v3.0.2.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusRescue v3.0.3.lnk
[%DESKTOP%]\VirusRescue v3.0.2.lnk
[%DESKTOP%]\VirusRescue v3.0.3.lnk
[%PROGRAMS%]\VirusRescue\VirusRescue v3.0.1 Un-Installer.lnk
[%PROGRAMS%]\VirusRescue\VirusRescue v3.0.1 Website.lnk
[%PROGRAMS%]\VirusRescue\VirusRescue v3.0.1.lnk
[%PROGRAMS%]\VirusRescue\VirusRescue v3.0.2 Un-Installer.lnk
[%PROGRAMS%]\VirusRescue\VirusRescue v3.0.2 Website.lnk
[%PROGRAMS%]\VirusRescue\VirusRescue v3.0.2.lnk
[%PROGRAM_FILES%]\VirusRescue\asc4.dll
[%PROGRAM_FILES%]\VirusRescue\backdoor.avb
[%PROGRAM_FILES%]\VirusRescue\base.dat
[%PROGRAM_FILES%]\VirusRescue\ca.avb
[%PROGRAM_FILES%]\VirusRescue\config.ini
[%PROGRAM_FILES%]\VirusRescue\daily.avb
[%PROGRAM_FILES%]\VirusRescue\kernel4.avb
[%PROGRAM_FILES%]\VirusRescue\malware.avb
[%PROGRAM_FILES%]\VirusRescue\OE.api
[%PROGRAM_FILES%]\VirusRescue\OE4.api
[%PROGRAM_FILES%]\VirusRescue\sdebug.log
[%PROGRAM_FILES%]\VirusRescue\stop.set
[%PROGRAM_FILES%]\VirusRescue\stopapi4.dll
[%PROGRAM_FILES%]\VirusRescue\TheBAT.api
[%PROGRAM_FILES%]\VirusRescue\tips.txt
[%PROGRAM_FILES%]\VirusRescue\trojan.avb
[%PROGRAM_FILES%]\VirusRescue\UnACE.api
[%PROGRAM_FILES%]\VirusRescue\UnARJ.api
[%PROGRAM_FILES%]\VirusRescue\uninst.exe
[%PROGRAM_FILES%]\VirusRescue\UnMSCAB.api
[%PROGRAM_FILES%]\VirusRescue\unrar.api
[%PROGRAM_FILES%]\VirusRescue\unzip.api
[%PROGRAM_FILES%]\VirusRescue\updater.plb
[%PROGRAM_FILES%]\VirusRescue\virusdos.avb
[%PROGRAM_FILES%]\VirusRescue\VirusRescue.exe
[%PROGRAM_FILES%]\VirusRescue\VirusRescue.tlb
[%PROGRAM_FILES%]\VirusRescue\VirusRescue.url
[%PROGRAM_FILES%]\VirusRescue\virusw32.avb
[%PROGRAM_FILES%]\VirusRescue\weekly.avb
[%STARTMENU%]\VirusRescue v3.0.2.lnk
[%STARTMENU%]\VirusRescue v3.0.3.lnk
[%DESKTOP%]\Install WinAntiVirus Pro 2006 .lnk
[%DESKTOP%]\VirusRescue v3.0.1.lnk

Folders:
[%DESKTOP%]\VirusRescue
[%PROGRAMS%]\VirusRescue
[%PROGRAM_FILES%]\VirusRescue
[%PROGRAM_FILES%]\VirusRescue\.
[%PROGRAM_FILES%]\VirusRescue\..
[%PROGRAM_FILES%]\VirusRescue\Languages
[%PROGRAM_FILES%]\VirusRescue\Logs
[%DESKTOP%]\VirusRescue

Registry Keys:
HKEY_CLASSES_ROOT\appid\vrext.dll
HKEY_CLASSES_ROOT\appid\{53a8703f-53bf-4c44-8daf-fa254a1e1b8c}
HKEY_CLASSES_ROOT\clsid\{598ca4d5-6870-47f0-b513-e3efba809b22}
HKEY_CLASSES_ROOT\clsid\{753d7ded-2454-44a3-959d-dc3700fc6b6e}
HKEY_CLASSES_ROOT\clsid\{cf79dab6-0afe-4678-856d-44574d91915c}
HKEY_CLASSES_ROOT\interface\{598ca4d5-6870-47f0-b513-e3efba809b22}
HKEY_CLASSES_ROOT\typelib\{2e88f662-2027-421d-9874-f3dbc2207bab}
HKEY_CLASSES_ROOT\typelib\{c7df0578-d732-4bfb-a65b-89c1ccea01cc}
HKEY_CLASSES_ROOT\vrext.vrshlext
HKEY_CLASSES_ROOT\vrext.vrshlext.1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\virusrescue.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\virusrescue
HKEY_LOCAL_MACHINE\software\virusrescue
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\vrsvc
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\VRShlExt
HKEY_CLASSES_ROOT\AppID\{CF79DAB6-0AFE-4678-856D-44574D91915C}
HKEY_CLASSES_ROOT\CLSID\{F80DB5A5-A885-7370-4983-841F62A80AF2}
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\VRShlExt
HKEY_CLASSES_ROOT\Interface\{679B00B5-0783-4DE4-A478-7227FDD50825}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VRSVC

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\shellnoroam\muicache
HKEY_CURRENT_USER\software\microsoft\windows\shellnoroam\muicache, [%DESKTOPDIRECTORY%]\winantiviruspro2006freeinstall.exe=winsoftware
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing VirusRescue:

you can run trial version of ExterminateIt, or remove VirusRescue manually..

ExterminateIt effectively and automatically removes Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware) from you computer.

Download ExterminateIt! to instantly get rid of VirusRescue!

Also Be Aware of the Following Threats:
Win.Oeminfer Trojan Removal instruction