cRPG

Off Topic => General Off Topic => Topic started by: Casul on November 29, 2015, 04:20:30 pm

Title: .vvv Trojan
Post by: Casul on November 29, 2015, 04:20:30 pm

Hi guys, I really need some IT help ;_;


My friends PC is infected by some vicious Trojan it seems.

All data files are converting into .vvv files, pictures, music, docx, basically everything. Google says it will download other malware stuff and take full control of his PC which didnt happen yet.

I have no idea how to remove it. They run all PC's on win10 if thats of importance. (home server)

Thanks for ideas/help.

Title: Re: .vvv Trojan
Post by: Soulreaver on November 29, 2015, 04:34:13 pm

kill the procces (cntrl shift del or cntrl alt del dont know if works for win10), remove from autorun, find the location> remove, check regedit, check scheduled task

run safe mode (f7 at start or f12 idk) use  https://www.freedrweb.com/download+cureit+free/?lng=en or something like that

Title: Re: .vvv Trojan
Post by: Rhekimos on November 29, 2015, 04:38:34 pm

1st, take it off the internet.

Consider if you really needed any of the files. If not, reinstall windows and be more conscious of security in the future.

If you you really need some of the files, you can try to investigate which trojan it was and if the files can be recovered. It's possible the maker of the trojan didn't really know what he was doing.
If it's a proper trojan, the files are encrypted and only buying the key might get his files back. If the criminal keeps his word.


Also if it didn't convert everything to .vvv files yet, he should not start Windows at all, but boot a Linux livecd and recover any undamaged files to a usb stick.

Title: Re: .vvv Trojan
Post by: Casul on November 29, 2015, 05:06:28 pm

kay, gonna try this ;_;  thanks

Title: Re: .vvv Trojan
Post by: Sir_Hans on November 29, 2015, 06:38:24 pm

http://extension.nirsoft.net/vvv
http://vvvapp.sourceforge.net/
http://sourceforge.net/projects/vvvapp/

Some information on .vvv files... Last link is a download to vvvapp which you can use to view the files, might help you recover data from anything that has been changed into .vvv file type.

I would check processes and apphistory in the task manager (ctrl-alt-del). Look for "Virtual Volumes View" or "VVVapp" or anything like that (would try this before downloading vvvapp to view your files...) Would also search computer for similar or the same stuff.
It might not be a virus, it's possible the computer owner might have begun cataloging his drives into .vvv unknowingly. 

Also I would definitely scan with a well received virus scanner... Unfortunately I couldn't find much about people sharing your exact problem.

hope that helps.  :wink: