Exterminate It! Antimalware

malpedia

Known threats:614,221 Last Update:January 18, 15:40

Testimonials

exterminate it remove the agent.nbo files without restart. i let it scan again, nothing found! great job!

now i surf since 5 minutes, no popups, it looks like the problem is solved!

big thanks to you and your team, you are the only company that give me response and realy help to remove this bad worm/malware!

i will place now links to our network to your homepage and email my friends and business partners that they know that there is a realy good company with a great tool and good programmers.

thanks.

regards,

m. s.

File: OEgetPrivileges.vbs

Location of OEgetPrivileges.vbs and Associated Malware

Check whether OEgetPrivileges.vbs is present in the following locations:

Windows 2000, Windows XP, Windows Server 2003 specific OEgetPrivileges.vbs file locations:

  • C:\Documents And Settings\USER_NAME\Local Settings\Temp\OEgetPrivileges.vbs

Windows Vista, Windows Server 2008, Windows 7, Windows 8 specific OEgetPrivileges.vbs file locations:

  • C:\Users\USER_NAME\AppData\Local\Temp\OEgetPrivileges.vbs

If you find OEgetPrivileges.vbs file in any of these locations, your computer is very likely to be infected with the following malware:

IMPORTANT: Malware files can be camouflaged with the same file names as legitimate files. The OEgetPrivileges.vbs file is associated with malware only if found in the locations listed above.

Notes:

Different Variations of OEgetPrivileges.vbs File^

File SizeFile Md5Last Seen
192522EEE2273D47B4BBB1A3C96386F600AJan 23, 2016
123EEF5B96A7507F23BE218FD17D0090A31Feb 2, 2016
17422D5DAE2CF05DCC2611B5961DC1C7A2FFeb 6, 2016
145326FABDFADC40DF7BBA56E7CDB400CEDFeb 9, 2016
15110DBBEE38BB1F4B8B738CC7ED3E4BDB9Feb 13, 2016
159839AB41BF89C077867FF74480EC4BD6BFeb 20, 2016
1497E0D12E4FF8705F69D40FEE636D8B567Mar 2, 2016
138B24115CC8D7B997425CB942F1F2B8330Mar 18, 2016
13695B94F06FDED44E5D6B734FABC2B59CBApr 9, 2016
1429B3B54033D6907D68CE02FE6100003A6Apr 21, 2016
18024543216B4E922ADC4F422BF17B6980DApr 26, 2016
152BA5319613A7C562660B1EBB1C6286957May 21, 2016
146A9F7EC13B2EEE18A3AC69F8B83CC4928May 23, 2016
144F847CAB8D92EDA003BC93C9B65D5343DMay 25, 2016
2038353E511BC17C89DEBE431EFBA196F22May 29, 2016
101237D682F42E2C9951A7548244655A08CJul 4, 2016
143E5778C08FE30A9CA8AA3B67FBBFAB4A9Jul 6, 2016
131AD0D214D8E2873994DDBA0FC5DA9981BJul 17, 2016
1543D105197A11A4B53E0030A4B0149BBA7Aug 2, 2016
13277215A9F46908D5E51A7A6C24CECD64FAug 31, 2016
142DE8DB17CF2A7CDC5DEC0789D827B502BSep 10, 2016
166DA50D1E41198752CF3A80834C157C65COct 14, 2016
1420FC8F09E1BF220E641CBF059BB4AA757Oct 31, 2016
157CB55DCCF09560BB5C9811BF05040984DNov 4, 2016
1854F1079AC35F883D4B12572BBF37C4B0BDec 3, 2016
17810E239FECB3BC3673018709813ED05B1Dec 5, 2016
1380B780EC14A4EF09BBBDB1B2B1BD91B8DDec 12, 2016
1439AE768DF7EEA11BF324255738319F814Jan 11, 2017

Why Is It Important to Remove Malware Files?^

It is imperative that you delete malware-associated files as soon as possible because they can be used - or are already being used - to inflict serious damage on your PC, including:

  • Disrupting the normal functioning of the operating system or rendering it completely useless.
  • Hijacking valuable private information (credit card numbers, passwords, PIN codes, etc.)
  • Directing all your Web searches to the same unwanted or malicious sites.
  • Dramatically slowing down your computer.
  • Gaining total control of your PC to spread viruses and trojans and send out spam.

How to Remove OEgetPrivileges.vbs^

  1. To enable deleting the OEgetPrivileges.vbs file, terminate the associated process in the Task Manager as follows:
    • Right-click in the Windows taskbar (a bar that appears along the bottom of the Windows screen) and select Task Manager on the menu.
    • In the Tasks Manager window, click the Processes tab.
    • On the Processes tab, select OEgetPrivileges.vbs and click End Process.
  2. Using your file explorer, browse to the file using the paths listed in Location of OEgetPrivileges.vbs and Associated Malware.
  3. Select the file and press SHIFT+Delete on the keyboard.
  4. Click Yes in the confirm deletion dialog box.
  5. Repeat steps 2-4 for each location listed in Location of OEgetPrivileges.vbs and Associated Malware.
  6. Notes:

    • The deletion of OEgetPrivileges.vbs will fail if it is locked; that is, it is in use by some application (Windows will display a corresponding message). For instructions on deleting locked files, see Deleting Locked Files.
    • The deletion of OEgetPrivileges.vbs will fail if your Windows uses the NT File System (NTFS) and you have no write rights for the file. Request your system administrator to grant you write rights for the file.

Deleting Locked Files^

You can delete locked files with the RemoveOnReboot utility. You can install the RemoveOnReboot utility from here.

After you delete a locked file, you need to delete all the references to the file in Windows registry.

To delete a locked file:

  1. Right-click on the file and select Send To -> Remove on Next Reboot on the menu.
  2. Restart your computer.

The file will be deleted on restart.

Note: In the case of complex viruses that can replicate themselves, malware files can reappear in the same locations even after you have deleted those files and restarted your computer. Exterminate It! Antimalware can effectively eradicate such viruses from your computer.

To remove all registry references to a OEgetPrivileges.vbs malware file:

  1. On the Windows Start menu, click Run.
  2. In the Open box, type regedit and click OK. The Registry Editor window opens.
  3. On the Edit menu, select Find.
  4. In the Find dialog box, type OEgetPrivileges.vbs. The name of the first found registry value referencing OEgetPrivileges.vbs is highlighted in the right pane of the Registry Editor window.
  5. Right-click the registry value name and select Delete on the menu.
  6. Click Yes in the Confirm Value Delete dialog box.
  7. To delete all other references to OEgetPrivileges.vbs, repeat steps 4-6.
IMPORTANT: Malware files can masquerade as legitimate files by using the same file names. To avoid deleting a harmless file, ensure that the Value column for the registry value displays exactly one of the paths listed in Location of OEgetPrivileges.vbs and Associated Malware.