3
Contributors
6
Replies
7
Views
7 Years
Discussion Span
Last Post by okok1212
0

Make sure to use Internet Explorer for this

Please go to VirSCAN.org FREE on-line scan service

Copy and paste the following file path into the "Suspicious files to scan" box on the top of the page:
c:\windows\system32\userinit.exe


Click on the Upload button

If a pop-up appears saying the file has been scanned already, please select the ReScan button.

Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.

Paste the contents of the Clipboard in your next reply.

Also scan these,
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe

Edited by crunchie: n/a

0

VirSCAN.org Scanned Report :
Scanned time : 2010/11/04 09:23:42 (CST)
Scanner results: 86% Scanner(s) (31/36) found malware!
File Name : miudaa.exe
File Size : 138240 byte
File Type : PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5 : da8ecf5723a0d8a065a2a5d3c5b44306
SHA1 : 791b6a75645f98f618fedbcbc35b2e7967754fc0
Online report : http://virscan.org/report/3186c9629c2261357b506eb4cf006fa2.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 5.0.0.20 20101104031814 2010-11-04 5.43 Worm.Win32.Vobfus!IK
AhnLab V3 2010.11.04.00 2010.11.04 2010-11-04 2.53 Win32/Vbna.worm.162048.C
AntiVir 8.2.4.92 7.10.13.114 2010-11-03 0.27 TR/Dldr.VB.wps
Antiy 2.0.18 20101104.5527644 2010-11-04 0.02 -
Arcavir 2010 201011040829 2010-11-04 0.07 Worm.vbna.alpv
Authentium 5.1.1 201011031607 2010-11-03 1.59 -
AVAST! 4.7.4 101103-2 2010-11-03 0.01 Win32:VB-PTW [Wrm]
AVG 8.5.850 271.1.1/3235 2010-11-03 0.24 Worm/VB.12.AF
BitDefender 7.90123.6276756 7.34535 2010-11-04 4.79 Trojan.Downloader.VB.WPO
ClamAV 0.96.3 12199 2010-11-03 0.01 Worm.VB-1761
Comodo 4.0 6608 2010-11-03 0.89 Worm.Win32.Agent.vb
CP Secure 1.3.0.5 2010.11.04 2010-11-04 0.06 W32.Email.W.VB.au
Dr.Web 5.0.2.3300 2010.11.04 2010-11-04 9.56 Trojan.MulDrop1.40418
F-Prot 4.4.4.56 20101103 2010-11-03 1.56 -
F-Secure 7.02.73807 2010.11.03.07 2010-11-03 0.08 Worm:W32/Vobfus.CY [FSE]
Fortinet 4.2.249 12.526 2010-11-03 0.35 W32/VBNA.D!tr
GData 21.1045/21.449 20101103 2010-11-03 7.43 Worm.Win32.VBNA.alpv [Engine:A]
ViRobot 20101103 2010.11.03 2010-11-03 0.41 Worm.Win32.VBNA.138240
Ikarus T3.1.32.15.0 2010.11.03.77079 2010-11-03 4.92 Worm.Win32.Vobfus
JiangMin 13.0.900 2010.11.03 2010-11-03 1.39 Worm/VBNA.wup
Kaspersky 5.5.10 2010.11.03 2010-11-03 0.08 Worm.Win32.VBNA.alpv
KingSoft 2009.2.5.15 2010.11.3.18 2010-11-03 0.71 Worm.VBNA.138240
McAfee 5400.1158 6156 2010-11-03 18.74 Downloader-CJX.gen.g
Microsoft 1.6301 2010.11.04 2010-11-04 3.98 Worm:Win32/Vobfus.Y
Norman 6.06.10 6.06.00 2010-11-03 4.01 W32/VBNA.BS
Panda 9.05.01 2010.11.03 2010-11-03 2.11 W32/VobfusLNK.A
Trend Micro 9.120-1004 7.592.03 2010-11-03 0.02 WORM_VBNA.SMR
Quick Heal 11.00 2010.11.03 2010-11-03 2.02 Worm.VBNA.gen
Rising 20.0 22.72.01.04 2010-11-02 1.83 -
Sophos 3.13.1 4.59 2010-11-04 2.73 Mal/SillyFDC-D
Sunbelt 3.9.2457.2 7210 2010-11-03 20.69 Worm.Win32.VBNA.akzw (v)
Symantec 1.3.0.24 20101103.002 2010-11-03 0.19 W32.Changeup
nProtect 20101103.01 9114792 2010-11-03 11.76 Trojan-Downloader/W32.Agent.138240.AD
The Hacker 6.7.0.1 v00076 2010-11-03 0.69 W32/VBNA.alpv
VBA32 3.12.14.1 20101103.1041 2010-11-03 3.91 Worm.VBNA.alpv
VirusBuster 4.5.11.10 10.130.9/1952976 2010-11-04 2.42 -

0

VirSCAN.org Scanned Report :
Scanned time : 2010/11/04 09:23:42 (CST)
Scanner results: 86% Scanner(s) (31/36) found malware!
File Name : miudaa.exe
File Size : 138240 byte
File Type : PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5 : da8ecf5723a0d8a065a2a5d3c5b44306
SHA1 : 791b6a75645f98f618fedbcbc35b2e7967754fc0
Online report : http://virscan.org/report/3186c9629c2261357b506eb4cf006fa2.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 5.0.0.20 20101104031814 2010-11-04 5.43 Worm.Win32.Vobfus!IK
AhnLab V3 2010.11.04.00 2010.11.04 2010-11-04 2.53 Win32/Vbna.worm.162048.C
AntiVir 8.2.4.92 7.10.13.114 2010-11-03 0.27 TR/Dldr.VB.wps
Antiy 2.0.18 20101104.5527644 2010-11-04 0.02 -
Arcavir 2010 201011040829 2010-11-04 0.07 Worm.vbna.alpv
Authentium 5.1.1 201011031607 2010-11-03 1.59 -
AVAST! 4.7.4 101103-2 2010-11-03 0.01 Win32:VB-PTW [Wrm]
AVG 8.5.850 271.1.1/3235 2010-11-03 0.24 Worm/VB.12.AF
BitDefender 7.90123.6276756 7.34535 2010-11-04 4.79 Trojan.Downloader.VB.WPO
ClamAV 0.96.3 12199 2010-11-03 0.01 Worm.VB-1761
Comodo 4.0 6608 2010-11-03 0.89 Worm.Win32.Agent.vb
CP Secure 1.3.0.5 2010.11.04 2010-11-04 0.06 W32.Email.W.VB.au
Dr.Web 5.0.2.3300 2010.11.04 2010-11-04 9.56 Trojan.MulDrop1.40418
F-Prot 4.4.4.56 20101103 2010-11-03 1.56 -
F-Secure 7.02.73807 2010.11.03.07 2010-11-03 0.08 Worm:W32/Vobfus.CY [FSE]
Fortinet 4.2.249 12.526 2010-11-03 0.35 W32/VBNA.D!tr
GData 21.1045/21.449 20101103 2010-11-03 7.43 Worm.Win32.VBNA.alpv [Engine:A]
ViRobot 20101103 2010.11.03 2010-11-03 0.41 Worm.Win32.VBNA.138240
Ikarus T3.1.32.15.0 2010.11.03.77079 2010-11-03 4.92 Worm.Win32.Vobfus
JiangMin 13.0.900 2010.11.03 2010-11-03 1.39 Worm/VBNA.wup
Kaspersky 5.5.10 2010.11.03 2010-11-03 0.08 Worm.Win32.VBNA.alpv
KingSoft 2009.2.5.15 2010.11.3.18 2010-11-03 0.71 Worm.VBNA.138240
McAfee 5400.1158 6156 2010-11-03 18.74 Downloader-CJX.gen.g
Microsoft 1.6301 2010.11.04 2010-11-04 3.98 Worm:Win32/Vobfus.Y
Norman 6.06.10 6.06.00 2010-11-03 4.01 W32/VBNA.BS
Panda 9.05.01 2010.11.03 2010-11-03 2.11 W32/VobfusLNK.A
Trend Micro 9.120-1004 7.592.03 2010-11-03 0.02 WORM_VBNA.SMR
Quick Heal 11.00 2010.11.03 2010-11-03 2.02 Worm.VBNA.gen
Rising 20.0 22.72.01.04 2010-11-02 1.83 -
Sophos 3.13.1 4.59 2010-11-04 2.73 Mal/SillyFDC-D
Sunbelt 3.9.2457.2 7210 2010-11-03 20.69 Worm.Win32.VBNA.akzw (v)
Symantec 1.3.0.24 20101103.002 2010-11-03 0.19 W32.Changeup
nProtect 20101103.01 9114792 2010-11-03 11.76 Trojan-Downloader/W32.Agent.138240.AD
The Hacker 6.7.0.1 v00076 2010-11-03 0.69 W32/VBNA.alpv
VBA32 3.12.14.1 20101103.1041 2010-11-03 3.91 Worm.VBNA.alpv
VirusBuster 4.5.11.10 10.130.9/1952976 2010-11-04 2.42 -

And?

0

??
i'm using winnt sp4
i tried attrib -h -r -s /s /d h:\*.* via command prompt
(h is my drive)
but i got return msg "invalid switch - /d
please advise

thanks

-okok1212-

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.