Name: Visin
Path: C:\windows\system32\visin.exe
Production company: Microsoft Corporation
Behavior Description: New system Startup Items
Location: Hkey Local Machine\software\microsoft\windows\currentversion\policies\explorer\run
Registry: Hkey Local Machine\software\microsoft\windows\currentversion\policies\explorer\run
A "Visin" appears, please cancel the startup first, (step: Start-run-enter "msconfig"-boot-Remove the "Visin" item) and then reboot, use WinRAR to find Visin.exe and then extract the file to check here
Solution:
Confirmed to have virus (partial kill soft report poison, see below form):
Code:
a-squared Found Nothing
AntiVir Found Tr/crypt.fkm.gen
ArcaVir Found Trojan.Downloader.Small.Czl
Avast Found WIN32:SMALL-EKC
AVG Antivirus Found Nothing
BitDefender Found Trojan.PWS.Lmir.AII
ClamAV Found Nothing
Dr.Web Found Backdoor.twin
F-prot Antivirus Found Possibly a new variant of w32/threat-sysvenfakn-based! Maximus
F-secure Anti-Virus Found Trojan-downloader.win32.small.czl
Fortinet Found Nothing
Kaspersky Anti-Virus Found Trojan-downloader.win32.small.czl
NOD32 Found probably unknown newheur_pe (probable variant)
Norman Virus Control Found Nothing
Panda Antivirus Found Nothing
Rising Antivirus Found Nothing
VirusBuster Found Packed/nspack
VBA32 Found Backdoor.twin
Take this action:
Recommended use of Xdelbox use instructions: Copy all the path to delete files when deleted, in the list of files to be deleted click the right button to select from the Clipboard import, after import in the delete file on the right click, choose to restart immediately delete, the computer will restart into the DOS interface for deletion. It is best to uninstall all Removable storage media (including U disk, MP3, mobile memory card, etc.) before running Xdelbox. Select Backup, check "suppress file regeneration":
Virus path Fill: c:\windows\system32\visin.exe
Delete the following startup items: (using the Sreng operation, you can download to down.45it.com)
[Visin] <C:\WINDOWS\system32\visin.exe>
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
