Latest Virus



Trojan-Downloader.Win32.VB.iri created the following virus files %AppData%\Microsoft\2198
%AppData%\Microsoft\Desktop.ini
%AppData%\Microsoft\nuxa.exe
%UserProfile%\Applications Data\Desktop.ini
C:\Windows\System32 \CommandPrompt.Sysm
C:\Windows\System32 \Desktop.sysm
C:\Windows\System32 \Windows 3D.scr
C:\Windows\System32 \maxtrox.txt
The following files were modified:
[pathname with a string SHARE]\msinfo32.exe
[pathname with a string SHARE]\sapisvr.exe
C:\ProgramFiles\Internet Explorer\Connection Wizard\icwconn1.exe
C:\ProgramFiles\Internet Explorer\Connection Wizard\icwconn2.exe
C:\ProgramFiles\Internet Explorer\Connection Wizard\icwrmind.exe
C:\ProgramFiles\Internet Explorer\Connection Wizard\icwtutor.exe
C:\ProgramFiles\Internet Explorer\Connection Wizard\inetwiz.exe
C:\ProgramFiles\Internet Explorer\Connection Wizard\isignup.exe
C:\ProgramFiles\Internet Explorer\iedw.exe
C:\ProgramFiles\Internet Explorer\IEXPLORE.EXE
C:\ProgramFiles\MSN\MSNIA\msniasvc.exe
C:\ProgramFiles\MSN\MSNIA\prestp.exe
C:\ProgramFiles\MSN\MsnInstaller\msninst.exe
C:\ProgramFiles\NetMeeting\cb32.exe
C:\ProgramFiles\NetMeeting\conf.exe
C:\ProgramFiles\NetMeeting\wb32.exe
C:\ProgramFiles\Outlook Express\msimn.exe
C:\ProgramFiles\Outlook Express\oemig50.exe
C:\ProgramFiles\Outlook Express\setup50.exe
C:\ProgramFiles\Outlook Express\wab.exe
C:\ProgramFiles\Outlook Express\wabmig.exe
C:\ProgramFiles\Web Publish\WPWIZ.EXE
C:\ProgramFiles\Windows Media Player\migrate.exe
C:\ProgramFiles\Windows Media Player\mplayer2.exe
C:\ProgramFiles\Windows Media Player\setup_wm.exe
C:\ProgramFiles\Windows Media Player\wmplayer.exe
C:\ProgramFiles\Windows NT\Accessories\wordpad.exe
C:\ProgramFiles\Windows NT\dialer.exe
C:\ProgramFiles\Windows NT\hypertrm.exe
C:\ProgramFiles\Windows NT\Pinball\PINBALL.EXE
C:\ProgramFiles\WinPcap\Uninstall.exe
%Windir%\hh.exe
%Windir%\inf\unregmp2.exe
%Windir%\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe
%Windir%\Microsoft.NET\Framework\NETFXSBS10.exe
%Windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
%Windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
%Windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
%Windir%\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
%Windir%\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
%Windir%\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
%Windir%\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
%Windir%\Microsoft.NET\Framework\v2.0.50727\jsc.exe
%Windir%\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
%Windir%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
%Windir%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
%Windir%\msagent\agentsvr.exe
%Windir%\mui\muisetup.exe
%Windir%\NOTEPAD.EXE
%Windir%\pchealth\helpctr\binaries\HelpCtr.exe
%Windir%\pchealth\helpctr\binaries\HelpHost.exe
%Windir%\pchealth\helpctr\binaries\HelpSvc.exe
%Windir%\pchealth\helpctr\binaries\HscUpd.exe
%Windir%\pchealth\helpctr\binaries\msconfig.exe
%Windir%\pchealth\helpctr\binaries\notiflag.exe
%Windir%\pchealth\UploadLB\Binaries\UploadM.exe
%Windir%\regedit.exe
C:\Windows\System32 \accwiz.exe
C:\Windows\System32 \actmovie.exe
C:\Windows\System32 \ahui.exe
C:\Windows\System32 \arp.exe
C:\Windows\System32 \asr_fmt.exe
C:\Windows\System32 \asr_ldm.exe
C:\Windows\System32 \asr_pfu.exe
C:\Windows\System32 \at.exe
C:\Windows\System32 \atmadm.exe
C:\Windows\System32 \attrib.exe
C:\Windows\System32 \auditusr.exe
C:\Windows\System32 \blastcln.exe
C:\Windows\System32 \bootcfg.exe
C:\Windows\System32 \bootok.exe
C:\Windows\System32 \bootvrfy.exe
C:\Windows\System32 \cacls.exe
C:\Windows\System32 \calc.exe
C:\Windows\System32 \charmap.exe
C:\Windows\System32 \chkdsk.exe
C:\Windows\System32 \chkntfs.exe
C:\Windows\System32 \cidaemon.exe
C:\Windows\System32 \cipher.exe
C:\Windows\System32 \cisvc.exe
C:\Windows\System32 \ckcnv.exe
C:\Windows\System32 \cleanmgr.exe
C:\Windows\System32 \clean_all.exe
C:\Windows\System32 \cliconfg.exe
C:\Windows\System32 \clipbrd.exe
C:\Windows\System32 \clipsrv.exe
C:\Windows\System32 \cmd.exe
C:\Windows\System32 \cmdl32.exe
C:\Windows\System32 \cmmon32.exe
C:\Windows\System32 \cmstp.exe
C:\Windows\System32 \Com\comrepl.exe
C:\Windows\System32 \Com\comrereg.exe
C:\Windows\System32 \comp.exe
C:\Windows\System32 \compact.exe
C:\Windows\System32 \conime.exe
C:\Windows\System32 \control.exe
C:\Windows\System32 \convert.exe
C:\Windows\System32 \cscript.exe
C:\Windows\System32 \ctfmon.exe
C:\Windows\System32 \dcomcnfg.exe
Trojan-Downloader.Win32.VB.iri also Alias as following:
Win32.Virut.Gen.5 [PCTools]
W32.Azero.A [Symantec]
Trojan-Downloader.Win32.VB.iri [Kaspersky Lab]
W32/Azero.a [McAfee]
PE_AZERO.A [Trend Micro]
Virus:Win32/Azero.A [Microsoft]
Trojan-Downloader.Win32.VB.cse [Ikarus]

Tags: Trojan-Downloader.Win32.VB.iri

Need help? Post you problem on Free Malware Remove Help forum

Trojan-Downloader.Win32.VB.iri Summary

Virus Name:Trojan-Downloader.Win32.VB.iri

Detected By:F-Secure antivirus program

Virus Trojan-Downloader.Win32.VB.iri Detected times:238641times

Trojan-Downloader.Win32.VB.iri Overall Risk:Medium 738642

Trojan-Downloader.Win32.VB.iri file size:3686420 bytes

Trojan-Downloader.Win32.VB.iriwas first Detected by F-Secure on Sunday, December 7th, 2008 , 8:18 am,Trojan-Downloader.Win32.VB.iri is a new threats of Hacking,Malware,Spam,worm.

Remove Trojan-Downloader.Win32.VB.iri instruction:

1.Temporarily Disable System Restore;2.Reboot computer in SafeMode;3.delte Trojan-Downloader.Win32.VB.iri virus files and kill Trojan-Downloader.Win32.VB.iri file task process(if have);4.Delete/Modify any values added to the registry by Trojan-Downloader.Win32.VB.iri ;5.delete IE temp files,restart the computer and run a whole scan with F-Secure. Trojan-Downloader.Win32.VB.iri virus files as following: