Virus description:
Name: visin
Path: C:\windows\system32\
Produced by: Microsoft Corporation
Behavior description: Added system startup item
Location: HKEY lOCAL MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run
Registration: HKEY lOCAL MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run
Next, a "visin" appears. Please cancel the start of the item first. (Step: Start - Run - Enter "msconfig" - Start - Remove the item containing "visin") and then restart, use WINRAR to find and extract the file to detect it here.
Solution:
It is confirmed that there is a virus (some of the anti-software reports are shown in the table below):
Code:
A-Squared Found nothing
AntiVir Found TR/
ArcaVir Found
Avast Found Win32:Small-EKC
AVG Antivirus Found nothing
BitDefender Found
ClamAV Found nothing
Found
F-Prot Antivirus Found Possibly a new variant of W32/Threat-SysVenFakN-based!Maximus
F-Secure Anti-Virus Found *-Downloader.
Fortinet Found nothing
Kaspersky Anti-Virus Found *-Downloader.
NOD32 Found probably unknown NewHeur_PE (probable variant)
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Rising Antivirus Found nothing
VirusBuster Found Packed/NSPack
VBA32 Found
Please do this:
It is recommended to use XDelBox. Instructions for use: Copy all the paths to delete when deleting. Right-click in the list of files to be deleted and select Import from the clipboard. After importing, right-click on the file to be deleted and select Restart Delete immediately. The computer will restart and enter the DOS interface for deletion. It is best to uninstall all removable storage media (including USB drive, MP3, mobile phone memory card, etc.) before running xdelbox. Select Backup and check "Suppress File Regeneration":
Virus path: c:\windows\system32\
Delete the following startup project: (Use SREng operation to download it in down.)
[visin] <C:\WINDOWS\system32\>
Restart, the problem is solved.
Name: visin
Path: C:\windows\system32\
Produced by: Microsoft Corporation
Behavior description: Added system startup item
Location: HKEY lOCAL MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run
Registration: HKEY lOCAL MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run
Next, a "visin" appears. Please cancel the start of the item first. (Step: Start - Run - Enter "msconfig" - Start - Remove the item containing "visin") and then restart, use WINRAR to find and extract the file to detect it here.
Solution:
It is confirmed that there is a virus (some of the anti-software reports are shown in the table below):
Code:
A-Squared Found nothing
AntiVir Found TR/
ArcaVir Found
Avast Found Win32:Small-EKC
AVG Antivirus Found nothing
BitDefender Found
ClamAV Found nothing
Found
F-Prot Antivirus Found Possibly a new variant of W32/Threat-SysVenFakN-based!Maximus
F-Secure Anti-Virus Found *-Downloader.
Fortinet Found nothing
Kaspersky Anti-Virus Found *-Downloader.
NOD32 Found probably unknown NewHeur_PE (probable variant)
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Rising Antivirus Found nothing
VirusBuster Found Packed/NSPack
VBA32 Found
Please do this:
It is recommended to use XDelBox. Instructions for use: Copy all the paths to delete when deleting. Right-click in the list of files to be deleted and select Import from the clipboard. After importing, right-click on the file to be deleted and select Restart Delete immediately. The computer will restart and enter the DOS interface for deletion. It is best to uninstall all removable storage media (including USB drive, MP3, mobile phone memory card, etc.) before running xdelbox. Select Backup and check "Suppress File Regeneration":
Virus path: c:\windows\system32\
Delete the following startup project: (Use SREng operation to download it in down.)
[visin] <C:\WINDOWS\system32\>
Restart, the problem is solved.