Learn more about this threat
Link 1
Link 2

Alternative names

• MSIEINST[1].EXE MSIEINST [1]. EXE
• MSASCUI.EXE MSASCui.exe
• BPXA.EXE BPXA.EXE
• UNKL.EXE UNKL.EXE
• UBGA.EXE UBGA.EXE
• VSOX.EXE VSOX.EXE
• BIFE.EXE BIFE.EXE
• NBSS.EXE NBSS.EXE
• DLJG.EXE DLJG.EXE
• VAXN.EXE VAXN.EXE
• E.EXE E. EXE
• 28700CC8.EXE 28700CC8.EXE

On hijackthis report

Running processes:

C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Freecorder\FLVSrvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Users\xxxxxxxxxxxAppData\Local\av.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\xxxxxxx\Downloads\HiJackThis.exe

Removal

• usbfix
• AD-Remover
• Malwarbyte

Usbfix

Download here

Connect your external data sources to your PC (USB, external hard drive ……) likely to have been infected without opening

• (1) Double click (right click “run as administrator” for Vista / 7) on UsbFix shortcut on your desktop.
• (2) Select the option 2 (Remove)
• Your desktop will disappear and the pc will restart.
• Upon restart, UsbFix scan your PC, let the tool work.
• Note: The report is saved in UsbFix.txt: (C:\UsbFix.txt)

Ad-Remover

Download here

• Disconnect internet connection and close all running applications and disable your antivirus.
• Double click (right click “run as administrator” for Vista / 7) on the executable to launch.
• For the warning message that appears, select ‘Yes’.
• In the main menu choose option “L” and then press Enter.Post the report appears at the end of the analysis on the forum.

(The report is also saved under C:\Ad-report(date).Log)

Malwarebytes

MalwareByte’s Anti-Malware

• Download MalwareByte’s Anti-Malware
• Link :MalwareByte’s Anti-Malware
• Install the program,
• Make updates (click Updates then Search for updates)
• Start in Safe Mode:
• Restart the computer,
• Upon loading the BIOS , start pressing the F8 key on the keyboard until the Windows advanced option menu appears
• Select “Safe Mode” In the menu, then press Enter.
• Launch MalwareByte’s Anti-Malware, click “Run a full review” and then select Search all disks,
• Once the scan is complete, click “Remove” (if you are asked to reboot the PC, accept)
• A report will be generated, save it to make a personal analysis or post the report on a forum.

»  125 Useful Windows Keyboard Shortcuts
»  How to hide folders without using any softwares and not by selecting hidden
»  How to view hidden files
»  How to remove autorun.inf virus
»  Changing the targets of (My documents and its contents)

Article by Chaitanya Yanamadala

chaitu has written 38 useful articles :)

Posted in Computer Tips

Tags:Virus