Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I'm unable to use my programs properly...


  • Please log in to reply
7 replies to this topic

#1 Gentleman Artist

Gentleman Artist

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 04 February 2013 - 08:39 PM

Hello everyone, how are you?

I come to you today because I have a rather annoying issue with my computer. I'm running Windows Vista, Business, X64 or X86 I'm unsure.

My issue is this: Recently my computer picked up some malware, trojans, what have you; and I used malwarebytes to get most of them off.

Once doing a scan in safe mode, as I always do before doing a final scan in the regular mode to get anything else off of the machine, I returned to the normal desktop, and found that everything would freeze up. I could not access my other programs and I was forced to do my work via Safemode with networking.

When I finally got the trojans and malware off of my computer, NOTHINNG is detected, I then loaded up the computer and found to my dismay, that the programs were crashing. Only major programs like Firefox or Opera work properly. As of this moment Adobe Flash is crashing every two miutes, I cannot open a video program without it suddenly shutting down, I cannot type my essays on my word processor.

I cannot even uninstall these programs or make a new user profile on the computer.

This is getting very difficult for me because I usually can fix my issues on my computer because I browse this site so much. However at this point I am at my wit's end and I am trying to get my school assignments and other obligations done and this is just getting in the way.

Any help you all can provide is absolutely desired.

I'll be watching this thread with diligence.

GA

Edited by hamluis, 04 February 2013 - 09:10 PM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Gentleman Artist

Gentleman Artist
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 04 February 2013 - 08:45 PM

In addition it started out as a cookie blocking issue.

#3 Gentleman Artist

Gentleman Artist
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 04 February 2013 - 09:57 PM

Thanks for moving this Hamluis!

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:07 AM

Posted 04 February 2013 - 10:10 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#5 Gentleman Artist

Gentleman Artist
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 04 February 2013 - 11:22 PM

TSSD KILLER found 0 Results

ASWMBR

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-04 22:21:54
-----------------------------
22:21:54.530 OS Version: Windows 6.0.6001 Service Pack 1
22:21:54.530 Number of processors: 2 586 0x170A
22:21:54.530 ComputerName: USER1-PC UserName: User1
22:22:20.139 Initialize success
22:22:22.418 AVAST engine defs: 13020401
22:22:25.086 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:22:25.086 Disk 0 Vendor: TOSHIBA_MK8032GSX AS112D Size: 76319MB BusType: 3
22:22:25.132 Disk 0 MBR read successfully
22:22:25.132 Disk 0 MBR scan
22:22:25.975 Disk 0 Windows VISTA default MBR code
22:22:26.053 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76317 MB offset 2048
22:22:26.770 Disk 0 scanning sectors +156299264
22:22:26.973 Disk 0 scanning C:\Windows\system32\drivers
22:22:44.454 Service scanning
22:23:09.553 Modules scanning
22:23:18.010 Disk 0 trace - called modules:
22:23:18.026 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll acpi.sys ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys tcpip.sys NETIO.SYS
22:23:18.026 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85e21ac8]
22:23:18.556 3 CLASSPNP.SYS[887b2745] -> nt!IofCallDriver -> [0x8589c978]
22:23:18.556 5 hpdskflt.sys[88795090] -> nt!IofCallDriver -> [0x856d0918]
22:23:18.556 7 acpi.sys[8069c6a0] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x856c4ba0]
22:23:19.633 AVAST engine scan C:\Windows
22:23:22.347 AVAST engine scan C:\Windows\system32
22:24:49.869 File: C:\Windows\system32\trz7146.tmp **INFECTED** Win32:Expiro-BR
22:24:49.947 File: C:\Windows\system32\trz9B93.tmp **INFECTED** Win32:Expiro-BR
22:25:46.227 AVAST engine scan C:\Windows\system32\drivers
22:25:57.758 AVAST engine scan C:\Users\User1
22:25:57.961 File: C:\Users\User1\8225969.exe **INFECTED** Win32:Malware-gen
22:26:00.988 File: C:\Users\User1\AppData\Local\Adobe\OOBE\PDApp\core\PDapp.exe **INFECTED** Win32:Expiro-BR
22:26:03.156 File: C:\Users\User1\AppData\Local\Adobe\OOBE\PDApp\D6\Setup.exe **INFECTED** Win32:Expiro-BR
22:26:10.069 File: C:\Users\User1\AppData\Local\AOL\AIM\aim.exe **INFECTED** Win32:Expiro-BR
22:28:58.924 File: C:\Users\User1\AppData\Local\Temp\1100.tmp **INFECTED** Win32:Expiro-BR
22:28:59.002 File: C:\Users\User1\AppData\Local\Temp\28A.tmp **INFECTED** Win32:Expiro-BR
22:28:59.080 File: C:\Users\User1\AppData\Local\Temp\4059.tmp **INFECTED** Win32:Expiro-BR
22:28:59.580 File: C:\Users\User1\AppData\Local\Temp\C833.tmp **INFECTED** Win32:Expiro-BR
22:29:00.999 File: C:\Users\User1\AppData\Local\Temp\FDDE.tmp **INFECTED** Win32:Expiro-BR
22:31:33.425 File: C:\Users\User1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\706c6402-66759f34 **INFECTED** Win32:Malware-gen
22:35:03.049 File: C:\Users\User1\Desktop\AdobeApplicationManager.exe **INFECTED** Win32:Expiro-BR
22:35:54.632 AVAST engine scan C:\ProgramData
23:01:12.558 Disk 0 MBR has been saved successfully to "C:\Users\User1\Desktop\MBR.dat"
23:01:12.558 The log file has been saved successfully to "C:\Users\User1\Desktop\aswMBR.txt"

The final program is still scanning.

#6 Gentleman Artist

Gentleman Artist
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 05 February 2013 - 03:56 PM

EDST SCANNER RESULTS

C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\10376\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\10376\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\10376\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\10376\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\11085\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\11085\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\11085\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\11085\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\1151\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\1151\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\1151\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\1151\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\126\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\126\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\126\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\126\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\14413\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\14413\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\14413\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\14413\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\15757\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\15757\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\15757\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\15757\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\15827\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\15827\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\15827\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\15827\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\16920\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\16920\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\16920\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\16920\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\17349\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\17349\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\17349\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\17349\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\19\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\19\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\19\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\19\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\20368\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\20368\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\20368\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\20368\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\22482\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\22482\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\22482\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\22482\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\2251\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\2251\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\2251\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\2251\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\2292\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\2292\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\2292\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\2292\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\2446\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\2446\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\2446\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\2446\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\25297\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\25297\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\25297\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\25297\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\26018\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\26018\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\26018\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\26018\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\26476\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\26476\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\26476\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\26476\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\26603\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\26603\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\26603\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\26603\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\26887\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\26887\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\26887\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\26887\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\28026\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\28026\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\28026\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\28026\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\28072\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\28072\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\28072\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\28072\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\29283\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\29283\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\29283\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\29283\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\29591\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\29591\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\29591\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\29591\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\29601\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\29601\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\29601\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\29601\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\3071\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\3071\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\3071\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\3071\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\30851\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\30851\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\30851\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\30851\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\31416\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\31416\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\31416\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\31416\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\31511\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\31511\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\31511\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\31511\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\32474\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\32474\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\32474\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\32474\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\32601\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\32601\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\32601\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\32601\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\3319\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\3319\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\3319\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\3319\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\4184\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\4184\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\4184\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\4184\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\5766\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\5766\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\5766\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\5766\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\6058\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\6058\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\6058\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\6058\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\8288\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\8288\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\8288\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\8288\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\8781\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\8781\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\8781\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\8781\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\8843\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\8843\AdobeARM.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\8843\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\$Recycle.Bin\S-1-5-21-2102897693-2941571450-86358745-1000\$R5875HM\Reader_10.1.3\8843\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\AeriaGames\Shaiya\CONFIG.exe Win32/Expiro.NAN virus
C:\AeriaGames\Shaiya\Updater.exe Win32/Expiro.NAN virus
C:\Kernels\drivers.vbs BAT/CoinMiner.X trojan
C:\Kernels\processor.bat BAT/CoinMiner.X trojan
C:\Program Files\7-zip\7z.exe Win32/Expiro.NAN virus
C:\Program Files\7-zip\7zFM.exe Win32/Expiro.NAN virus
C:\Program Files\7-zip\7zG.exe Win32/Expiro.NAN virus
C:\Program Files\Adobe\Adobe Help\Adobe Help.exe Win32/Expiro.NAN virus
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32Info.exe Win32/Expiro.NAN virus
C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe Win32/Expiro.NAN virus
C:\Program Files\Adobe\Reader 10.0\Reader\arh.exe Win32/Expiro.NAN virus
C:\Program Files\Adobe\Reader 10.0\Reader\Eula.exe Win32/Expiro.NAN virus
C:\Program Files\Analog Devices\SoundMAX\MUI\smmui.exe Win32/Expiro.NAN virus
C:\Program Files\Analog Devices\SoundMAX\DevSetup.exe Win32/Expiro.NAN virus
C:\Program Files\ATI\CIM\Bin\ATISetup.exe Win32/Expiro.NAN virus
C:\Program Files\ATI\CIM\Bin\InstallManagerApp.exe Win32/Expiro.NAN virus
C:\Program Files\ATI\CIM\Bin\Setup.exe Win32/Expiro.NAN virus
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atishlx.exe Win32/Expiro.NAN virus
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\installShell.exe Win32/Expiro.NAN virus
C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Full-Existing\DXStress.exe Win32/Expiro.NAN virus
C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Previews-Vista\cccprev.exe Win32/Expiro.NAN virus
C:\Program Files\Audacity\audacity.exe Win32/Expiro.NAN virus
C:\Program Files\AVAST Software\Avast\aswRegSvr.exe Win32/Expiro.NAN virus
C:\Program Files\CCleaner\CCleaner.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\ARM\1.0\AcrobatUpdater.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\ARM\1.0\ReaderUpdater.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\tools\7za.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\AAMHelper.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\AdobeApplicationManager(URIHandler).exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\AdobeApplicationManager.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\OOBE\PDApp\D6\Setup.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\OOBE\PDApp\DECore\DE5\resources\libraries\Adobe_Helperx32.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\OOBE\PDApp\DECore\DE6\resources\libraries\Adobe_Helperx32.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\OOBE\PDApp\DECore\Setup.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\OOBE\PDApp\DWA\Setup.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\OOBE\PDApp\LWA\AAM Registration Notifier.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\OOBE\PDApp\LWA\adobe_licutil.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\OOBE\PDApp\P6\AAM Registration Notifier.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAMLauncher.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\Adobe Application Manager (Updater).exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Apple\Apple Application Support\defaults.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Java\Java Update\jaucheck.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Java\Java Update\jaureg.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Java\Java Update\jucheck.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\LogiShrd\KAudP\FltrInst.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\LogiShrd\LQCVFX\HWRendererTest.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\LogiShrd\LQCVFX\ModelFileHandler.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\LogiShrd\LQCVFX\VideoEffectsPerfMon.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\LogiShrd\LVMVFM\fltrinst.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPLChainUpdater.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\LogiShrd\MV\fltrinst.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\LogiShrd\WUApp32.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\microsoft shared\ink\FlickLearningWizard.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\microsoft shared\ink\InkWatson.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\microsoft shared\ink\IpsOptInSrv.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\microsoft shared\ink\pipanel.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\microsoft shared\MSInfo\msinfo32.exe Win32/Expiro.NAN virus
C:\Program Files\Common Files\Sonic Shared\Sonic Central\Main\Mediahub.exe Win32/Expiro.NAN virus
C:\Program Files\CyberLink\PowerDirector\BigBang\CLUpdater.exe Win32/Expiro.NAN virus
C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe Win32/Expiro.NAN virus
C:\Program Files\CyberLink\PowerDirector\PDR32Agent\PDR32Agent.exe Win32/Expiro.NAN virus
C:\Program Files\CyberLink\PowerDirector\Trial\Trial.exe Win32/Expiro.NAN virus
C:\Program Files\CyberLink\PowerDirector\Trial\TrialMgr.exe Win32/Expiro.NAN virus
C:\Program Files\CyberLink\PowerDirector\CES_AudioCacheAgent.exe Win32/Expiro.NAN virus
C:\Program Files\CyberLink\PowerDirector\CES_CacheAgent.exe Win32/Expiro.NAN virus
C:\Program Files\CyberLink\PowerDirector\MotionMenuGenerator.exe Win32/Expiro.NAN virus
C:\Program Files\CyberLink\PowerDirector\UACAgent.exe Win32/Expiro.NAN virus
C:\Program Files\CyberLink\Shared files\EffectExtractor.exe Win32/Expiro.NAN virus
C:\Program Files\CyberLink\WaveEditor\MUITransfer\MUIStartMenu.exe Win32/Expiro.NAN virus
C:\Program Files\GRETECH\GomPlayer\GOM.EXE Win32/Expiro.NAN virus
C:\Program Files\GRETECH\GomPlayer\GrLauncher.exe Win32/Expiro.NAN virus
C:\Program Files\GRETECH\GomPlayer\Popup.exe Win32/Expiro.NAN virus
C:\Program Files\GRETECH\GomPlayer\ShellRegister.exe Win32/Expiro.NAN virus
C:\Program Files\GRETECH\GomPlayer\srt2smi.exe Win32/Expiro.NAN virus
C:\Program Files\Hewlett-Packard\Drivers\Global\HPMDP\x86\HPSERVICE.exe Win32/Expiro.NAN virus
C:\Program Files\Hewlett-Packard\Drivers\Global\HPMDP\InstHPMDP.exe Win32/Expiro.NAN virus
C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\accelerometerST.exe Win32/Expiro.NAN virus
C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\hpcplapp.exe Win32/Expiro.NAN virus
C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\HpTile2.exe Win32/Expiro.NAN virus
C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\hptileapp.exe Win32/Expiro.NAN virus
C:\Program Files\Image-Line\Downloader\Update\Updater.exe Win32/Expiro.NAN virus
C:\Program Files\Image-Line\Downloader\ILDownloadManager.exe Win32/Expiro.NAN virus
C:\Program Files\Image-Line\FL Studio 10\System\Tools\BeatSlicer\zx_bs_d.exe Win32/Expiro.NAN virus
C:\Program Files\Internet Explorer\iexplore.exe Win32/Expiro.NAN virus
C:\Program Files\Windows Mail\WinMail.exe Win32/Expiro.NAN virus
C:\Program Files\Windows Media Player\wmplayer.exe Win32/Expiro.NAN virus
C:\Program Files\WinRAR\WinRAR.exe Win32/Expiro.NAN virus
C:\Program Files\Wondershare\Photo Recovery\LiveUpdate.exe Win32/Expiro.NAN virus
C:\ProgramData\Yahoo!\YUpdater\yupdater.exe Win32/Expiro.NAN virus
C:\ProgramData\dsgsdgdsgdsgw.js JS/Agent.NID trojan
C:\SwSetup\MMODEM\Conexant\Vista32\UIU32m.exe Win32/Expiro.NAN virus
C:\SwSetup\MMODEM\Conexant\Vista32\XAudio.exe Win32/Expiro.NAN virus
C:\SwSetup\MMODEM\LSI\Vista32\agrsmdel.exe Win32/Expiro.NAN virus
C:\SwSetup\MMODEM\LSI\Vista32\setup.exe Win32/Expiro.NAN virus
C:\SwSetup\MMODEM\LSI\Vista64\agrsmdel.exe Win32/Expiro.NAN virus
C:\SwSetup\MMODEM\LSI\Vista64\setup.exe Win32/Expiro.NAN virus
C:\SwSetup\SP39689\flat\Conexant\Vista32\UIU32m.exe Win32/Expiro.NAN virus
C:\SwSetup\SP39689\flat\Conexant\Vista32\XAudio.exe Win32/Expiro.NAN virus
C:\SwSetup\SP39689\flat\LSI\Vista32\agrsmdel.exe Win32/Expiro.NAN virus
C:\SwSetup\SP39689\flat\LSI\Vista32\setup.exe Win32/Expiro.NAN virus
C:\SwSetup\SP39689\flat\LSI\Vista64\agrsmdel.exe Win32/Expiro.NAN virus
C:\SwSetup\SP39689\flat\LSI\Vista64\setup.exe Win32/Expiro.NAN virus
C:\SwSetup\SP39805\Win32\instmsia.exe Win32/Expiro.NAN virus
C:\SwSetup\SP39805\Win32\instmsiw.exe Win32/Expiro.NAN virus
C:\SwSetup\SP39805\Win32\Setup.exe Win32/Expiro.NAN virus
C:\SwSetup\SP39805\Win64\instmsia.exe Win32/Expiro.NAN virus
C:\SwSetup\SP39805\Win64\instmsiw.exe Win32/Expiro.NAN virus
C:\SwSetup\SP39805\Setup.exe Win32/Expiro.NAN virus
C:\SwSetup\SP41387\Setup.exe Win32/Expiro.NAN virus
C:\SwSetup\SP43555\amd64\Vista\smax4pnp.exe Win32/Expiro.NAN virus
C:\SwSetup\SP43555\i386\Vista\aeadisrv.exe Win32/Expiro.NAN virus
C:\SwSetup\SP43555\i386\Vista\smax4pnp.exe Win32/Expiro.NAN virus
C:\SwSetup\SP43555\i386\DevSetup.exe Win32/Expiro.NAN virus
C:\SwSetup\SP43555\MUI\smmui.exe Win32/Expiro.NAN virus
C:\SwSetup\SP43555\SM_Panel\x86\SoundMAX.exe Win32/Expiro.NAN virus
C:\SwSetup\SP44850\Bin\ATISetup.exe Win32/Expiro.NAN virus
C:\SwSetup\SP44850\Bin\InstallManagerApp.exe Win32/Expiro.NAN virus
C:\SwSetup\SP44850\Bin\Setup.exe Win32/Expiro.NAN virus
C:\SwSetup\SP44850\Setup.exe Win32/Expiro.NAN virus
C:\SwSetup\SP45131\LMSSOL\LMS\LMS.exe Win32/Expiro.NAN virus
C:\SwSetup\SP45131\LMSSOL\setup.exe Win32/Expiro.NAN virus
C:\SwSetup\SP45131\MEI\setup.exe Win32/Expiro.NAN virus
C:\SwSetup\SP47282\x86\HPSERVICE.exe Win32/Expiro.NAN virus
C:\SwSetup\SP47728\DriverInstall.exe Win32/Expiro.NAN virus
C:\Temp\ML-1740\DATA\VECP\VISTA_64\sskinst.exe Win32/Expiro.NAN virus
C:\Temp\ML-1740\DATA\SSDelAll.exe Win32/Expiro.NAN virus
C:\Temp\ML-1740\DATA\SSIcon.exe Win32/Expiro.NAN virus
C:\Temp\ML-1740\DATA\SSinst.exe Win32/Expiro.NAN virus
C:\Temp\ML-1740\DATA\ssinstad.exe Win32/Expiro.NAN virus
C:\Temp\ML-1740\DATA\SSndii.exe Win32/Expiro.NAN virus
C:\Temp\ML-1740\DATA\SSOpen.exe Win32/Expiro.NAN virus
C:\Temp\ML-1740\DATA\wiainst.exe Win32/Expiro.NAN virus
C:\Temp\ML-1740\Printer\GDI\VISTA\coinst.exe Win32/Expiro.NAN virus
C:\Temp\ML-1740\Printer\GDI\VISTA_64\coinst.exe Win32/Expiro.NAN virus
C:\Users\All Users\Yahoo!\YUpdater\yupdater.exe Win32/Expiro.NAN virus
C:\Users\All Users\dsgsdgdsgdsgw.js JS/Agent.NID trojan
C:\Users\User1\AppData\Local\Adobe\OOBE\PDApp\core\PDapp.exe Win32/Expiro.NAN virus
C:\Users\User1\AppData\Local\Adobe\OOBE\PDApp\D6\Setup.exe Win32/Expiro.NAN virus
C:\Users\User1\AppData\Local\AOL\AIM\aim.exe Win32/Expiro.NAN virus
C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Default\aadfdedaggdjdfdedfdedidbdedagcdi\background.js Win32/TrojanDownloader.Tracur.V trojan
C:\Users\User1\AppData\Local\Temp\1100.tmp Win32/Expiro.NAN virus
C:\Users\User1\AppData\Local\Temp\28A.tmp Win32/Expiro.NAN virus
C:\Users\User1\AppData\Local\Temp\4059.tmp Win32/Expiro.NAN virus
C:\Users\User1\AppData\Local\Temp\C833.tmp Win32/Expiro.NAN virus
C:\Users\User1\AppData\Local\Temp\FDDE.tmp Win32/Expiro.NAN virus
C:\Users\User1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\706c6402-66759f34 a variant of Win32/TrojanProxy.Agent.NKQ trojan
C:\Users\User1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\73a3a082-709fd394 Java/Exploit.CVE-2012-5076.P trojan
C:\Users\User1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\2f725458-6769e48b Java/Exploit.CVE-2012-1723.EL trojan
C:\Users\User1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\1421ff63-5880e614 Java/Agent.FH trojan
C:\Users\User1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\4db105b4-41e685a1 Java/Agent.FH trojan
C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\us5uliiq.default-1359654496216\extensions\{ec9032c7-c20a-464f-7b0e-13a3a9e97385}\components\red.js JS/Redirector.NBI trojan
C:\Users\User1\Desktop\Old Firefox Data\extensions\{ec9032c7-c20a-464f-7b0e-13a3a9e97385}\components\red.js JS/Redirector.NBI trojan
C:\Users\User1\Desktop\AdobeApplicationManager.exe Win32/Expiro.NAN virus
C:\Users\User1\8225969.exe a variant of Win32/Injector.ABWU trojan
C:\Windows\System32\trz7146.tmp Win32/Expiro.NAN virus
C:\Windows\System32\trz9B93.tmp Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_infocard_b77a5c561934e089_6.0.6001.18096_none_cb93e139188459ef\infocard.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-alg_31bf3856ad364e35_6.0.6001.18000_none_a8e952205b1e893c\alg.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-blb-engine-main_31bf3856ad364e35_6.0.6001.18000_none_e3e1f5f7ffbfe8d9\wbengine.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-com-dtc-runtime_31bf3856ad364e35_6.0.6001.18000_none_195302e56002fb82\msdtc.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-dfsr-core-clientonly_31bf3856ad364e35_6.0.6001.18000_none_b6798caa9a04157b\dfsr.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18639_none_2f4a9e431a0ea795\iexplore.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-installer-executable_31bf3856ad364e35_6.0.6001.18000_none_498174cc8619e2a5\msiexec.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6001.18000_none_f1582d884fb532fb\WinMail.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6002.18005_none_f343a6944cd6fe47\WinMail.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18528_none_0b5c2f154f22adf2\wmplayer.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-msinfo32-exe-common_31bf3856ad364e35_6.0.6001.18000_none_8644ff1aeae0de50\msinfo32.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-rpc-locator_31bf3856ad364e35_6.0.6000.16386_none_ccfdd130eface46c\Locator.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-security-licensing-slc_31bf3856ad364e35_6.0.6001.18000_none_4e777d79f985fac8\SLsvc.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-session0viewer_31bf3856ad364e35_6.0.6001.18000_none_e1e6e80246adfe72\UI0Detect.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\pipanel.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-t..flicklearningwizard_31bf3856ad364e35_6.0.6000.16386_none_0b4aec3474d90358\FlickLearningWizard.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-t..nputpersonalization_31bf3856ad364e35_6.0.6001.18000_none_3fac12f5c6543548\InputPersonalization.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-t..nputpersonalization_31bf3856ad364e35_6.0.6001.18000_none_3fac12f5c6543548\IpsOptInSrv.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-t..nputpersonalization_31bf3856ad364e35_6.0.6001.18000_none_3fac12f5c6543548\ShapeCollector.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-t..nputpersonalization_31bf3856ad364e35_6.0.6002.18005_none_41978c01c3760094\InputPersonalization.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-t..nputpersonalization_31bf3856ad364e35_6.0.6002.18005_none_41978c01c3760094\IpsOptInSrv.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-tabletpc-inkwatson_31bf3856ad364e35_6.0.6001.18000_none_085728f200fb9954\InkWatson.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-tabletpc-inputpanel_31bf3856ad364e35_6.0.6001.18000_none_118f15c677824d1e\TabTip.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.0.6001.18000_none_6aead29ffaae9c39\vds.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-vssservice_31bf3856ad364e35_6.0.6001.18000_none_5accce7717d773c7\VSSVC.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\WmiApSrv.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_microsoft-windows-wmpnss-service_31bf3856ad364e35_6.0.6001.18000_none_0386cbd2ce93a16e\wmpnetwk.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_6.0.6001.18111_none_1ff70f6be8780df0\mscorsvw.exe Win32/Expiro.NAN virus
C:\Windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6001.16503_none_3b8c27e8ba3dd3dd\SearchIndexer.exe Win32/Expiro.NAN virus

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:07 AM

Posted 05 February 2013 - 03:59 PM

Win32/Expiro is a dangerous polymorphic file infector.It has infected most of your EXE files.I would suggest you to back up your important files (excluding any EXE files) and perform a clean install.Cleaning this infection would cause more damage to the PC.

#8 Gentleman Artist

Gentleman Artist
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 05 February 2013 - 04:24 PM

A clean install of Vista....okay...now I'm going to have to get a copy of Vista....sigh....

Jesus....




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users