An online scan found the following:Berbew.I

Online scanning facility : http://www.ravantivirus.com/
{Scan without subscription}

Def file last updated:
Wednesday, November 10, 2004 23:59:25

Online Log file found :

Scan started at 11/19/2004 6:09:16 AM

Scanning memory…
Scanning boot sectors…
Scanning files…
C:\WINDOWS\system32\ceshgz.exe - Backdoor:Win32/Berbew.I → Infected
C:\WINDOWS\system32\icvstj.exe - Backdoor:Win32/Berbew.I → Infected
C:\WINDOWS\system32\kfftnb.exe - Backdoor:Win32/Berbew.I → Infected
C:\WINDOWS\system32\Mjlefmkn.exe - Backdoor:Win32/Berbew.I → Infected
C:\WINDOWS\system32\phqghu.exe - Backdoor:Win32/Berbew.I → Infected
C:\WINDOWS\system32\Qodnqoje.exe - Backdoor:Win32/Berbew.I → Infected

Scanned

Objects: 43227
Directories: 3980
Archives: 6446
Size(Kb): -1286828
Infected files: 6

Found

Viruses found: 1
Suspicious files: 0
Disinfected files: 0
Mail files: 33

Hi,

if uptodate avast doesn’t detect them, please send the files in a password-protected archive to
virus (at) avast.com

supply archive-password & info in the mail-text

Info&Removal for the Worm:
http://www.virusbtn.com/perlbin/vgrep/vgrep.cgi?terms=Berbew.I&product=16

VB_For_Dummies,

can you please create a HijackThis log and send it to me, so I can check if my analyzer can detect them? (if not, I will add them ofcourse)

Thanks in advance.

Done !

Done! Sent To:Edited after post read .

Thanks checking everything right now.

Edit: thanks to that log I was able to add 5 new items in the databases to recognize.