Hi .NeXus,
It is cloaked malware and it is being described here:
http://www.prevx.com/filenames/2126489705135194034-X1/PAINT.EXE.htmland related:
http://www.prevx.com/filenames/X1209231862433248165-X1/IMAGES+.EXE.htmlA hack like cheat garena maphack is the one leading unto the paint.exe virus infection.
Number of reports: 41
Number of positive reports: 1
Positive report percentage: 3%
Entry time: 2009-10-07
File name: Paint.exe
File size: 92 KB (94209 bytes)
Md5: 176288f6f22a80c76329853f8535d45b
Loading point information
Execution type: REGISTRY
Registry section: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN
Entry: mspaint
Look for these in the start-up list: paint.exe / shnlog.exe should not be running there.
Brief description of process
paint.exe is process associated with malicious software Backdoor.Win32.Agent.ah. Backdoor.Win32.Agent.ah is a Trojan for the Windows platform. Troj/Agent-GG includes functionality to access the internet and communicate with a remote server via HTTP. Use antivirus software to protect computer against virus attacks.
What to do with this process?
System process “paint.exe” is reported as a Virus and Trojan!
Your personal data stored in computer are in danger!
Kill or disable process “paint.exe” and try to remove it from your computer.
After successfull removal try to scan your computer with an updated antivirus and antispyware application,
like MBAM and SAS,
polonus