Hi, I opened a .zip with an "image" on MSN. (Yeah real smart, I know) Anyway my msn keeps sending some random .zip files to all my contacts. I did a cleaning with msnfix and livekill clean mesenger. But it still sends .zip files to my contacts. I did a virus scan on bitdefender.com and it found an infected file C:\WINDOWS\system32\l.exe infected with Trojan.Generic.68912 I tried googling it but no success, can anyone help? Thanks Seb
browse for the file to see if you can find it. go to website below, browse for file again and upload it. it will be checked by 10-12 scanners. http://www.virustotal.com/ ----------------------------- do a online scan: F-secure scan: http://support.f-secure.com/enu/home/ols.shtml uses Internet Explorer only click on the "start scanning button" near bottom of page. click to accept/install the ActiveX applet "accept" the License Agreement, click "full system scan" Once the download completes,the scan will begin automatically.Download may take awhile The scan will take some time to finish. When the scan completes, click the Automatic cleaning (recommended) button. regards
Hi thanks I uploaded the file on virustotal.com, results below. I also lauched the scan with f-secure but it seems it has frozen I'll try again now. Thanks for your help Antivirus Version Last Update Result AhnLab-V3 2007.11.13.0 2007.11.13 - AntiVir 7.6.0.34 2007.11.13 HEUR/Malware Authentium 4.93.8 2007.11.13 - Avast 4.7.1074.0 2007.11.12 - AVG 7.5.0.503 2007.11.12 SHeur.ZGG BitDefender 7.2 2007.11.13 Trojan.Generic.68912 CAT-QuickHeal 9.00 2007.11.12 - ClamAV 0.91.2 2007.11.13 - DrWeb 4.44.0.09170 2007.11.12 - eSafe 7.0.15.0 2007.11.08 suspicious Trojan/Worm eTrust-Vet 31.2.5291 2007.11.13 - Ewido 4.0 2007.11.12 - FileAdvisor 1 2007.11.13 - Fortinet 3.11.0.0 2007.10.19 - F-Prot 4.4.2.54 2007.11.13 - F-Secure 6.70.13030.0 2007.11.13 Email-Worm.Win32.Agent.bl Ikarus T3.1.1.12 2007.11.13 Trojan-PWS.Win32.Lmir.AGP Kaspersky 7.0.0.125 2007.11.13 Email-Worm.Win32.Agent.bl McAfee 5161 2007.11.12 - Microsoft 1.3007 2007.11.12 PWS:Win32/Lmir NOD32v2 2654 2007.11.13 - Norman 5.80.02 2007.11.12 W32/Lmir.JXF Panda 9.0.0.4 2007.11.13 Bck/Agent.HAP Prevx1 V2 2007.11.13 Heuristic: Suspicious File With Persistence Rising 20.18.02.00 2007.11.12 - Sophos 4.23.0 2007.11.13 - Sunbelt 2.2.907.0 2007.11.13 - Symantec 10 2007.11.13 Trojan Horse TheHacker 6.2.9.124 2007.11.13 - VBA32 3.12.2.4 2007.11.11 - VirusBuster 4.3.26:9 2007.11.12 - Webwasher-Gateway 6.0.1 2007.11.13 Heuristic.Malware
boot into safe mode (tap f8 key during reboot, chose first option) attempt to delete the .exe from the system32 dir. while in safe mode run your updated antivirus and any antimalware scanner you might have.if you dont have a antimalware scanner you should get one. regards
ok i booted in safemod and ran the scan on http://support.f-secure.com/enu/home/ols.shtml and it seems to work for now, I restarted once and none of my msn contacts has complained yet... Thanks you Seb
