• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1987
  • Last Modified:

MSN party_jpg.zip virus help

Last night my computer was infected with the party_jpg.zip virus via MSN messenger. My computer has been running scans and I have downloaded MSNCleaner by InfoSpyware, but the virus files have not been deleted. I don't understand how to or if I can find the file manually to delete it. I read a similar question, ID 22988522, but I am lost. PLEASE help. Thank you!!!
  • 5
  • 4
1 Solution
I would try an online scanner, see if that gets rid of the virus:

Trendmicro is a good one.
I happened to be in on the post you mentioned. Combofix got it I believe. Or at least part of it.

Download and Run ComboFix (by sUBs)


Disable your Anti-virus and any real-time Anti-spyware monitors that are running.
Then double click Combofix.exe & follow the prompts.
When finished, it will produce a log for you. Upload that log in your next reply with a new HijackThis log. Upload to the following link and post the link to it back here.


Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall.
Note 2: Remember to re-enable your Anti-virus and Anti-spyware.

NOTE: If you have issues connecting to your network or internet after running combofix you can either simply reboot, or do the following:
* Going to Control Panel > Network Connections.
* Right click on their Network icons & select "Repair"
Alternately, if the Network icon appears in the notification area in the lower right corner of Desktop, right-click it, and then click Repair from the shortcut menu.
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

em_8802Author Commented:
sorry, that was the combofix log.
i don't know where to go from here...
Nothing to be sorry about....you did good. We will need to delete some files. First I would like you to run another tool and upload that log while I go through the combo log.

Please download SDFix and save it to your Desktop.

You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Double click on SDFix.exe. It should automatically extract a folder called SDFix to your system drive (usually C:\). Please reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, a menu with options should appear;
Select the first option, to run Windows in Safe Mode, then press "Enter".
Choose your usual account.

Open the SDFix folder and double click on RunThis.bat to start the script.
Type Y and press Enter to begin the script.
It will start cleaning your PC and then prompt you to press any key to Reboot.
Press any key to restart the PC.
Your system will take longer than normal to restart as the fixtool will be removing files.
When the desktop loads the Fixtool will complete the removal and display Finished.
Press any key to end the script and to load your desktop icons.
A text file should automatically open, so please upload the contents to http://www.ee-stuff.com.
em_8802Author Commented:
Well looks like SDFix got most of it anyway. One file I'm not sure on though...


I would recommend you go to http://virusscan.jotti.org, click on Browse, and upload the file for analysis:
NOTE: You may need to enable hidden files and folders to see it.

Then click Submit. Allow the file to be scanned, and then please copy and paste the results here for us to see.

If Jotti is too busy you can try these.

em_8802Author Commented:
Last file scanned at least one scanner reported something about: msnchk.exe (MD5: 8130c891d2ecb11be934f2681ac73845, size: 3377 bytes), detected by:
Scanner  Malware name  
A-Squared  X  
AntiVir  X  
ArcaVir  X  
Avast  X  
AVG Antivirus  X  
BitDefender  X  
ClamAV  X  
CPsecure  X  
Dr.Web  X  
F-Prot Antivirus  X  
F-Secure Anti-Virus  X  
Fortinet  X  
Ikarus  Suspect code-parts  
Kaspersky Anti-Virus  X  
NOD32  X  
Norman Virus Control  X  
Panda Antivirus  Trj/Agent.HEH  
Rising Antivirus  X  
Sophos Antivirus  X  
VirusBuster  X  
VBA32  X  
Honestly not sure about that file yet? Wondering if it's part of MSN Cleaner that you ran.

Question, how is it running now? What are you running for an Antivirus, Norton?

Panda ActiveScan also claims to find and heal this. If you still have issues I would recommend trying it.

em_8802Author Commented:
My computer has Symantec Antivirus running.
But my msn seems to be all back to normal now. Thank you so much for your help and patience!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now