Solved

MSN party_jpg.zip virus help

Posted on 2007-11-30
10
1,968 Views
Last Modified: 2013-11-22
Last night my computer was infected with the party_jpg.zip virus via MSN messenger. My computer has been running scans and I have downloaded MSNCleaner by InfoSpyware, but the virus files have not been deleted. I don't understand how to or if I can find the file manually to delete it. I read a similar question, ID 22988522, but I am lost. PLEASE help. Thank you!!!
0
Comment
Question by:em_8802
  • 5
  • 4
10 Comments
 
LVL 21

Expert Comment

by:nizsmo
ID: 20386043
I would try an online scanner, see if that gets rid of the virus:
http://housecall.trendmicro.com/

Trendmicro is a good one.
0
 
LVL 20

Accepted Solution

by:
IndiGenus earned 500 total points
ID: 20386288
I happened to be in on the post you mentioned. Combofix got it I believe. Or at least part of it.

Download and Run ComboFix (by sUBs)

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Disable your Anti-virus and any real-time Anti-spyware monitors that are running.
Then double click Combofix.exe & follow the prompts.
When finished, it will produce a log for you. Upload that log in your next reply with a new HijackThis log. Upload to the following link and post the link to it back here.

http://www.ee-stuff.com

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall.
Note 2: Remember to re-enable your Anti-virus and Anti-spyware.

NOTE: If you have issues connecting to your network or internet after running combofix you can either simply reboot, or do the following:
* Going to Control Panel > Network Connections.
* Right click on their Network icons & select "Repair"
or
Alternately, if the Network icon appears in the notification area in the lower right corner of Desktop, right-click it, and then click Repair from the shortcut menu.
0
 

Author Comment

by:em_8802
ID: 20386490
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:em_8802
ID: 20386501
sorry, that was the combofix log.
i don't know where to go from here...
0
 
LVL 20

Expert Comment

by:IndiGenus
ID: 20386530
Nothing to be sorry about....you did good. We will need to delete some files. First I would like you to run another tool and upload that log while I go through the combo log.

Please download SDFix and save it to your Desktop.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe 

You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Double click on SDFix.exe. It should automatically extract a folder called SDFix to your system drive (usually C:\). Please reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, a menu with options should appear;
Select the first option, to run Windows in Safe Mode, then press "Enter".
Choose your usual account.

Open the SDFix folder and double click on RunThis.bat to start the script.
Type Y and press Enter to begin the script.
It will start cleaning your PC and then prompt you to press any key to Reboot.
Press any key to restart the PC.
Your system will take longer than normal to restart as the fixtool will be removing files.
When the desktop loads the Fixtool will complete the removal and display Finished.
Press any key to end the script and to load your desktop icons.
A text file should automatically open, so please upload the contents to http://www.ee-stuff.com.
0
 

Author Comment

by:em_8802
ID: 20386667
0
 
LVL 20

Expert Comment

by:IndiGenus
ID: 20386726
Well looks like SDFix got most of it anyway. One file I'm not sure on though...

C:\WINDOWS\msnchk.exe

I would recommend you go to http://virusscan.jotti.org, click on Browse, and upload the file for analysis:
NOTE: You may need to enable hidden files and folders to see it.

Then click Submit. Allow the file to be scanned, and then please copy and paste the results here for us to see.

If Jotti is too busy you can try these.

http://www.kaspersky.com/scanforvirus.html
http://www.virustotal.com/en/indexf.html
0
 

Author Comment

by:em_8802
ID: 20386749
Last file scanned at least one scanner reported something about: msnchk.exe (MD5: 8130c891d2ecb11be934f2681ac73845, size: 3377 bytes), detected by:
Scanner  Malware name  
A-Squared  X  
AntiVir  X  
ArcaVir  X  
Avast  X  
AVG Antivirus  X  
BitDefender  X  
ClamAV  X  
CPsecure  X  
Dr.Web  X  
F-Prot Antivirus  X  
F-Secure Anti-Virus  X  
Fortinet  X  
Ikarus  Suspect code-parts  
Kaspersky Anti-Virus  X  
NOD32  X  
Norman Virus Control  X  
Panda Antivirus  Trj/Agent.HEH  
Rising Antivirus  X  
Sophos Antivirus  X  
VirusBuster  X  
VBA32  X  
0
 
LVL 20

Expert Comment

by:IndiGenus
ID: 20386786
Honestly not sure about that file yet? Wondering if it's part of MSN Cleaner that you ran.

Question, how is it running now? What are you running for an Antivirus, Norton?

Panda ActiveScan also claims to find and heal this. If you still have issues I would recommend trying it.

http://www.pandasoftware.com/activescan/com/activescan_principal.htm
0
 

Author Comment

by:em_8802
ID: 20389479
My computer has Symantec Antivirus running.
But my msn seems to be all back to normal now. Thank you so much for your help and patience!
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
The goal of the tutorial is to teach the user how to instant message and make a video call in Skype.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question