My PC is infected?

I´ve downloaded a file and I think it is a virus or trojan. No antivirus program have detected it, but I´m shure this is a virus.

http://tinypic.com/insbb8.jpg

I´ve just downloaded it, zipped using 7zip and sent it to Happy Bytes. The problem is that I can´t delete the file anymore. Alert mensege appears saying that the file is running and can not be deleted... I think i´m infected, but I didn´t open the file. I possible to be infected without running the file? Please, add fast a signature for this file!

 

What makes you think that this is a virus and not spywre/malware. Why not also try running a spyware/malware remover and see what results you get.

Also have you tried deleting it in Safe Mode ?

 

how can I enter the safe mode?

 

Ok, I´ve enter in safe mode and deleted the file. Thanks. Hope Eset adds a signature for this file.

 

I´ve sent the file to KAV labs too:

"Hello.
No malicious software was found in the attached file.
-----------------
Regards, Alexey Malanov
Virus Analyst, Kaspersky Lab."

So what this file is? Maybe a corrupted virus? So why I wasn´t able to delete the file? The spam I´ve reicived with this file has all the characteristics of an infected e-mail... any opinions?

 

Now I got a problem.. I can´t delete the file in safe mode too..

I have Process Guard. When I try to execute the file, PG says the file is launched by explorer.exe, and the command line is: "c:\Windows\System32\ntvdm.exe" -f -i7

 

That's the 16Bit Virtual Machine

 

May you translate this? Is it a virus? Why I can´t delete it, even in safe mode?

 

That is a system part. It's the support for 16Bit Dos Apps etc...

And by the way you're submitting "This Page could not be found" HTML Error Files from AOL as virus. Of course everybody will reply it's clean

As i told you before - That Firefox offers something to save doesn't mean it's able to download this executable. It only saves the html error page.

 

So what is this file doing on my desktop? And why I can´t delete it? Its not an HTML file, and I´ve downloaded it from the link i´ve sent to you..

hxxp://tinypic.com/inv9g8.jpg

 

Are you trying to educate me about file types and malicous code?
You have already the gurantee that you will fail

Open Notepad. Drag this vercartao.exe from your desktop into notepad - make screenshot and post here...

 

hi!

download unlocker from the web and "unlock" it from explorer
if u get an empty screen - press ctrl+alt+del to get into taskmanager
in taskmanager goto "run" and type explorer.exe
after that delete that file from desktop
hope that helps...

 

This file isn't infected. It's a normal HTML file. There is some "valid" opcode (from a 16 bit dos app view) that's why it starts the 16-bit vm system on his system, because he tried to start this executable (which isn't a executable at all even if it has .exe file suffix)
You can also start some GIF files in the command window as .COM - that doesnt automatically mean that a GIF file is malicious...

 

WoW, new avatar! An eset employee?

 

... https://www.wilderssecurity.com/showthread.php?t=111116 ...

 

WoW

 

Happy Bytes,

I´m not trying to educate you. I know you are one of the best AV specialist on the world.

I just don´t understand what is happening with this file on my computer.

Tryed unlocker, but still can´t delete this file.

 

You might try this:

MoveOnBoot

 

Go to www.excessive-software.eu.tt and download my avast! External Control (don't worry if it says that you don't have avast! installed).
Use "Advanced File Remover" feature, select the file and say goodbye to it

 

Thanks RejZoR, the file was removed!

I´ve reicived this file in some kind of Love letter... like "click here and see who sent this letter to you". I was shure it was a virus... but Eset and KAV labs said this is not a virus. What is the intention of this e-mail and this file? Just annoying the user?

 

maybe juast a spam mail. If eset and kaspersky labs said that its not a virus then you are safe dont be so paranoid

 

you also could have dragged the file itself into "system symbol" (u know, the old DOS), just before you add "del" + one space to the command line.