| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 57756 | 2005-05-11 23:51:00 | wfirewall7.exe VIRUS IN MSN ?? | Lovelee (6586) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 354237 | 2005-05-11 23:51:00 | Good morning Angels !!! I have a mate in ozzieland who has *wfirewall7.exe* in msn ,,, Ive done some searching for it .. or a patch and cant find it .. any help from this area ?? Her MSN asks me if its my pic on some site .. i havent clicked on it. |
Lovelee (6586) | ||
| 354238 | 2005-05-11 23:58:00 | Now im told the virus is called Agabot.ajc | Lovelee (6586) | ||
| 354239 | 2005-05-12 00:22:00 | I would quit MSN for now. And get off the net. This worm can do a bit of damage. That worm is part of (I think), the Bropia.f worm. Or one of its variants. Get the removal tool here securityresponse.symantec.com After she has removed it with this tool, tell her to update Windows, if she hasnt done so. |
Speedy Gonzales (78) | ||
| 354240 | 2005-05-13 23:33:00 | Helo peeps! I have just toured the entire net, only to find this is the only site that has any reference to wfirewall7.exe Whilst my machine is so tight it squeeks, there is no way of guarding against a teenage daughter agreeing to accept a file sent via MSN. wfirewall7.exe is a virus!!!!!! It is not part of the Bropia family. It is something called worm rbot.gen I have just run four virus checkers across my system only to find (thank goodness) that Trends 'house doctor' (free online virus checker) was the only one to find and destroy this virus. Its nasty, its new and please tell your friends!!!! |
BIGricho (8095) | ||
| 354241 | 2005-05-14 01:07:00 | True, I wouldnt have a clue what wfirewall7.exe is but Agabot.ajc is a worm Bropia drops on your system. And this Agabot.ajc can also do DDOS attacks on infected systems. |
Speedy Gonzales (78) | ||
| 354242 | 2005-05-15 11:22:00 | I have the same wfirewall7 issues. I scanned my machine with the Trend Micro online scanner but no virus was found I also tried the Symantec W32.Bropia Removal Tool but it told me I wasn't infected. Maybe because my firewall (Zonealarm) spots this program trying to run which I don't allow has stopped anything being installed. Still, I can't find the file it says it's trying to run and it does not have a valid signature so that makes it suspect. I could probably stop it loading by removing the entries using Hijackthis but until I find out more about it I'm reluctant to do this. Any thoughts? cheers Gordie, UK |
Gordie (8096) | ||
| 1 | |||||