Generic.peed.eml

Hello Simon,

Please put all files that you suspect that are FPs in ZIP files, protected by the password infected and attach them to a post here. A Virus Analyst will take a look at them and will tell you for sure if they are infections or not (and, if needed, detection will be removed).

Note that there's a 2MB/file limit for attachments.

About the Generic.Peed malware... I don't know what it involves. Maybe a Virus Analyst can answer this question.

Cris.

Generic.Peed.EML is the generic detection for e-mails sent by Peed. They usually contain a link with an IP, like http://10.10.0.201/... and can have a wide variety of subjects. The reason why it BD can not "clean" these infections is because we only have read-only support for inboxes of mail programs (where these emails were probably found). Adding read-write support is complicated, dangerous (since there is no "official" documentation for many of these inbox formats and relying purely on reverse engineering contains a high danger of data corruption) and some times illegal. You can clean them manually, by disabling the real-time protection, deleting the identified mails from you mail client, emptying the trash in your mail client and re-enabling the realtime protection.

As for the other files, as Cris said, please attach them to a post and if they are FP, they will be removed ASAP.

Peed is a family of malware primarily used to create botnets and send spam (it is also known as the "Storm worm", although technically it's not a worm). The typical scenario is:

- The user receives an e-mail with a link in it

- The user visits the given link. If s/he has an unpatched system, the malware installs through exploits. If the system is patched, the malware is offered for download

- If the malware is executed, the computer becomes part of a botnet and starts sending spam.

Also, if you haven't delete the suspected files, please attach them to a post or at least give their detection names so that we can remove any possible FPs.

Best regards

Oh and in the BitDefender Deep Scan does it include a rootkit scan so I don't need to use AVG Anti-Rootkit anymore? (I recently switched from AVG to BitDefender but I kept the anti-rootkit freebie).

Also does the Windows Live Messenger "OnceCare" anti-virus conflict with BitDefender (or any AV for that matter)? I didn't think it was installed; I thought you needed to subscribe to it on www.live.com but I found the executable on my machine. Will they conflict?

Yes, Deep System Scan scans everything - if you put the Scan Level on High.

Windows Live Messenger OnceCare is a online scanner enabled on Windows Live Messenger. It scans when people transfer files to you, and no it does not conflict with BitDefender, on rare occasions it could cause an error to BitDefender Update whilst the BitDefender Updater is running.

Ok thank you.

Well since it scans for Rootkits too does that mean it'll conflict with AVG Anti-Rootkit Free?

Bump goes the weasel

WILL BITDEFENDER's DEEP SCAN CONFLICT WITH AVG Anti-ROOTKIT IF I RUN THEM AT THE SAME TIME SINCE THEY BOTH LOOK FOR ROOT-KITSSSsssssssss. Oh and merry christmasssss and a happy new yearrrrr........................................................................

................

I don't think shouting will help. Why don't you try starting another thread? This one is about Generic.peed.eml, which is nothing to do with AVG.

Couldn't you just answer the question.

@GayusMarius: You should have realized by now that nobody knows the answer (otherwise, someone would have posted).

You could try asking on LiveAssistance.

Cris.