system
January 19, 2010, 10:57am
1
I'm really surprised this is a virus. I just did a new install of Windows XP on a brand new, newly formatted hardrive, installed SP2 and SP3, Firefox 3.5.7, and Avast. The OS is only 2 hours old. My first scan of the disk reported this lansetm.exe virus and moved it to the chest. Are you sure this isn't a false positive?
you should have startet you own topic and not inside this
Prevx file info http://www.prevx.com/filenames/3754314808398037163-X1/LANSETM.EXE.html
where did you download all the programs and drivers from?
Hi Pondus,
I posted in Jao’s topic because it was the same question regarding the same virus. But I’ll follow up here.
All the programs and drivers were carefully downloaded directly from the manufacturer’s websites: www.microsoft.com , www.mozilla.com , www.ecs.com.tw, www.airlink101.com , and www.avast.com . The XP install disk is over 5 years old.
I’ve still got all the original zip files sitting on this system. I’ll trying running a thorough scan. I’d guess that if the virus did come from inside one of these zip files, Avast would be able to detect it.
Pondus
January 19, 2010, 12:15pm
2
you can upload the files to virustotal www.virustotal.com when you have the result copy the URL in the addressbar and post it here
and if Polonus is correct (he always is) you may have the virtumonde virus, and probably need the help from essexboy to get it out
Check your computer for Malware with
MBAM http://filehippo.com/download_malwarebytes_anti_malware/
SAS http://filehippo.com/download_superantispyware/
Are cookies really spyware and are they dangerous?http://www.superantispyware.com/supportfaqdisplay.html?faq=26
come back and tell us if it worked
If anything is found other than cookies you may post the scan logs here
system
January 20, 2010, 8:00pm
3
Information about … lansetm.exe … at the link below :
http://www.browserdefender.com/file/480724/site/01net.com/ (see #13 on the list)#13 on the list.
system
January 21, 2010, 4:50am
4
Thanks for the info CharleyO. My computer uses a Realtek RT8111 Gigabit Ethernet NIC, and the lansetm.exe file is part of that driver package. I downloaded the driver package from:
http://www.ecsusa.com/ECSWebSite/Downloads/DownloadFile.aspx?catid=1&driverid=3185&areaid=2&LanID=9
ECS is the manufacturer of my motherboard, an NFORCE6M-A V2.0
The MD5 is different. My lansetm.exe file is only 56320 bytes, but it comes from a different driver package.
Here’s the virustotal analysis:
http://www.virustotal.com/analisis/16a22f844319328e3bc593378a080063b30bf9fe6ed7a2ebc3acb5f32f744beb-1263927080
2/39 identified the file as a virus. Only Avast and GData labeled the file as a virus.
After today’s Avast db update, I reinstalled the lansetm.exe file into the C:\Windows\Options\Cabs directory, and ran a thorough scan of the directory. It no longer flags this file as a virus.
It was a false positive.
system
January 21, 2010, 8:42am
5
Glad to know all is better, Frobozz.
Please come back often and learn more.
