MS04-028 JPEG Exploit on Windows Vista (32 bit)

[GuitarGuy]

Hello,

I have Windows Vista Business edition installed on my laptop. Yesterday, I transferred few pictures from my cell phone to my laptop using bluetooth.

When I open the pictures using 'Windows photo gallery', flip the picture and try to save it, avast reports a warning -

"C:\Users\User\AppData\Local\Temp\~PI12A7.tmp" contains a virus.
Malware Name: MS04-028 JPEG Exploit
VPS version: 000783-0, 21-10-2007

I'm unable to repair the virus or delete the ~PI12A7.tmp file manually. I can only use 'Move to chest' option. I wonder why AVAST is unable to fix this problem?

Can anyone suggest solutions?

[oldman]

You could upload the file to www.virustotal.com and see if any other scanner detects any thing. You will have to move it from the chest to a temporary location to submit it.

[Maxx_original]

guitarguy: simply because the file is used by another process when scanning (with 99% of probability)..

[igor]

Well, I'd rather vote for the remaining 1%

avast! can't repair it because the file is not repairable.
Anyway, can you send us the file (you can do it directly from the Chest)?
Or, even the original picture might be useful, if you describe exactly the operations you've done with it.

[Maxx_original]

when the file can't be removed manually and can't be removed by avast, then it really is locked by another process imho.. anyway, it would be good to have the file

[GuitarGuy]

Neither MAPI nor the SMTP is allowing me to send the virus , is there any other way to do so? I've all the infected files in virus chest.

Shall I send the infected files manually using my mail client? ( and is that possible? )

[Lisandro]

is there any other way to do so? I've all the infected files in virus chest.

Maybe extracting them carefully (without double-clicking the extracted files or opening\executing them). Zipping them with a password (like 'virus') and sending to virus (at) avast.com.