Nasty MSN virus on rampage Options

[The_Hunter]

Yesterday i myself, Rade, Dutchy and from what i heard JJ too were infected by a nasty msn virus that uses a fake link to what looks like a imageshack link but is infact writen with a uncapitalized L "lmageshack" (don't attempt to visit the site becouse it will get you infected the moment you do so!) and the moment you click it will download a msn virus that will infect your computer msn client and send the same link to other people who would also be affected if they click the link.
Worst part is you will not notice anything of this only the person receiving the link can see it.

I spend almost 3 hours together with Rade trying to find a fix i went as far as deleting registy entries from msn and several hidden folders that had stuff in them like contact/login info and costum smilies nothing helped untill i found these tools here: MSN Virus Remover Tools


First run the tool called impfix3 and then the MSN Virus remover when you done both windows will prompt you to reboot your system after that the virus should be gone and you can use msn again as you would normaly.

Hope this helps all of you who were victim of this.

(note this was tested with Windows XP i'm not 100% sure if it works with Vista or Windows 7)

[MARS]

So, if I log in to MSN now, I'll receive an offline message from you which contains that link?
And I will NOT click the link and instead close the message window right away. Is that correct?

[Shiro]

Seems like it. If I get that message as well, I will do the same.

[MARS]

I logged it without incident. Got no messages. Is that a good sign?

[The_Hunter]

the thing with this one is the messeges are only received after you start a conversation with the infected person and it will take a while before the actual link is send making it almost seem as if this person is trying to show you something he/she uploaded there but i got rid of the virus since so you should not receive anything from me.

[IonCharge]

Have seen many virus's like this on my friends msn...

[Shiro]

IIRC a similar virus has rampaged on ICQ as well. I hope the people behind MSN Messenger can get rid of that virus altogether.

[Raven]

This is very common virus. It happens randomly. I have few of my contacts that send them to me from time to time. Just don't click it. If they send a link suddenely, just verify with them first whether they actually sent them. Most links say that it is a photo of a party or someting

[Pickysaurus]

Picky's top tip:
Don't click links in MSN which are structured similarly to this

Hey I just saw this picture of you! Can't believe you did that... http://virus-link-usually-containing-part-...SN-address.com/

[C.o.m.m.a.n.d.e....]

good thing i dont use msn anyways its slow as is without virus'. trillian ftw

[Pickysaurus]

good thing i dont use msn anyways its slow as is without virus'. trillian ftw

Trillian is good, but very unstable.

[Wi-Ta]

Now that was the reason i did install Pidgin.

[Prophet of the P...]

Setting up your account as a standard user instead of an admin and prevent your system from getting hosed FTW. Also firefox + Avast pretty much make sure that you dont end up opening retarded files.

[The_Hunter]

^ the thing gets wors the msn virus was only the start.
It actualy installs something into your windows installation so deeply that it's impossible to get rid of im in the process to backup up all my files now and reinstalling the system entirely.

I had a friend over here we spends most of the day trying to get rid of it rewriting the MBR, cleaning the register, windows repair installation, several different versions of anti virus software ranging from avast to nod32 and a whole bunch of online tools offered for free nothing but nothing seemed to get rid of this virus.

It also seems to be a very recent thing since the latest internet pages on when it was first spoted are only 3 days old.

[Pickysaurus]

^ the thing gets wors the msn virus was only the start.
It actualy installs something into your windows installation so deeply that it's impossible to get rid of im in the process to backup up all my files now and reinstalling the system entirely.

I had a friend over here we spends most of the day trying to get rid of it rewriting the MBR, cleaning the register, windows repair installation, several different versions of anti virus software ranging from avast to nod32 and a whole bunch of online tools offered for free nothing but nothing seemed to get rid of this virus.

It also seems to be a very recent thing since the latest internet pages on when it was first spoted are only 3 days old.

Hunter, just to confirm, you are actually sure you have a virus.

Most MSN "viruses" these days are remote. They give you a spoof site which you enter your password to and then their sever systematically logs into all the accounts that fell for it and send out the virus link to all online contacts.

Edit: My point is, you may just have to change your password

This post has been edited by Pickysaurus: 30 Aug 2009, 16:21

[Dutchygamer]

I have the same as Hunter (he got the virus trough me): MSN virus seems gone now, but I got a whole load of viruses yesterday. Nod32 didn't do shit, so I used Kaspersky, which did a great job, at least, I thought, because when I started my this morning, I got a notice the Backdoor virus was still here. Talking to Hunter I came to the conclusion I have the same problem as him now...

[IonCharge]

My point is, you may just have to change your password

Thats what i told my friend to do and it seemed that the virus was no longer working i.e. i didn't get any more messages like it from them

[The_Hunter]

picky beleive me i had a friend over here who works at a pc store where he gets problems like this one on daily basis and said how 5 out of 100 pcs would require a reinstall when all the tools he has are put to use.
We litterly toke windows appart and looked for any possible trace to remove it yet it kept coming back the fact that this whole virus is also only 3 days old made it extra hard to get rid of it since there was barely any info on it at all.

[Pickysaurus]

I was giving you the most common solution. You obviously know that you're dealing with something different, sorry I couldn't be of more help

[Dutchygamer]

Well, my pc was really bad thise weekend. Each time I connected to the net it began acting odd and stuff, and I found out the virus was on my external HDD too (it was stupid of me to create a backup while I had the virus) >_>
Anyways, it now seems I finally got rid of it, but I still ain't sure...

[Pickysaurus]

Is this just a trojan virus or something else?

[The_Hunter]

if it was the same one as i got it was a virus that ran on the back ground and made trojans and when removed it would re-download it's self with some hidden script (which is no where to be found) and start all over again after the first reboot.

[Jester]

If i remember correctly one was going around a while ago but as a RAR file it would come up and say something like ''have you seen this picture of me'' and then you would be asked to download the RAR file.

[Dutchygamer]

Well, if all else fails, use this: Kaspersky Rescue CD. It seemed this finally cleaned my pc. Do note it takes very long: it took 24 hours to scan my complete pc

[Pickysaurus]

Well, if all else fails, use this: Kaspersky Rescue CD. It seemed this finally cleaned my pc. Do note it takes very long: it took 24 hours to scan my complete pc

That looks useful.
But why did it take 24hours?
Do you have like loads of HDD space and pretty standard RAM/CPU or something? :S