Nasty MSN virus on rampage |
![]() ![]() |
Nasty MSN virus on rampage |
![]()
Post
#1
|
|
![]() ![]() Group: Administrator Posts: 5732 Joined: 31 May 2009 From: The Netherlands Member No.: 1 Projects: SWR Productions Bitch slapping SAGE since 2003 ![]() |
Yesterday i myself, Rade, Dutchy and from what i heard JJ too were infected by a nasty msn virus that uses a fake link to what looks like a imageshack link but is infact writen with a uncapitalized L "lmageshack" (don't attempt to visit the site becouse it will get you infected the moment you do so!) and the moment you click it will download a msn virus that will infect your computer msn client and send the same link to other people who would also be affected if they click the link.
Worst part is you will not notice anything of this only the person receiving the link can see it. I spend almost 3 hours together with Rade trying to find a fix i went as far as deleting registy entries from msn and several hidden folders that had stuff in them like contact/login info and costum smilies nothing helped untill i found these tools here: MSN Virus Remover Tools First run the tool called impfix3 and then the MSN Virus remover when you done both windows will prompt you to reboot your system after that the virus should be gone and you can use msn again as you would normaly. Hope this helps all of you who were victim of this. (note this was tested with Windows XP i'm not 100% sure if it works with Vista or Windows 7) -------------------- ![]() |
|
|
![]()
Post
#2
|
|
![]() ![]() Group: Project Leader Posts: 5870 Joined: 2 June 2009 Member No.: 10 ![]() |
So, if I log in to MSN now, I'll receive an offline message from you which contains that link?
And I will NOT click the link and instead close the message window right away. Is that correct? |
|
|
![]()
Post
#3
|
|
![]() Gamer Girl ![]() Group: Legend Posts: 3808 Joined: 19 June 2009 From: Disboard Member No.: 182 Friendly Freelancer ![]() |
Seems like it. If I get that message as well, I will do the same.
|
|
|
![]()
Post
#4
|
|
![]() ![]() Group: Project Leader Posts: 5870 Joined: 2 June 2009 Member No.: 10 ![]() |
I logged it without incident. Got no messages. Is that a good sign?
|
|
|
![]()
Post
#5
|
|
![]() ![]() Group: Administrator Posts: 5732 Joined: 31 May 2009 From: The Netherlands Member No.: 1 Projects: SWR Productions Bitch slapping SAGE since 2003 ![]() |
the thing with this one is the messeges are only received after you start a conversation with the infected person and it will take a while before the actual link is send making it almost seem as if this person is trying to show you something he/she uploaded there but i got rid of the virus since so you should not receive anything from me.
-------------------- ![]() |
|
|
![]()
Post
#6
|
|
![]() Group: Members Posts: 199 Joined: 9 August 2009 From: Outer Space Member No.: 340 Once you see the blue light you are already dead ![]() |
Have seen many virus's like this on my friends msn...
-------------------- |
|
|
![]()
Post
#7
|
|
![]() Gamer Girl ![]() Group: Legend Posts: 3808 Joined: 19 June 2009 From: Disboard Member No.: 182 Friendly Freelancer ![]() |
IIRC a similar virus has rampaged on ICQ as well. I hope the people behind MSN Messenger can get rid of that virus altogether.
|
|
|
![]()
Post
#8
|
|
![]() ![]() Group: Members Posts: 565 Joined: 14 June 2009 From: Sri Lanka Member No.: 155 ![]() |
This is very common virus. It happens randomly. I have few of my contacts that send them to me from time to time. Just don't click it. If they send a link suddenely, just verify with them first whether they actually sent them. Most links say that it is a photo of a party or someting
-------------------- |
|
|
![]()
Post
#9
|
|
![]() Officer of the European Continental Army ![]() Group: Members Posts: 2351 Joined: 7 June 2009 From: England, Great Britain Member No.: 71 Community Manager at Nexus Mods ![]() |
Picky's top tip:
Don't click links in MSN which are structured similarly to this QUOTE (Example) Hey I just saw this picture of you! Can't believe you did that...
![]() -------------------- ![]() ![]() |
|
|
![]()
Post
#10
|
|
![]() ![]() Group: Members Posts: 363 Joined: 16 June 2009 From: Irving, TX Member No.: 167 ![]() |
good thing i dont use msn anyways its slow as is without virus'. trillian ftw
|
|
|
![]()
Post
#11
|
|
![]() Officer of the European Continental Army ![]() Group: Members Posts: 2351 Joined: 7 June 2009 From: England, Great Britain Member No.: 71 Community Manager at Nexus Mods ![]() |
good thing i dont use msn anyways its slow as is without virus'. trillian ftw Trillian is good, but very unstable. -------------------- ![]() ![]() |
|
|
![]()
Post
#12
|
|
![]() ![]() Group: Legend Posts: 731 Joined: 31 May 2009 From: EU Member No.: 8 Projects: SWR Tester Old sneaky german ![]() |
Now that was the reason i did install Pidgin.
-------------------- |
|
|
![]()
Post
#13
|
|
![]() Don't Piss him off. ![]() Group: Legend Posts: 132 Joined: 3 June 2009 From: Bombay, India Member No.: 12 Projects: SWR Tester Hookah Addict ![]() |
Setting up your account as a standard user instead of an admin and prevent your system from getting hosed FTW. Also firefox + Avast pretty much make sure that you dont end up opening retarded files.
-------------------- I'm not dumb. I just have a command of thoroughly useless information ![]() |
|
|
![]()
Post
#14
|
|
![]() ![]() Group: Administrator Posts: 5732 Joined: 31 May 2009 From: The Netherlands Member No.: 1 Projects: SWR Productions Bitch slapping SAGE since 2003 ![]() |
^ the thing gets wors the msn virus was only the start.
It actualy installs something into your windows installation so deeply that it's impossible to get rid of im in the process to backup up all my files now and reinstalling the system entirely. I had a friend over here we spends most of the day trying to get rid of it rewriting the MBR, cleaning the register, windows repair installation, several different versions of anti virus software ranging from avast to nod32 and a whole bunch of online tools offered for free nothing but nothing seemed to get rid of this virus. It also seems to be a very recent thing since the latest internet pages on when it was first spoted are only 3 days old. -------------------- ![]() |
|
|
![]()
Post
#15
|
|
![]() Officer of the European Continental Army ![]() Group: Members Posts: 2351 Joined: 7 June 2009 From: England, Great Britain Member No.: 71 Community Manager at Nexus Mods ![]() |
^ the thing gets wors the msn virus was only the start. It actualy installs something into your windows installation so deeply that it's impossible to get rid of im in the process to backup up all my files now and reinstalling the system entirely. I had a friend over here we spends most of the day trying to get rid of it rewriting the MBR, cleaning the register, windows repair installation, several different versions of anti virus software ranging from avast to nod32 and a whole bunch of online tools offered for free nothing but nothing seemed to get rid of this virus. It also seems to be a very recent thing since the latest internet pages on when it was first spoted are only 3 days old. Hunter, just to confirm, you are actually sure you have a virus. Most MSN "viruses" these days are remote. They give you a spoof site which you enter your password to and then their sever systematically logs into all the accounts that fell for it and send out the virus link to all online contacts. Edit: My point is, you may just have to change your password This post has been edited by Pickysaurus: 30 Aug 2009, 16:21 -------------------- ![]() ![]() |
|
|
![]()
Post
#16
|
|
![]() Frontline Chaos mod leader and creator ![]() Group: Tester Posts: 493 Joined: 6 June 2009 From: Dordrecht, the Netherlands Member No.: 25 Projects: ROTR Tester Host of ![]() |
I have the same as Hunter (he got the virus trough me): MSN virus seems gone now, but I got a whole load of viruses yesterday. Nod32 didn't do shit, so I used Kaspersky, which did a great job, at least, I thought, because when I started my this morning, I got a notice the Backdoor virus was still here. Talking to Hunter I came to the conclusion I have the same problem as him now...
-------------------- ![]() |
|
|
![]()
Post
#17
|
|
![]() Group: Members Posts: 199 Joined: 9 August 2009 From: Outer Space Member No.: 340 Once you see the blue light you are already dead ![]() |
My point is, you may just have to change your password Thats what i told my friend to do and it seemed that the virus was no longer working i.e. i didn't get any more messages like it from them -------------------- |
|
|
![]()
Post
#18
|
|
![]() ![]() Group: Administrator Posts: 5732 Joined: 31 May 2009 From: The Netherlands Member No.: 1 Projects: SWR Productions Bitch slapping SAGE since 2003 ![]() |
picky beleive me i had a friend over here who works at a pc store where he gets problems like this one on daily basis and said how 5 out of 100 pcs would require a reinstall when all the tools he has are put to use.
We litterly toke windows appart and looked for any possible trace to remove it yet it kept coming back the fact that this whole virus is also only 3 days old made it extra hard to get rid of it since there was barely any info on it at all. -------------------- ![]() |
|
|
![]()
Post
#19
|
|
![]() Officer of the European Continental Army ![]() Group: Members Posts: 2351 Joined: 7 June 2009 From: England, Great Britain Member No.: 71 Community Manager at Nexus Mods ![]() |
I was giving you the most common solution. You obviously know that you're dealing with something different, sorry I couldn't be of more help
-------------------- ![]() ![]() |
|
|
![]()
Post
#20
|
|
![]() Frontline Chaos mod leader and creator ![]() Group: Tester Posts: 493 Joined: 6 June 2009 From: Dordrecht, the Netherlands Member No.: 25 Projects: ROTR Tester Host of ![]() |
Well, my pc was really bad thise weekend. Each time I connected to the net it began acting odd and stuff, and I found out the virus was on my external HDD too (it was stupid of me to create a backup while I had the virus) >_>
Anyways, it now seems I finally got rid of it, but I still ain't sure... -------------------- ![]() |
|
|
![]()
Post
#21
|
|
![]() Officer of the European Continental Army ![]() Group: Members Posts: 2351 Joined: 7 June 2009 From: England, Great Britain Member No.: 71 Community Manager at Nexus Mods ![]() |
Is this just a trojan virus or something else?
-------------------- ![]() ![]() |
|
|
![]()
Post
#22
|
|
![]() ![]() Group: Administrator Posts: 5732 Joined: 31 May 2009 From: The Netherlands Member No.: 1 Projects: SWR Productions Bitch slapping SAGE since 2003 ![]() |
if it was the same one as i got it was a virus that ran on the back ground and made trojans and when removed it would re-download it's self with some hidden script (which is no where to be found) and start all over again after the first reboot.
-------------------- ![]() |
|
|
![]()
Post
#23
|
|
![]() ![]() Group: Members Posts: 846 Joined: 7 June 2009 From: England UK Member No.: 80 Forum Mechanic ![]() |
If i remember correctly one was going around a while ago but as a RAR file it would come up and say something like ''have you seen this picture of me'' and then you would be asked to download the RAR file.
|
|
|
![]()
Post
#24
|
|
![]() Frontline Chaos mod leader and creator ![]() Group: Tester Posts: 493 Joined: 6 June 2009 From: Dordrecht, the Netherlands Member No.: 25 Projects: ROTR Tester Host of ![]() |
Well, if all else fails, use this: Kaspersky Rescue CD. It seemed this finally cleaned my pc. Do note it takes very long: it took 24 hours to scan my complete pc
![]() -------------------- ![]() |
|
|
![]()
Post
#25
|
|
![]() Officer of the European Continental Army ![]() Group: Members Posts: 2351 Joined: 7 June 2009 From: England, Great Britain Member No.: 71 Community Manager at Nexus Mods ![]() |
Well, if all else fails, use this: Kaspersky Rescue CD. It seemed this finally cleaned my pc. Do note it takes very long: it took 24 hours to scan my complete pc ![]() That looks useful. But why did it take 24hours? Do you have like loads of HDD space and pretty standard RAM/CPU or something? :S -------------------- ![]() ![]() |
|
|
![]() ![]() |
Lo-Fi Version | Time is now: 24 June 2024 - 3:00 |