Nasty MSN virus on rampage |
Nasty MSN virus on rampage |
29 Aug 2009, 17:19
Post
#1
|
|
Group: Administrator Posts: 5732 Joined: 31 May 2009 From: The Netherlands Member No.: 1 Projects: SWR Productions Bitch slapping SAGE since 2003 |
Yesterday i myself, Rade, Dutchy and from what i heard JJ too were infected by a nasty msn virus that uses a fake link to what looks like a imageshack link but is infact writen with a uncapitalized L "lmageshack" (don't attempt to visit the site becouse it will get you infected the moment you do so!) and the moment you click it will download a msn virus that will infect your computer msn client and send the same link to other people who would also be affected if they click the link.
Worst part is you will not notice anything of this only the person receiving the link can see it. I spend almost 3 hours together with Rade trying to find a fix i went as far as deleting registy entries from msn and several hidden folders that had stuff in them like contact/login info and costum smilies nothing helped untill i found these tools here: MSN Virus Remover Tools First run the tool called impfix3 and then the MSN Virus remover when you done both windows will prompt you to reboot your system after that the virus should be gone and you can use msn again as you would normaly. Hope this helps all of you who were victim of this. (note this was tested with Windows XP i'm not 100% sure if it works with Vista or Windows 7) -------------------- |
|
|
29 Aug 2009, 18:38
Post
#2
|
|
Group: Project Leader Posts: 5870 Joined: 2 June 2009 Member No.: 10 |
So, if I log in to MSN now, I'll receive an offline message from you which contains that link?
And I will NOT click the link and instead close the message window right away. Is that correct? |
|
|
29 Aug 2009, 18:39
Post
#3
|
|
Gamer Girl Group: Legend Posts: 3808 Joined: 19 June 2009 From: Disboard Member No.: 182 Friendly Freelancer |
Seems like it. If I get that message as well, I will do the same.
|
|
|
29 Aug 2009, 18:46
Post
#4
|
|
Group: Project Leader Posts: 5870 Joined: 2 June 2009 Member No.: 10 |
I logged it without incident. Got no messages. Is that a good sign?
|
|
|
29 Aug 2009, 19:23
Post
#5
|
|
Group: Administrator Posts: 5732 Joined: 31 May 2009 From: The Netherlands Member No.: 1 Projects: SWR Productions Bitch slapping SAGE since 2003 |
the thing with this one is the messeges are only received after you start a conversation with the infected person and it will take a while before the actual link is send making it almost seem as if this person is trying to show you something he/she uploaded there but i got rid of the virus since so you should not receive anything from me.
-------------------- |
|
|
29 Aug 2009, 19:23
Post
#6
|
|
Group: Members Posts: 199 Joined: 9 August 2009 From: Outer Space Member No.: 340 Once you see the blue light you are already dead |
Have seen many virus's like this on my friends msn...
-------------------- |
|
|
29 Aug 2009, 19:37
Post
#7
|
|
Gamer Girl Group: Legend Posts: 3808 Joined: 19 June 2009 From: Disboard Member No.: 182 Friendly Freelancer |
IIRC a similar virus has rampaged on ICQ as well. I hope the people behind MSN Messenger can get rid of that virus altogether.
|
|
|
29 Aug 2009, 19:44
Post
#8
|
|
Group: Members Posts: 565 Joined: 14 June 2009 From: Sri Lanka Member No.: 155 |
This is very common virus. It happens randomly. I have few of my contacts that send them to me from time to time. Just don't click it. If they send a link suddenely, just verify with them first whether they actually sent them. Most links say that it is a photo of a party or someting
-------------------- |
|
|
29 Aug 2009, 19:55
Post
#9
|
|
Officer of the European Continental Army Group: Members Posts: 2351 Joined: 7 June 2009 From: England, Great Britain Member No.: 71 Community Manager at Nexus Mods |
Picky's top tip:
Don't click links in MSN which are structured similarly to this QUOTE (Example) Hey I just saw this picture of you! Can't believe you did that... http://virus-link-usually-containing-part-...SN-address.com/
-------------------- |
|
|
29 Aug 2009, 22:53
Post
#10
|
|
Group: Members Posts: 363 Joined: 16 June 2009 From: Irving, TX Member No.: 167 |
good thing i dont use msn anyways its slow as is without virus'. trillian ftw
|
|
|
29 Aug 2009, 23:20
Post
#11
|
|
Officer of the European Continental Army Group: Members Posts: 2351 Joined: 7 June 2009 From: England, Great Britain Member No.: 71 Community Manager at Nexus Mods |
good thing i dont use msn anyways its slow as is without virus'. trillian ftw Trillian is good, but very unstable. -------------------- |
|
|
29 Aug 2009, 23:24
Post
#12
|
|
Group: Legend Posts: 731 Joined: 31 May 2009 From: EU Member No.: 8 Projects: SWR Tester Old sneaky german |
Now that was the reason i did install Pidgin.
-------------------- |
|
|
30 Aug 2009, 15:33
Post
#13
|
|
Don't Piss him off. Group: Legend Posts: 132 Joined: 3 June 2009 From: Bombay, India Member No.: 12 Projects: SWR Tester Hookah Addict |
Setting up your account as a standard user instead of an admin and prevent your system from getting hosed FTW. Also firefox + Avast pretty much make sure that you dont end up opening retarded files.
-------------------- I'm not dumb. I just have a command of thoroughly useless information |
|
|
30 Aug 2009, 16:15
Post
#14
|
|
Group: Administrator Posts: 5732 Joined: 31 May 2009 From: The Netherlands Member No.: 1 Projects: SWR Productions Bitch slapping SAGE since 2003 |
^ the thing gets wors the msn virus was only the start.
It actualy installs something into your windows installation so deeply that it's impossible to get rid of im in the process to backup up all my files now and reinstalling the system entirely. I had a friend over here we spends most of the day trying to get rid of it rewriting the MBR, cleaning the register, windows repair installation, several different versions of anti virus software ranging from avast to nod32 and a whole bunch of online tools offered for free nothing but nothing seemed to get rid of this virus. It also seems to be a very recent thing since the latest internet pages on when it was first spoted are only 3 days old. -------------------- |
|
|
30 Aug 2009, 16:20
Post
#15
|
|
Officer of the European Continental Army Group: Members Posts: 2351 Joined: 7 June 2009 From: England, Great Britain Member No.: 71 Community Manager at Nexus Mods |
^ the thing gets wors the msn virus was only the start. It actualy installs something into your windows installation so deeply that it's impossible to get rid of im in the process to backup up all my files now and reinstalling the system entirely. I had a friend over here we spends most of the day trying to get rid of it rewriting the MBR, cleaning the register, windows repair installation, several different versions of anti virus software ranging from avast to nod32 and a whole bunch of online tools offered for free nothing but nothing seemed to get rid of this virus. It also seems to be a very recent thing since the latest internet pages on when it was first spoted are only 3 days old. Hunter, just to confirm, you are actually sure you have a virus. Most MSN "viruses" these days are remote. They give you a spoof site which you enter your password to and then their sever systematically logs into all the accounts that fell for it and send out the virus link to all online contacts. Edit: My point is, you may just have to change your password This post has been edited by Pickysaurus: 30 Aug 2009, 16:21 -------------------- |
|
|
30 Aug 2009, 16:49
Post
#16
|
|
Frontline Chaos mod leader and creator Group: Tester Posts: 493 Joined: 6 June 2009 From: Dordrecht, the Netherlands Member No.: 25 Projects: ROTR Tester Host of |
I have the same as Hunter (he got the virus trough me): MSN virus seems gone now, but I got a whole load of viruses yesterday. Nod32 didn't do shit, so I used Kaspersky, which did a great job, at least, I thought, because when I started my this morning, I got a notice the Backdoor virus was still here. Talking to Hunter I came to the conclusion I have the same problem as him now...
-------------------- |
|
|
30 Aug 2009, 20:41
Post
#17
|
|
Group: Members Posts: 199 Joined: 9 August 2009 From: Outer Space Member No.: 340 Once you see the blue light you are already dead |
My point is, you may just have to change your password Thats what i told my friend to do and it seemed that the virus was no longer working i.e. i didn't get any more messages like it from them -------------------- |
|
|
30 Aug 2009, 20:52
Post
#18
|
|
Group: Administrator Posts: 5732 Joined: 31 May 2009 From: The Netherlands Member No.: 1 Projects: SWR Productions Bitch slapping SAGE since 2003 |
picky beleive me i had a friend over here who works at a pc store where he gets problems like this one on daily basis and said how 5 out of 100 pcs would require a reinstall when all the tools he has are put to use.
We litterly toke windows appart and looked for any possible trace to remove it yet it kept coming back the fact that this whole virus is also only 3 days old made it extra hard to get rid of it since there was barely any info on it at all. -------------------- |
|
|
30 Aug 2009, 21:12
Post
#19
|
|
Officer of the European Continental Army Group: Members Posts: 2351 Joined: 7 June 2009 From: England, Great Britain Member No.: 71 Community Manager at Nexus Mods |
I was giving you the most common solution. You obviously know that you're dealing with something different, sorry I couldn't be of more help
-------------------- |
|
|
31 Aug 2009, 23:06
Post
#20
|
|
Frontline Chaos mod leader and creator Group: Tester Posts: 493 Joined: 6 June 2009 From: Dordrecht, the Netherlands Member No.: 25 Projects: ROTR Tester Host of |
Well, my pc was really bad thise weekend. Each time I connected to the net it began acting odd and stuff, and I found out the virus was on my external HDD too (it was stupid of me to create a backup while I had the virus) >_>
Anyways, it now seems I finally got rid of it, but I still ain't sure... -------------------- |
|
|
1 Sep 2009, 1:26
Post
#21
|
|
Officer of the European Continental Army Group: Members Posts: 2351 Joined: 7 June 2009 From: England, Great Britain Member No.: 71 Community Manager at Nexus Mods |
Is this just a trojan virus or something else?
-------------------- |
|
|
1 Sep 2009, 12:27
Post
#22
|
|
Group: Administrator Posts: 5732 Joined: 31 May 2009 From: The Netherlands Member No.: 1 Projects: SWR Productions Bitch slapping SAGE since 2003 |
if it was the same one as i got it was a virus that ran on the back ground and made trojans and when removed it would re-download it's self with some hidden script (which is no where to be found) and start all over again after the first reboot.
-------------------- |
|
|
1 Sep 2009, 14:12
Post
#23
|
|
Group: Members Posts: 846 Joined: 7 June 2009 From: England UK Member No.: 80 Forum Mechanic |
If i remember correctly one was going around a while ago but as a RAR file it would come up and say something like ''have you seen this picture of me'' and then you would be asked to download the RAR file.
|
|
|
2 Sep 2009, 19:25
Post
#24
|
|
Frontline Chaos mod leader and creator Group: Tester Posts: 493 Joined: 6 June 2009 From: Dordrecht, the Netherlands Member No.: 25 Projects: ROTR Tester Host of |
Well, if all else fails, use this: Kaspersky Rescue CD. It seemed this finally cleaned my pc. Do note it takes very long: it took 24 hours to scan my complete pc
-------------------- |
|
|
2 Sep 2009, 19:32
Post
#25
|
|
Officer of the European Continental Army Group: Members Posts: 2351 Joined: 7 June 2009 From: England, Great Britain Member No.: 71 Community Manager at Nexus Mods |
Well, if all else fails, use this: Kaspersky Rescue CD. It seemed this finally cleaned my pc. Do note it takes very long: it took 24 hours to scan my complete pc That looks useful. But why did it take 24hours? Do you have like loads of HDD space and pretty standard RAM/CPU or something? :S -------------------- |
|
|
Lo-Fi Version | Time is now: 26 April 2024 - 20:26 |