SN Users - watch out for an MSN worm
 

There is a worm going around some of our members who like to use MSN.

If you get this worm, it will try to pass it on to all other members in your address book. You will be unaware that you machine is sending messages to your friends, pretending to be you.

The text will be random, but will invite you to look at some pictures. I was caught out as the text just happened to be plausible. The file you will receive will be a .zip file.

Inside the zip will be a "picture". It will be called something along the lines of 420.jpg."your hotmail username".com. So its not really a .jpg. Don't run this file. Nasty things happen if you do.

I do not know what the virus is called, no current virus/malware scanner can detect it to my knowledge. I have been analysing a sample of this file for most of the afternoon. I have tried more than 20 AV scanners, and none currently detect the infection. Scanners I have tried include AVG, Norton, McAfee, NOD32 and a whole bunch of spyware/malware scanners.

Mods: I know this is computer related, however there are many members who use MSN but don't look in our computer related area.


If you do get infected, there are means to remove the infection. They are not easy, and there is no way at the current time to know if you have totally removed it. For me, after playing with it, I just rolled back to an image of my machine from y'day.

Each time the virus attempts to send the virus it changes many things. It changes the name of the .zip and the name of the .com. It also changes the names of the registry keys it hides under, and the names of the files it copies onto your machine.

I used a previous registry backup to compare and contrast while examining things (Winpatrol, it detects and informs of changes). First time the virus tried to hide as a print server, second time a video driver, last time a virus scanner. Shame it decided to call itself norton...I kill files like that on sight as a matter of course ;) :lol1:

:wonder: Warning us all nice and early ... you ******* :lol1:


attached actual message and file ... lucky I dont trust you aint it lol

its ok i dont have many friends anyway lol but thanks for the heads up

I got the warning out before you did :smug: :razz:

I mean you didnt get the warning out before you tried to send it to me :lol1::lol1:

I wasn't gonna warn anyone... if you're stupid enough to use NOD LOL

I'll get you next time :p :D

I am one of the infected ones :(

Someone just told me that I sent them my baby cousin's pic (????) and they were trying to open it. I shouted " DON'T!!! I NEVER sent you any baby cousin's pic, and I never asked for your permission to put your pic on Myspace! I don't even visit Myspace FFS!" :brickwall

My apologies to my fistful contacts if they have received any random rabbitting from me on MSN, it was actually dpb :thumb:

LOL only joking, Duncan! :D

This virus needs sorting. Any MSN whizkids here to tell me how to handle it? :confused: I am so close to breaking this fecking laptop! :mad:

:D

You only asked me twice TH , it hasn't happened since though :thumb:

I have no idea how you can get rid of it though

I believe the answer for removal is here:
MSN Hijacked by .com file wrapped up inside .zip - Tech Support Guy Forums

However, it is not for the faint of heart :( It will take you a while to work through all of that. Even when you are done, there is no guarantee there is nothing left.

I am hoping someone will analyze the files I sent to get a quick fix for the issue.

A couple of members somehow got some weird files from me yesterday, Steve. :( Bleddy pain in the @rse it is :mad: I have found a PC doctor in my village newsletter. I shall give him a call tomorrow.

Oh dear, I dont think I have sent anything out, when I got the messages from you there wasn't any files attached, but I do have MSN setup to virus check any files first

When you're next considering a new computer, a little advice.... http://www.graphicdiscount.co.uk/aca...logo-apple.jpg

apple smapple

YouTube - Wild hogs alternative specs :razz:

LMFAO... excellent clip

brilliant clip....shame he didnt impress the tasty bird with his PC :lol1: :lol1: :lol1:

dont tease the natives, they get upset :smug:

apples only last a week or two before they go rotten :razz:

yah because apple don't have problems with trojans :lol::Whatever_

:thumb: yes we dont :smug:

anyway back on topic, thanks for the heads up. I wonder how prevalent this is,because I havent seen any information on the virus boards as of yet , symantec dont seem to have it on theirs etc ??

No idea how popular it is the wild. I just know it was going round a few SN members, or at least had the potential to.

Its an old issue to be fair.. its being making its way around for a while !

MSN Messenger Virus Removal, MSN Virus, Happy-Messaging.com

What the fcuk were you thinking when you opened a zip file from an unknown source. lol

:iamwithst

It comes from people on you MSN list.. thus.. not unknown

8 years with no virus protection whatsoever and still running fine :smug:

It really is so simple I can't understand why MS find protecting you guys so difficult. Any downloaded file is checked by the OS and if it detects an application or installer you are warned and asked if you want to continue. On opening the file, if it contains either you get another warning before you authorise using your admin ID and PW. Any app which utilises key OS protocols requires authorisation on its first activation, after that, if you've still not realised that that JPEG called 'Britney DP Creampie' isn't what it seems then you deserve all the trouble it brings TBH.

Most home users need a web browser, email client, image, music and movie manipulation and convenient storage, and personal contact and diary control. All this ships with every new Mac, and almost every other task the home user could ever need to do is easy and available. If you really need to have an environment exactly like your workplace then fair enough, but in the same vein do you decorate your home to look like your office too ? Why not try something different, you never know, you might like it, being fast, efficient, reliable, productive, easy and pleasing to use, safe, and even stylish. I use both in my work and choose Mac, most whom use other systems don't do so by choice :cuckoo:

BOT - Have fun with your worms :D

If iTunes is anything to go by I'll never get a Mac, God awful bit of software.
(having only recently been brought kicking and screaming to it because of my iPod)

Same principle, but a different bug. We will just have to wait for the files to be analyzed.

As for Apples, when 80%+ don't use them people cannot be bothered to write viruses for them. Just not enough profit to bother with :p

:wonder: I have no protection on my PC... been like this since 98.. never had a single issue.

Oh and I'm sure Vista comes with basically all the stuff you just listed !

Steve jobs himself admitted several years back that the pc won the war.