I got some nasty thing on my computer

G

Guest

Something takes controll of my AOL instant messenger and sends everyone on my
list a link. If they click on the link it downloads something and if they
run it they get the same trojan or virus. The reason that its spreding so
quick is because you get this link from trusted friends screenames and you
think its ok, but they don't even know that it was sent. I think the creator
has disguised it as a MSN messenger file. All the time I constantly seeing
a pop up message on the MS anti spyware saying the startup program MSN
Messenger 32 has been allowed. I get it all the time. I don't even have
MSN running and I got that pop up. I found it running in my process list 4
times at once. Then if I end them all they just come back. Has anyone
else heard of this and why isn't the spyware picking it up in scans or why is
it allowing the process to keep starting?

Here is the file name I now have web root blocking for me since the MS one
keeps letting slip through. I don't think webroot is working to block it
either because I notice the same file name in my block list 5 times. So its
somehow keeps opening up and running, then I have to keep picking block.

MSN Messener 32 msniu.exe
 
G

Guest

I had a very similar thing come into my computer about a week ago via an IM
from a trusted friend. I, too, made the mistake of clicking on the link to
what I thought were her pictures. I have been fighting to get rid of it
ever since. I used an arsenal of Anti- Spyware programs to include: MS
AntiSpyware Beata 1, Ad-Aware 6.0, Pest Patrol Home, and Norton Antivirus. I
had downloaded all the most recent updated versions of their virus
definitions. After getting clean indications from all of these programs I was
still getting pop ups. I had also gone through my registries and manually
searched and deleted all the known indicators for the quick links virus from
the data sheets on this virus. Needless to say I was extremely frustrated
and was worried that personal information was possibly being compromised. I
was going through this Discussion group to see if anyone else had experienced
a similar problem. I found a posting that recommended using CWShreader and
gave a link. I tried that and it didn't come up with any hits. However, I
followed the information given in CWShredder and went to the site of the
folks who wrote that software. They have a 30 day trial version of Trend
Micro Antispyware. I did some research and found that the company is
reputable and is even traded on the stock exchange. Here is the link to the
trial version of their software:

http://www.trendmicro.com/download/product.asp?productid=62

You will want to use the U.S. version which is the first one on the page.
When I first ran a scan with this software it detected two suspicious files.
Mid way through this first scan I got a notice that virus definition updates
were available. I downloaded these and then ran a second scan. This time
the scan found the initial two suspicious files and an additional nine more
suspicious files. I had the program clean out the bad files and everything
has been running much faster and smoother on my machine since. The pop ups
are gone as well. I will purchase their software once the 30 day trial
period runs out. I strongly recommend this software. It worked where
nothing else did. In fact, I sent it to the person who initially sent me the
IM which had the infecting link and told her that she should send the link to
this trial version of the software to the folks on her IM list so that they
could get rid of the bad programs. For some lucky reason my machine never
sent out any infectred IMs. Perhaps that was because I started getting
warnings from my MS Antispyware right after I clicked on the infected IM
link. By immediately denying some of the offensive software permission to
install on my machine I may have aborted this portion of the virus.

I am in no way connected with the company that makes this software. I am
merely trying to pass on something that worked for me. Good luck. Please
let me know if this removes all the bad stuff from your machine. We should
get this information out to the widest possible audience. At the very least
it will shame the big antispyware companies into producing a updated fix that
will get rid of this crap.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top