Curse

LiamR · Nov 26, 2006, 07:30 PM // 19:30

It seems a huge virus has been shot all over MSN.

Someone sends you a file called

"Is this you in the pic :P"

I clicked accept thinking WTF.

It loaded, AVG popped up saying virus found.

Then, it loaded up ALL my contacts, sending that message forward.

Anyone else experiencing this, how to counter it?

Just a warning

LiamR · Nov 26, 2006, 07:38 PM // 19:38

People this is way important. Nudge!

Tachyon · Nov 26, 2006, 07:38 PM // 19:38

Quote:

Originally Posted by LiamR

how to counter it?

Simple, don't accept anything over MSN. You wouldn't automatically open any old attachment that arrived via email so why do it on MSN?

Antheus · Nov 26, 2006, 07:43 PM // 19:43

Best way is of course to stop using MSN altogether. That thing is a security disaster.

LiamR · Nov 26, 2006, 07:44 PM // 19:44

I meant how to counter it when it is installed. Also, when i open remove programs, i see '888bar'. When i try to remove, it disapears.. i open remove programs again, it's back. Please help T_T

EDIT, I removed msn, stop that Red Engine in his tracks. Shoouldnt it?

Yanman.be · Nov 26, 2006, 08:00 PM // 20:00

I just got it from a mate too. Offcourse, I didn't accept it ,because I know he doesn't speak english.

LiamR · Nov 26, 2006, 08:08 PM // 20:08

Oh, damn. I *think* i removed it.. it stops popping up, not in remove programs list. Eek

exiled mat · Nov 26, 2006, 08:12 PM // 20:12

avg should take care of the virus part for you (if you have the latest version)
and about that 888 bar thingy: try using hitman pro http://www.hitmanpro.com/|
Just install it and it automaticly runs all well known spyware removal tools, that should do the trick

PanGammon · Nov 26, 2006, 09:01 PM // 21:01

Whats MSN :>

Tachyon · Nov 26, 2006, 10:02 PM // 22:02

Download and run this, once it's finished scanning delete (fix) whatever it finds and re-boot your PC.

http://www.majorgeeks.com/VundoFix_d4954.html

No installation is required, it's a stand-alone app. Just run the exe.

Tera · Nov 26, 2006, 11:04 PM // 23:04

lol, ppl are saying dont open anything over msn, and we are giving him links to 'anti virus and spyware' things.
kinda irnoic

cos the same thing could happen

Tachyon · Nov 26, 2006, 11:34 PM // 23:34

Quote:

Originally Posted by Tera

lol, ppl are saying dont open anything over msn, and we are giving him links to 'anti virus and spyware' things.
kinda irnoic

cos the same thing could happen

Quoted for the sole reason of possibly being the dumbest post yet!

Anyway, what's with the "we" part? I haven't seen you offer any advice to sort this guy's problem out. I'm guessing that you haven't downloaded any anti-spyware or anti-virus software before then.

Zarn · Nov 27, 2006, 12:41 AM // 00:41

Best advice is of course never to accept anything through msn, but then again, sometimes u get something from friends, and suddenly something like that pops up and u dont think for a second it may be hazardous.

Well personall Id use Spywareblaster to prevent that crap even entering my pc, and i use Avast as anti virus... I feel that works quite well.

BFG · Nov 27, 2006, 05:21 AM // 05:21

Well, no use telling you what NOT to do in the future. I will assume that you are using WinXP, so getting this off of your machine may not be totally futile. I would suggest the use of Ad-Aware SE and Spybot Search & Destroy to compliment your antivirus. While they may detect malware, the removal part gets tricky sometimes. This seems to be some sort of toolbar or similar item that automagically reappears no matter how many times you delete it. Try running those two programs in Safe Mode and they should be able to remove what they find.

Next, you may want to do a manual search on your machine to find some things that may not belong.

First, you need to reveal hidden files and folders:

Start->Control Panel->Folder Options->View tab->Hidden Files and Folders->Show Hidden Files and Folders
Next, do a manual search.

Start->My Computer->C:/Documents and Settings->(profile name)->Application Data (look for anything that is out of place; don't worry, it will be obvious)
Further your manual search.

Start->My Computer->C:/Documents and Settings->(profile name)->Local Settings->Application Data (do the same as you did above)
Search more.

Start->My Computer->C:/Documents and Settings->All Users->Application Data (again, note oddities)

The folders in the above locations should correspond to software that you have installed on your machine. Anything out of place that you are confident does not belong there (for example, a folder named "888tool" or such) should be deleted. There are times when you'll get the classic "OMG it's being used" error from Windows, but don't fret. Simply reboot into Safe Mode without Networking and banish those bad folders.

This is only a procedure I use to find what the scanners do not find. It may be a waste of time to even look in those locations, but if for just the peace of mind, give it a go.

Tera · Nov 27, 2006, 10:56 AM // 10:56

Quote:

Originally Posted by Azagoth

Quoted for the sole reason of possibly being the dumbest post yet!

Anyway, what's with the "we" part? I haven't seen you offer any advice to sort this guy's problem out. I'm guessing that you haven't downloaded any anti-spyware or anti-virus software before then.

thnx for the comment.

and by 'we' i mean the GW guru community.

And i have downloaded anti virus software and spyware before, but its automated through the systems i use.

I never meant to insult any1, but on other forums i know people who posted links to malicious things under the disguise of anti spyware tools.

you, and other people here may not be doing that, but i just dont want the same thing to happen to someone else.

Gorebrex · Nov 27, 2006, 11:21 AM // 11:21

You can also try Hijack This - http://www.pcworld.com/downloads/fil...scription.html
Good instructions on its use are here http://forums.g4tv.com/messageview.c...hreadid=466949
Also, can you post a pic of your Task Manager, so we can see what processes are running? If something "doesnt look right", you can usually type the process name in your browsers search window, and find out what it is.

TheYellowKid · Nov 27, 2006, 11:52 AM // 11:52

I would say use hjackthis after using Ad-Aware and Spybot. When you use hijackthis search for hijackthis log analyzer so you can see what is dangerous and not, but be careful dont automatically remove everything as this will (prob) damage your system.

Also take a look in your received folder, I think when i got something like this once, there were files in my received and the windows\system folder

Tarun · Nov 27, 2006, 08:59 PM // 20:59

Get Avast and visit www.lunarsoft.net for comprehensive help getting your computer cleaned up good as new.

Superdarth · Nov 28, 2006, 05:47 AM // 05:47

I remember someone posting the solution in the Runescape forums.

The damn mods deleted it though..Jagex's mods are far to trigger happy.