Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

MSN Virus?


ghost's Avatar
0 0

Hey

I just got this damn thing on my comp, my friend said to me yesterday: "I think I found your pic on myspace!" then sent me a file called "pics.zip" but I was playing a computer game so when I was back on the msn conversation she was already offline so I couldn't accept the file. I was like wtf because she has never seen me in real life and I have never sent her my pictures. Today she sent me that file again saying: "Have you ever saw me Naked? :D"

That line was obviously trying to make me accept it, though instead of accepting it, I asked her why she said she think she found my pictures in myspace. She didn't answer me and after like 10 seconds she got logged off. About 10 minutes later she logged on again and sent me the file again saying: "ok I DO NOT like my new hair color.. but people on facebook do. what do you think? And no laughing! lol".

I've known her for a very long time so I thought she only tried to make me accept the file because she had something else on the zip and trying to give me a good laugh or something like that. So I accepted it (yes, I know, I'm stupid). I scanned it with Norton and it found nothing. So I opened the zip and then saw only one file… I saw it was a dos file and I know it won't do anything on my comp unless I execute it myself so I extracted it and opened it in a hex editor to see if I could see anything there. Nothing found although when I was going to use olly I misclicked and did a double click on it…. The file immedietly deleted itself and norton warned me about service.exe is trying to connect to a dns server. I then blocked it and opened taskmgr and clicked on processor, I then saw service.exe was running so I closed it. I deleted the zip and now I have no idea what's going on. I did a full system scan with Norton and is going to do a scan with ad-aware soon too.

Just wondering if you guys know anything about this. I think its just sending the same file to my other contacts.


ghost's Avatar
0 0

To the best of my knowledge, (And experience with MSN Viruses) they generally 'attack' your computer with addware that sends the same messages to your contacts who you chat with. eg, you have it whoever you talk too gets the message to accept it.]

I dont acually kno what "type" of addware it is but some have been known too moniter your websites visited but i dont know.

Anuyway, hope it helps/.

FireSaleHaxor


ghost's Avatar
0 0

Use your registry backup, and go in to save mode and delete the files, google the EXE to find the changes


spyware's Avatar
Banned
0 0

yah, it's swarming already. Dutch variant confirmed :/.

I stayed clear of danger though.


ghost's Avatar
0 0

A hijack this log could be useful