Jump to content

MSN Messenger Virus Problem


DITPML

Recommended Posts

Okay, I'm an insanely basic computer user, but I'm hoping you fine folks can help me out here.

I got an IM from a friend last night that went something like this:

Friend says:

lol, you'll like this

And then a link is sent as well.

Link to comment
Share on other sites

search for a program called Trojan Hunter Gold and download and install it, then run it and it should get it.  after its gone uninstall it or disable it or w.e u want to do. if your computer is older and u have it constantly scanning then it slows your comp down a LOT (well for me it did, i tested on a couple of my comps and it always slowed the older ones down [900Mhz or lower])

Link to comment
Share on other sites

Well, I did the scan and it didn't pick anything up.  Another program I had going picked something up and said it cleaned it, but I have no idea if it was what I'm looking for.  I really hope that worked.

If anyone else has any suggestions for this problem, by all means.... post away!

Link to comment
Share on other sites

Guest helloimtim

I would get avast and or avg anti virus programs. Both are free and work well. I would start your computer in safe mode with networking and run scans that way. If

Link to comment
Share on other sites

You have the Kelvir Worm there is no doubt as I have tried to worn people as I saw this was going to quickly escalate out of control.  :cry: Even Reuter's IM went down and was infected for a while. See post for original MSN VIRUS ALERT!!! here:

https://testmy.net/topic-4402;all

        The same thing happened to Gore here is a removal tool if will clean most variants of this worm but I'm sure new versions will arise soon it's inevitable :!:  :idea:

Here is Symantec Norton link for removal tool:

W32.Kelvir Removal Tool (FREE):

http://www.sarc.com/avcenter/venc/data/w32.kelvir.removal.tool.html

Sorry if you missed the older post about the MSN VIRUS ALERT!!!  :( that is unfortunate because if more people read it I explained how to proactively avoid it and integrate an AV into MSN IM but alas some will miss my points made or maybe ignore it  ;):haha:. Well look I DO NO about viruses, worms, trojans and malware as well as AntiVirus engines, ect. because I in fact collect them and learn to understand them. I hope I am not comming off as arrogant or sarcastic to anyone because this is not my intention but sorry if it appears that way to anyone. :-P:o

Anyhow here is excerpt from that other post as mentioned above:

"Ok dunno if u ever cleaned it successfully or not but just so u know what it is your MSN worm was a newer nasty one and many variants are coming out of it as well.  It appears to be based off SDBot variant (W32.SpyBot.Worm - name reference see Sophos)  as far as I can tell which has been through many changes and add-ons with added exploits and spreading features for years and has gone through many versions as well as ripped off offshoots from ppl taking the source code and altering it to suite their needs or to be lame and act like they are 1337 like they made something new LOL some are just script kiddiots ROFLMAO :haha: Laughing Anyway should be detected by ESET NOD32 Anti-Virus as well as Trend Micro AV, Symantec Norton AV and I've heard Zone Alarm Security Suite (if u use it's AV ..which is generally pretty weak and not really a reliable enough Anti-Virus solution in my opinion ergo it's crap  evil6) .  Most AV w/ all most current updates should take care of this but I am posting this so everyone is aware that some newer variants will likely be missed in AV detections if they are custom encrypted or obfuscated in some variety of ways so be on the look out especially MSN Instant Messanger users or and IM user (probably) Idea here are some helpful links about it:

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_KELVIR.N

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM%5FKELVIR%2EN&VSect=Sn

Scroll to middle of forum page here same thing happened to this guy  :and his friends:

http://www.wilderssecurity.com/showthread.php?t=75510

You all can easily check for many W32.Kelvir Worm variants with a free tool from Symantec (as much as I hate Norton Symantec does make many useful FREEWARE removal tools provided u have any idea what your infected with Wink :haha:) Anyway here is the link to W32.Kelvir Removal Tool (FREE):

http://www.sarc.com/avcenter/venc/data/w32.kelvir.removal.tool.html

Also people with MSN IM do this as stated in Wilders Security Forum so eloquently by Gauthreau, "In MSN 7.0 go to Tools -> Options -> File Transfer. Check the box that says "Scan files for viruses using:" Then click the browse button. You want to go to: "C:Program FilesESETnod32.exe"

Conversely, if you have Nod32 installed to the same above directory, you can just copy and past the above directory to the MSN window (quotes included) then OK your way out."

The same goes for whatever AV you may have installed in your system use same steps and put the scanner executable in the text box  from Tools-->Options-->Messages (TAB)-->File Transfer-->CHECK THE BOX-->Browse (for Anti-Virus Scanner Module) or cut and paste it in (example for KAV v4.5.095 user:  C:Program FilesKaspersky LabKaspersky Anti-Virus Personal ProAvp32.exe)  -->Click OK (at bottom of Options)--> YOUR DONE!"

Hope this helps since many people have put good info here to help you but unfortunately aren't sure what sort of infection or malware problem you have on your machine, You do not need to panic and reformat unless your paranoid, this is pointless and will just set you back more than likely. What is on your machine is positively the KELVIR WORM I would bet money on it if I wasn't currently broke. :haha:  :angry5::whaa:

But I would assure you I am right and have been gathering intel on this worm since it infected Gore until now. BTW check out my site if you wish for some Anti-Virus and Anti-Spyware solutions here is a link for my site but I will suggest you stay in this section unless you want to infect yourself with more real viruses that I use to test AVs out with ;):lol:

url snipped by swimmer

Good luck and let us know if you get it fixed or still need help fixing this nasty worm. :);)

Peace,

Azag

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...