Over 1 million tech questions and answers.

Windows Live Messenger Virus Problems

Q: Windows Live Messenger Virus Problems

I somehow got a virus/worm/thing related to my Windows Live account. Whenever I would log in, I would send a message with a link to all online contacts (the message being "HOT! HOT! www.isexsexsex.com" or something close to that). I would also spam any contacts of mine that came online while I was. I personally couldn't see the message going out, and I was not logged out of my account. I spent half a day trying to get rid of this dang thing before finally giving up. I first changed my password and security question, but that didn't work. Then I went and downloaded and updated every antivirus/antispyware program I could think of (Malwarebytes, Spybot S&D, Crap Cleaner, Glary Utilities, AVG). After everything was fully updated, I disconnected my computer from the internet and ran scans from all of the above mentioned programs. While the scans were going on, I went on to a completely different computer and changed my passwords to all my important web accounts, then changed my Windows Live account password and security question to a completely different password from the rest. After all the scans on the infected computer were completed and everything they found cleaned up, I uninstalled Windows Live completely, then installed it again fresh. I then reconnected to the internet, and tried signing into Windows Live. Same thing happened, I was still spamming people. I then proceeded to go and manually check all my running processes, and they were all legit and clean. At that point I just got fed up and uninstalled Windows Live again, and I haven't installed it since then. I'm told that the only thing left now to get rid of it is a reformat, but I really don't want to have to do that. Is there anything else I can do that I missed? Also, am I freaking out over nothing? I'm afraid that whatever this is that has infected my account can also collect passwords and other personal information from my computer.Forgot to mention, I'm running Windows XP Professional, and was using the latest version of Windows Live Messenger.

RELEVANCY SCORE 200
Preferred Solution: Windows Live Messenger Virus Problems

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Windows Live Messenger Virus Problems

Hi Legile Blade,Before thinking of a reformat, there are still a few steps that can be taken. I want to ask you to do two scans and post me the results. If you did scans with these programs already, please let me know. Did you update the programs you mention in your post you used to scan?Before we start fixing anything you should print out these instructions or copy them to a NotePad file so they will be accessible. Some steps will require you to disconnect from the Internet or use Safe Mode and you will not have access to this page.ATF-CLEANER------------------Please download ATF Cleaner by Atribune. (This program is for XP and Windows 2000 only)Double-click ATF-Cleaner.exe to run the program.Under Main "Select Files to Delete" choose: Select All.Click the Empty Selected button.If you use Firefox browserClick Firefox at the top and choose: Select AllClick the Empty Selected button.NOTE: If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browserClick Opera at the top and choose: Select AllClick the Empty Selected button.NOTE: If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.For Technical Support, double-click the e-mail address located at the bottom of each menu.Please download SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)In the Main Menu, click the Preferences... button.Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program.Do not run a scan just yet.Please download Dr.Web CureIt and save it to your desktop. DO NOT perform a scan yet.alternate download linkNote: The file will be randomly named (i.e. 5mkuvc4z.exe).. Do NOT run a scan yet.Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in Safe Mode.SUPERANTISPYWARE------------------------------Scan with SUPERAntiSpyware as follows:Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.On the left, make sure you check C:\Fixed Drive.On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".Make sure everything has a checkmark next to it and click "Next".A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.If asked if you want to reboot, click "Yes" and reboot normally.To retrieve the removal information after reboot, launch SUPERAntispyware again.Click Preferences, then click the Statistics/Logs tab.Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.Please copy and paste the Scan Log results in your next reply.Click Close to exit the program.DR. WEB CUREIT----------------------Scan with Dr.Web CureIt as follows:Double-click on the randomly named file to open the program and click Start. (There is no need to update if you just downloaded the most current versionRead the Virus check by DrWeb scanner prompt and click Ok where asked to Start scan now? Allow the setup.exe to load if asked by any of your security programs.The Express scan will automatically begin.
(This is a short scan of files currently running in memory, boot sectors, and targeted folders).If prompted to dowload the Full version Free Trial, ignore and click the X to close the window.If an infected object is found, you will be prompted to move anything that cannot be cured. Click Yes to All. (This will move any detected files to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if they can't be cured)After the Express Scan is finished, put a check next to Complete scan to scan all local disks and removable media.In the top menu, click Settings > Change settings, and uncheck "Heuristic analysis" under the "Scanning" tab, then click Apply, Ok.Back at the main window, click the green arrow "Start Scanning" button on the right under the Dr.Web logo.Please be patient as this scan could take a long time to complete.When the scan has finished, a message will be displayed at the bottom indicating if any viruses were found.Click Select All, then choose Cure > Move incurable.In the top menu, click file and choose save report list.Save the DrWeb.csv report to your desktop.Exit Dr.Web Cureit when done.Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)

Read other 1 answers
RELEVANCY SCORE 74

Hi, I stupidly clicked on one of the link a friend sent me through msn.
The link derected me to this website and asked me to log in, since then my messenger logs off on its own with a notice saying that i've loged off to another device and sent ppl in my contact list this link: hxxp://thatzz.awesomeofferz.com

i've tried to scan the my computer with AVG-free and it did not help at all. Also try one of the software msn virus removal, and the software couldnt find any malfunction.

Could someone help me please.... Many many thanks

Here's the DDS.txt log:

DDS (Ver_09-01-07.01) - NTFSx86
Run by Cindy at 7:21:59.09 on 12/01/2009
Internet Explorer: 7.0.6001.18000
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.65.1033.18.3068.1761 [GMT -8:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\rundll32.exe
C:\Windows\system32\WLANExt.exe
C:\Wi... Read more

Read other answers
RELEVANCY SCORE 68.4

Ok, so I recently had my ISP changed, and all of a sudden I couldn't get webcams to work on windows live messenger. No one's cams worked, not mine, not my friends, no one.
I called my ISP and they said it wasn't them, I reinstalled messenger, I've had no luck.
I can still make video calls but they're slow and pixelated.
What can I do?????
 

A:Windows Live Messenger Cam Problems

check internet speed what was you on before changing?

http://www.speedtest.net/
 

Read other 1 answers
RELEVANCY SCORE 68.4

Hey there!

I've been having problems with WLM 9.0 (14.0.8064.0206, 14.0.8050.1202). WLM Keeps popping up from the taskbarn everytime I minimize Firefox. When I minimize other windows or applications, WLM keeps it's position in the taskbar like it should.

So there's some kind of problem between WLM and Firefox, but what the problem is, I dont know.

Any thoughts?

A:Problems with Windows Live Messenger 9.0.

Hi,

I have W7 beta 7000, WLM9 and FF latest version and have not noticed this behaviour. Which W7 beta do you use?

Read other 6 answers
RELEVANCY SCORE 68.4

Hi, I have being getting the error since this afternoon now
i have also search tru and read tru many website regarding the error 81000306

Well the Windows Live Messenger works fine earlier this morning while during the noon, me and my housemate changed the ISP since we have being using our friend's internet
And since we have our own ISP now, we switched the router and start using the internet
All works fine accept i cannot access into windows live messenger.
the thing says that It is not connect to .Net Messenger Services.

Runned all the rgsrv32 dll files, cleared the Socks, Flushed the DNS but none ever work.

It is still the same router tho Linksys that the MSN actually work before the switch of ISP
so either there's something wrong with the ISP or there's something that i need to configure.

Any Ideas where i Should start and do?
Thanks in Advances, much is appreciated and if you live in Asia, i'll buy you some beer.

[edit] i'd just noticed that i cant actualyl access into my hotmail accounts nor can i actualyl post anything at certain forum nor does certain microsoft website works, such as entries of windows and stuff

it would only show blank page after i post or login which basically i got nothing

wait maybe it work from which the problem may lies to the internet making most of the page load into blanks
 

A:Problems for Windows Live Messenger

Several current threads on TechSpot about this issue. Please search for information that will help you. If you do not find it from existing threads, please advise.

EDIT: Here's one: http://www.techspot.com/vb/topic125191.html
 

Read other 2 answers
RELEVANCY SCORE 68.4

Hi all, Im hoping someone can help with the new windows live messenger which I have downloaded recently. I cant seem to access some of the content and am being given an error message of " your current security settings prohibit running ActiveX controls on this page. As a result, the page may not display correctly."

I have searched my security settings in IE and Mozilla firefox but it doesnt seem to make any difference.

Any help would be appreciated.......
 

A:windows live messenger problems

A few questions:

1) do you have any firewalls running? Some firewalls can be configured to block ActiveX content, as it a known route of infection.

2) Have you tried uninstalling, downloading a fresh copy, rebooting, and then re-installing. Sometimes this clears up "weird problems" with software.

This will help me and the rest of us see if we can't figure out the source of the problem.
 

Read other 1 answers
RELEVANCY SCORE 68.4

I am having problems with Windows Live Messenger, I have windows Vista, could this be the problem? When I try to sign in, the message either says that my "IP Address is not correct" or that WLM is temporarily unavailable. I have uninstalled, and installed a couple of times, nothing is working. I have tried everything that the messenger help service advises.....NOTHING IS WORKING!!
Can anyone help with what to do.....or is there another messenger service I could use instead?
 

Read other answers
RELEVANCY SCORE 68.4

I downloaded the newer version of windows live messenger, I had to update it because I could not log in. After updating to the 2009 version I signed in and I lost all of my contacts they are all missing . I then up graded by IE to IE8 thinking this was the problem. Well it didn't work. I checked all of my options out and they were what the shoud be. I went to the connections part of the program and noticed that there was and error in my connection I refreshed it and it is still there. I can't use the diagnose connection problems because I don't have access to it. I have removed the program and then reinstalled it and still nothing. I can't send out invitations to invite my old contacts. One of them sent me an IM and the program froze up my cursor had the hour glass beside it and stayed that way for a long time. I then exited the program and it said it was not responding. Can anyone help me. I am running Windows XP. Thanks in advance,
Computernut

Read other answers
RELEVANCY SCORE 68.4

With or without running Kaspersky antivirus trial i cannot access from my windows live messenger my hotmail account. It says something about java not installed or blocked.

I downloaded / updated Java from the Sun site and the old JSE enviroment like it says on your site was deleted . Now Messenger went haywire.

Please help!

first post original logs and problems with "My Computer":

http://www.techsupportforum.com/secu...-high-cpu.html

Thanks!

A:Windows Live Messenger Problems

Please be patient and wait for replies to your first HJT help thread - and do not create new threads to get attention.

Read other 1 answers
RELEVANCY SCORE 68.4

The program is not sending the mails.

A:Problems with Windows Live Messenger

Hello,

Is it possible a firewall is blocking it? Try disabling any anti-virus/firewalls you might have.

You can also try removing the program and reinstalling.

Read other 5 answers
RELEVANCY SCORE 68.4

I cannot see the bar on my windows live messenger Version 9 that tells me who I am talking to in my tabbed chats! It is realy annoying me because I can only talk to one person at a time! What can I do!

A:Windows Live Messenger Problems!

uninstall and reinstall new copy

Read other 1 answers
RELEVANCY SCORE 68.4

Hey guys, I'm really stuck.

I've just downloaded Windows Live Messenger and I can't get it to sign me in.
Every time I click the Sign In button, it pauses for a few seconds and then a box comes up saying:

"Signing in to Windows Live Messenger failed because the service it temporarily unavailable. Error code: 800401f3".

I've been trying to sort out the connections but I have no idea what I'm doing, any help would be muchly appreciated.

Cheers.

 

A:Windows Live Messenger problems

click on the drop down bar and go to tools---->options then select the network tab and try the connection tests and such. Also try advanced connection and let me whats in there if anything.
 

Read other 2 answers
RELEVANCY SCORE 68.4

Hello,

When I try to Log in to my MSN IM, it just freezes and stays frozen till I restart my computer and then it freezes again. I try to you Ctrl+Alt+Del, but it won't load it. Thanks

Corey
 

Read other answers
RELEVANCY SCORE 68.4

Okay, so a few days ago I updated my Windows Essentials and it updated my messenger to 2011. I did not like that version, so I uninstalled it from my laptop. Then I installed an the old version I liked, (or I think I did.)
Anyways, the problem is with my cam.
As you can see, it says "Start or stop a video call" It did not say that before. It used to say " Invite contact to send cam" or " Send your cam". Now it only says "Start or stop video call"
Does anyone know how to fix this and make back to what it said before? I really need it back to that way. Or is there a version of messenger that has it that way? All help is appreciated. Thank you very much.

A:Windows Live Messenger problems

Well, an update, I asked some friends and this is what happened.

This one can see the old version options.
But this friend says that "start or stop video call" is given to him for all his contacts.
But at the same time, this friend said that the option "start or stop video call" is only given to me. To the rest of her contact list, its a normal "send cam" or "start or stop contact's cam"
Is there any way to configure my settings on messenger to show the option "send my cam" or "start or stop contact's cam" instead of "start or stop video call" ??
I would really really appreciate any help on this. Please. All ideas are welcome. I really need the help. PLEASE.

Read other 1 answers
RELEVANCY SCORE 68.4

Hi, new here. Sorry if this is the wrong forum, please move to appropriate one, thanks. :)

Basically I'm on Windows Vista 64-bit, loads of problems with Windows Live. I've always been using old msn, but I accidently now can't go back to it. So I've been struggling for hours trying to sort this, unless I'm doing something wrong, possibly.

Anywho the error is I sign in and straight away (1-5 secs) I get 'Windows Live Messenger has stopped working'. After which the program closes.

After all the trouble and errors I can't get past this one, I'll be honest it is REALLY infuriating me at the moment.

Before hand I used to get an error that it couldn't log in and that there may have been something wrong with servers, or something. I ended the process of the Nvidia Network Access Controller to solve that, but I get this new error now.

Help, anyone?

Thanks in advance.

Sho

A:Windows Live messenger problems.

Hi -

Do you have an Internet Security package installed - Norton NIS, N360; Kaspersky, McAfee, etc...?

jcgriff2

.

Read other 3 answers
RELEVANCY SCORE 68.4

Hi guys, hoping you will be able to help me out with my Windows Live Messenger, Microsoft forced all users to update to this new version, great, well not really for a lot of people, like me :S, I am now receiving error 80040154, I have tried EVERYTHING that I can find to try and fix it with no luck. Internet connection is fine, firewall is set up correct, and so is everything else, I can't find where this error is and nor can I fix it, all help would be appreciated.

Thanks in advance, Jake.
 

A:Windows Live Messenger Problems

Read other 8 answers
RELEVANCY SCORE 68.4

Hi there. had some trouble with WLM, couldn't get signed in. that was resolved (thanks!) but I am having a new problem. I cannot connect to a contact with a gmail address. I added her, and she shows up in my contact list but only appears as offline. We were both on line, but she showed as offline. then it suddenly changed to Mobile, but I could still not connect and chat with her. Other contacts popped up as available and I could chat with them. Is it the gmail that is the problem?

any suggestions?
 

A:Windows live messenger problems

is she signing using a Google Talk or using MSN?? i dont know if it is possible to chat to Gmail users thru Google Talk.
The only way is if she registers her email with .NET Passport and signs in using WLM. did she do that already?
 

Read other 2 answers
RELEVANCY SCORE 68.4

Ok, does this happen to anyone else?
You go to bed, things are working fine, but wake up and it is screwed up?
The midnite gremlins always seem to play havoc with me!
Now when I login to windows live messenger, I get the "so and so wants to add you to their list" box for anyone and everyone who has ever been on my list or in my contact list. I am talking a hundred or more of these boxes I have to manually cancel!

This happened at work, but my home computer was ok.
Now it does it at home, but my new work computer doesn't do it

What is up with messenger?

If you say uninstall and reinstall, how does one save all the custom emoticons? And I did this at my first work computer and it made no difference! You would think that your profile and setup would be the same on any computer but with this it isn't, why not?

Anyone got an idea??????

[email protected] me if u want

Also, does xp have a fix or repair section where it will diagnosis itself and little things will be repaired-such as selective password rememberance, IE7 stuff?

Read other answers
RELEVANCY SCORE 68

Hi,

About 2 weeks ago my entire contact list from Windows Live Messenger disappeared. After trying a lot of different things, I found an easy solution. Somehow all my contacts had been moved to my block list, so I moved them to the allow list and the problem was fixed.

Yesterday, I signed into Windows Live Messenger, and suddenly my contact list disappeared. All my contacts were already on my allow list, so I don't know how to fix this problem. Now I'm constantly getting emails to my hotmail address- from [email protected] with the subject line- Delivery Status Notification (Failure).

It looks to me as though it's some sort of virus/spyware and AdAware, Spybot Search and Destroy and AVG Anti-Spyware have picked up a little bit of spyware, but nothing has fixed my Windows Live Messenger contact list disappeared problem.

Does anyone know how to fix this? I would really appreciate a fix without needing to reinstall messenger and adding all my contacts from scratch.

Thanks in advance everyone!!


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:38:32 PM, on 20/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\... Read more

Read other answers
RELEVANCY SCORE 68

Hello all,

I received a virus through Windows Live Messenger through one of my contacts that said: "jesus this picture really looks like you." and the conversation window had a file for download. Foolishly I downloaded the file and now not only do I have the virus, but my Messenger is sending out messages just like the one I opened. I am copying a log file from HJT. I hope this is the right thing to copy. Adaware, Spyware Doctor, and Norton Antivirus cant catch this thing. I appreciate any help on removing it.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:39:36 PM, on 12/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program... Read more

A:Windows Live Messenger Virus

Hello r.d.j.,

Welcome to TSG. Malware is showing there, so let's start some repairs now.

Be sure to temporarily disable any protective software when running the scan tools we use here. Very important. You will want to make a copy or have other access to these steps as they will be done without net access.

Open HijackThis, and choose None of the above, just start the program. Click Config Misc Tools Open process manager. From the list, click each of the following if it is present, and Kill Process. Close HijackThis.

C:\WINDOWS\system32\gwqx.exe
Download SDFix.exe and save it to your desktop.

Download ComboFix.exe from here to your desktop.

Now disable your net connection, and if dsl/cable physically disconnect the cable from the machine, if dial-up, the phone line.
===================================================
Reboot into Safe Mode (at startup tap the F8 key and select Safe Mode).
In Safe Mode, click the SDFix.exe and allow it to extract to it's own folder (C:\SDFix). Navigate to that folder and double click RunThis.bat to start the script.

Next type Y to begin the script. Once the fix has run it will prompt you to restart your computer. Press any key to restart at this time. Your system will take longer that normal to restart as the fixtool will be running and removing files.

When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons.

Then open the C... Read more

Read other 1 answers
RELEVANCY SCORE 68

Hey guys,

I recently and stupidly opened up a folder entitled "photo album" through a conversation window in the Messenger.....as a result.. i got a virus which would then freeze the MSN and send out the virus files randomly to people
Whenever that happens, trojans would appear and I always have to run AVG - Free Antivirus and Ad-Aware to remove the trojans
these trojans include : BackDoor.Ircbot.BYF
" BYX

.....
ANY HELP FOR REMOVING THEM OR EVEN THE MAIN VIRUS?......help would be greatly greatly appreciated
 

Read other answers
RELEVANCY SCORE 68

I recently accepted a zip file from a friend named 'photo album'. I extracted it and ran the file inside it. Very dumb i know.

Know I have some type of virus on my computer.

When in action it opens and closes WLM windows repetitively (presumably sending the virus in the same way as I received it). Alas, it's happened to quite a few people independent of the apparent chain I'd got myself into, so I assume it's more widespread than I thought.

Can anyone facilitate in helping me remove this Trojan or take appropriate action please?
 

Read other answers
RELEVANCY SCORE 68

Hello,

The name is Michael and I'm here because I'm having trouble with Windows live messenger. I'm actually working on a friend's computer right now; I received a familiar message saying, "hey look at this pic!!" or something like that from her computer, and so I've let her know that shes got a virus. I have her computer for a few days to try to help her out.

Anyway, I've followed the above instructions and here are the files from DSS:

Deckard's System Scanner v20071014.68
Run by Queen layla on 2008-04-10 17:08:53
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
19: 2008-04-11 02:36:52 UTC - RP246 - Installed SUPERAntiSpyware Free Edition
18: 2008-04-10 19:42:02 UTC - RP245 - Windows Update
17: 2008-04-10 19:22:09 UTC - RP244 - Windows Update
16: 2008-04-09 08:20:01 UTC - RP243 - Scheduled Checkpoint
15: 2008-04-07 19:52:05 UTC - RP242 - Windows Update


-- First Restore Point --
1: 2008-03-13 13:01:20 UTC - RP228 - Windows Update


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 958 MiB (1024 MiB recommended).


-- HijackThis (run as Queen layla.exe) -----------------------------------------

Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-04-10 17:13:53... Read more

A:Windows Live Messenger virus

Biddy biddy Bump bump please.

Read other 4 answers
RELEVANCY SCORE 68

Hi, I have been having a problem with my computer.

I accidentally opened a file from a friend that I believe was a compressed zip file and it said that I was gonna open some picture of some sort.

As it is, I opened it and it happened to be a virus and now it continuously sends it to everyone on my messenger contact list.

I looked at some of the other threads on this website and tried some of the methods but nothing seemed to work, so I decided to add my problem personally.

I am with Windows XP, and I have the Windows Live Onecare virus program.
I should also add that when i did a virus scan, it showed up that the unwanted software "Backdoor:Win32/Sdbot.gen!A" was quarantined, however, the problems i am experiencing are not stoping.

Please help me....
 

A:Windows live messenger virus!!!

* Click here to download HJTsetup.exe.
Save HJTsetup.exe to your desktop.

Double click on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This.
Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch Hijack This.
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
 

Read other 1 answers
RELEVANCY SCORE 68

my friend received an IM from someone on her contact list with the msg that went something like.

hey is this your display pic...... (a link was here with her email add)

and she went to click it, on my laptop. -___- so now whenever i use messenger for a few mins, a conversation window opens and flickers in and out. and then my messenger hangs.

arghh it's seriously getting on my last nerve, i have a ton of assignments due and msn is the only way my team members and i can send each other files.

A:Windows Messenger Live Virus

Hello and welcome. Lets start with what is your OS (XP)?What Antivirus and spyware tools do you haveon hand.Have you run a scan from Safe Mode?How to start Windows in Safe Mode

Read other 7 answers
RELEVANCY SCORE 68

Hi,

People on my windows live messenger contact list have been complaining that the y have been getting messages from me displaying links to sites such as freeoffersforyou dotcom. I havent sent these messages and i think i have some sort of virus because when it does it, it allso logs me out of messenger. It also send this message to people in my contact list when I'm offline. I have enclosed the log from the panda scan and the hijack this log. Any help will be greatly appreciated

Cheers
Macca

ActiveScan.txt

Incident Status Location

Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Home Laptop\Cookies\home [email protected][1].txt
Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Home Laptop\Cookies\home [email protected][2].txt
Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Home Laptop\Cookies\home [email protected][2].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Home Laptop\Cookies\home [email protected][2].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Home Laptop\Cookies\home [email protected][1].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Home Laptop\Cookies\home [email protected][1].txt
Spyware:Spyware/Vundo Not disinfected C:\Program Files\TrojanHunter 4.7\Quarantine\5R526e.dat
Virus:Trj/Downloader.OZB Disinfected C:\Program Files\TrojanHunter 4.7\Quarantine\9Kv8Tz.dat
Virus:Trj/Downloader.OZ... Read more

A:Windows Live Messenger Virus

Read other 14 answers
RELEVANCY SCORE 68

my contacts within live messenger receive a message from me directing them to a web link ( haha see your photos on myspace etc)
Here is my hjt log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:25:16, on 07/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Nuance\PDF Professional 5\PdfPro5Hook.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Visagesoft\eXPert PDF 6\vspdfprsrv.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\TomTom HOME 2\TomTomHOME... Read more

Read other answers
RELEVANCY SCORE 68

So it was a normal night, and one of my contacts gave me a random message. He then sent me more and more of the same message. The message was:

So i thought it was some pic, and out of curiosity clicked on it. Then there was nothing but a blank page and a message that said "Do you wish to download this file?" (I was using Google Chrome), so I clicked yes. And then some random .exe file opened up and noth ing really happened after that.

Now, when I go on msn, i automatically spam all my contacts with the "is this you?? thing. My friend said it was a bot virus and he cant stop it himself. Now, i spam people without noticing it, my computer is much slower than usual, and when I play games or full-screen applications, it just automatically minimizes every 5 seconds.

Please Help!!!
 

Read other answers
RELEVANCY SCORE 68

Hi =]
I've messed up my Windows Live Messenger. I got a link from a contact saying something about a photo, and even though i knew not to click it, i did. Curiosity killed the cat. I can't remember the name of the file that came up, but i'm pretty sure it was an MSDOS application.
After i clicked it, it sent the same link to my online contacts, and i uninstalled WLM, thinking that'd fix it. Restarted my system, and downloaded it again, but it won't install. I get the error:

"There was a problem with this installation. Windows Live Suite was not installed.

System error details
Code: 0x80070643
Description: Fatal error during installation"

I downloaded WLM from the official site and i can't find anywhere else to download it from.

Please help, this is driving me mad (even though it's my own fault =[ )
Thank you!
 

A:Windows Live Messenger Virus

I ran HJT and this is what i got. I thought i'd just add as well that since i've done this, my desktop icons and start bar often dissapear, and i've had a lot more popups; most for antivirus things, but also for banks and other things.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:55:21, on 28/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Fil... Read more

Read other 2 answers
RELEVANCY SCORE 68

I had the "windows live messenger" photo virus cleaned. But my contacts still recieve messages with links to a site with my "windows messenger" nick even when my pc is switched off!!

could it be because my password is saved on some other computer?
wat the hell do i do?
 

A:windows live messenger virus

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:53:00 PM, on 3/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.e... Read more

Read other 1 answers
RELEVANCY SCORE 68

hey,

i do not know anything what so ever about computers etc and i'm sorry if this is the wrong place to come with this issue.

but a few days back my wee sister was on windows live messenger when someone sent her a file saying "i dyed my hair, is this to dark" and there was a "picture" attached. there are a few of these going round, including "i found teh perfect house, look at the garden" and "look at this sunset, wish i was there". everytime on windows messenger now, it sends this file to different contacts even when it says i'm offline.

anywho, i ran some anti-virus programmes and thet didn't seem to pick anything up. they i ran kaspersky and that picked up 2 problems. it deleted one, but the other it doesn;t seem able too. its called "windows\system32\ftkj.exe" i don't know if thats right, its what it says. i really am confused.

i really am sorry it that doesn't make sense, but if you can, please help

A:windows live messenger virus

Click the 5 Steps to Remove Spyware link in my signature below and follow the directions. The 5 Steps will direct you to run multiple online virus scanners to attempt to remove the problem. Step 5 will direct you to post a HijackThis log in the HijackThis Forum Section (not in the XP section) so the HJT analysts can look it over and help you manually remove any threats. Be patient, as the HJT analysts are busy, but they should get to you shortly after you post.

BMR777

Read other 2 answers
RELEVANCY SCORE 68

Yes, I was stupid and I clicked a link sent to me through msn before asking what it was.

The exact words sent from one of my contact's user said:

this really looks like you :S http://photoshare.ph.funpic.de/viewimage.php?=

with my email address after the =

After clicking this link, It opened a file, and then started sending all of my contacts the same message, with my email address replaced by theirs.

I sent a message to them all telling them not to open the link, as it was a virus, and then closed messenger.

After brief checks on google, it looks like this could potentially be quite a bad virus, I haven't had any problems yet other than my messenger sending that link onto all my contacts, but I imagine they will come if I don't do something about it first!

Please help and tell me what to do!

I am running Windows Vista home premium on an advent laptop.

Thankyou in advance.

Nicky.
 

Read other answers
RELEVANCY SCORE 68

Hi guys i have a link virus in my windowa live messenger account. It keeps disconnecting me from msn saying my computer is being used in another location, it adds porno images to my display picture and it keeps sending links to my contacts like: watch my cam at http://www.reddit.com/xxxxx

tried

msn virus remover
spybot search & destroy (safe mode without network)
super anti spyware (safe mode without network)
malware bytes (safe mode without network)
it looks like as if a bot took over of my account. how can i remove this annoying virus?

any help would be appreciated

thanks in advance

Read other answers
RELEVANCY SCORE 68

Hello people who manage this site. I've got this irritating problem in my PC. It all started when a friend of mine unkowingly gave me a file over the msn. The message first said something like "Is this picture tooo sexy to put on Photobucket?" or "I think this picture is terrible but my friends on myspace wants to see it". It was a zip file call "image14.zip" when I downloaded it, there was no pictures except this program that had something to do with MS-DOS. I have forgotten the name of that program because once i clicked on it, my computer went haywire so i deleted it ASAP. When I try to talk with my friends over msn, sometimes msn freezes and started sending random messages that I didn't even type. Similar to the ones above. I checked the Conversation history and relised my computer was trying send the same file "image14.zip" to my contacts but it failed to do so. Now yesterday after i restarted my computer, my computer randomly reboots after 10min. But now it doesn't do that anymore....for now. I scanned the computer with Norton-Anti Virus and Spyware Docter (all up to date) like several times BUT IT COULDN'T DETECT A THING!!! . I know there is a series viruses in here even now when my computer is working fine.

Plz help ASAP.
 

Read other answers
RELEVANCY SCORE 68

Hi, i was in a chat box yesterday and my friend said "hey look at my photo album" and i extracted the file, only to find out its a virius

my norton antivirius doesnt read it being on the pc but i know its there because it keeps making my wlm crash and sends the message to all my online contacts

can you help please?
 

Read other answers
RELEVANCY SCORE 68

Hey, I got the same imagexx.zip virus trojan thing that other people on this forum have been getting. My hijackthis log is below.

-------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 9:04:41 PM, on 29/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\nvbsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Ahead\Ahead\data\Xtras\mssysmgr.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\iPod\bin\iPodService.exe
C:\... Read more

Read other answers
RELEVANCY SCORE 68

The other day I was sent a link by my friend's msn. Not thinking. I went ahead and clicked on it.
I now have an msn virus. I sign in, talk to people for a minute or so, then it starts sending my contacts the same link. My screen freezes, I undo that, but by the time I do, I can no longer start conversations with anyone. I must sign out, and do the whole thing all over again.
I have searched countless forums in order to find out how to get rid of this annoying thing, yet I cannot find an answer. I am ok with computers, but some of the things people are saying are just too confusing for me. I can't figure out where to go on my computer to find a file (if there even is one) to delete.
I don't know the name of the file I clicked on either.
I don't know what to do.
I have tried re-installing messenger, software removal things, anti virus scanners. You name it. It's probably very simple to get rid of, well, I hope so anyway.
Could someone please tell me how to get rid of it, but in a way that I will understand!
 

A:Windows Live Messenger Virus

Hi, Welcome to TechGuy.org!

You are sure you have malware so you must post your thread in our Malware Removal forum....I can assist you with doing that.

First, those who can help you need you to post a Hijackthis log as a start. We use that tool to give a general idea of the system plus it does show some of the malware. You are also asked to post a second log from Hijackthis to show the list of installed software.

If you suspect you have any malware, I suggest you post a Hijackthis log in our Malware Removal forum
go to Click here to download HJTinstall.exe
Click the blue "Download the Hijackthis Installer" link
Save HJTinstall.exe to your desktop. DO NOT just press run from the website
Double click on the HJTinstall.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This.
Continue to click Next in the setup dialogue boxes until you get to the Select Additional Tasks dialogue.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch Hijack This.
Click on the Do a system scan and save a log file button. It will scan and then save the log and then the log will open in Notepad.
Don't use the Analyse This button, its findings are dangerous if misinterpreted
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Paste the log in your next reply.
... Read more

Read other 1 answers
RELEVANCY SCORE 68

Hi
Yesterday I recieved a message from a friend with a link about something to do with a photo of me, it had my email address in the link and as it came from a good friend, I stupidly clicked on it.
Ever since it has sent the same message to all my friends on messenger, and it has caused messenger to close down all the time and flicker conversation windows on and off all the time!
Im not very computer literate, (i know the basics) so I would really appreciate some help on this!
I ran my windows system scan, and it didnt seem to find anything, yet I suspect after reading other threads it is somehow still on my computer!
Any help would be gratefully appreciated, im starting to panic now!
Kind Regards!
 

Read other answers
RELEVANCY SCORE 68

Hello.

I recently accepted a zip file from a friend named 'photo album'. I extracted it and ran the file inside it (in hindsight this was a bit stupid).

So it would appear I have some sort of Trojan on my computer.

When in action it opens and closes WLM windows repetitively (presumably sending the virus in the same way as I received it). Alas, it's happened to quite a few people independent of the apparent chain I'd got myself into, so I assume it's more widespread than I thought.

Can anyone facilitate in helping me remove this Trojan or take appropriate action?
 

A:Windows Live Messenger Virus

Read other 11 answers
RELEVANCY SCORE 68

A few days ago, I got a message from a friend on Windows Live Messenger that said "is that u babe!??" This was from a person who was prone to saying stupid things like this and sending me links, so I didn't think much of it and stupidly clicked the link, which was something containing the words "facebook" and my email address used for MSN (I can post the full link if anyone asks, however until then I will refrain from doing so). It downloaded a very suspicious .exe file that my computer recognized as a .jpg. I scanned it with several virus scanners, none of which found anything, and I deleted it.
The next day, Windows Live Messenger was running in the background (I was playing Final Fantasy XI) and appeared to open and close itself without me signing out. Shortly after, I got a message from a friend saying my account sent her a virus, one of her active protection softwares caught it before it did her any harm.
After some research I found a few additional couple scanners (and this site) that people have used to get rid of previous windows live messenger viruses, but so far I have had no luck removing it. I have used AVG, SuperAntiSpyware (recommended for a previous virus), and a few others (a couple from TrendMicro)...I made MSN instant messenger stop loading on boot, and after rebooting, as my settings and programs loaded, Windows stopped a file named mstcm32.exe from executing, it asked me if I wanted to, and I clicked no, this has never happened be... Read more

Read other answers
RELEVANCY SCORE 68

My brother recently clicked on a file that someone sent to him in a message, now every time that i start up my windows live it does the same thing. Can someone please help me with what they know.
Thank You,
Jerry

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:45:34 PM, on 1/16/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\zHotkey.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.e... Read more

A:Need Help Windows Live Messenger Virus

Delete any existing version of ComboFix you have sitting on your desktop

Download ComboFix from Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
--------------------------------------------------------------------
1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results"
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
Remember to re enable the protection again afterwards before connecting to the net
--------------------------------------------------------------------
2. Close any open browsers and make sure you are disconnected from the net. Unplug the cable if need be before running combofix.

WARNING: IF you have not already done so Combofix will disconnect your machine from the Internet when it starts
Please do not re-connect your machine back to the Internet until Combofix has completely finished.
If there is no internet connection when Combofix has completely finished then restart your computer to re... Read more

Read other 3 answers
RELEVANCY SCORE 68

Hi,

I just had a message from a contact saying something like

"Can I put this picture of you in my album"

There was a link which i clicked and downloaded a zip file, which i stupidly unzipped & run.
My PC seems ok at the moment, i have shut down MSN and am running a virus check.

Are there any fixes that I will need to install to clear this??

Cheers
 

A:Windows Live Messenger Virus !!!

Click here to download HJTsetup.exe.

Save HJTsetup.exe to your desktop.
Double click on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This.
Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch Hijack This.
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

Note: During this process, it would help a great deal and be very much appreciated if you would refrain from installing any new software or hardware on this machine, unless absolutely necessary, until the clean up process is finished as it makes our job more tedious, with additional new files that may have to be researched, which is very time consuming.

Also, please do not run any security programs or fixes on your own as doing so may compromise what we will be doing. It is important that you wait for instructions.
 

Read other 1 answers
RELEVANCY SCORE 68

Hello guys, the last few days my inbox has received several emails that indicate undeliverable mail sent from my computer. I assume there are many more that are getting through to someone. The email contains two attachments. One is a file ATT00553.dat (219 bytes) (not the same series of numbers each time) and another file that says "longino calabrese wants to be your friend on Windows Live (2.66 KB)"

Can you help?

Thank you.
 

A:Windows live Messenger Virus

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:48:26 PM, on 10/02/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\COGECO Security Services\Anti-Virus\fsgk32st.exe
C:\Program Files\COGECO Security Services\Common\FSMA32.EXE
C:\Program Files\COGECO Security Services\Anti-Virus\FSGK32.EXE
C:\Program Files\COGECO Security Services\Common\FSHDLL32.EXE
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe
C:\Program Files\Zune\ZuneBusEnum.exe
C:\Program Files\COGECO Security Services\FWES\Program\fsdfwd.exe
C:\Program Files\COGECO Security Services\Anti-Virus\fssm32.exe
C:\Program Files\COGECO Security Services\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\LOGI_MWX.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Analog Devices\Core\smax4p... Read more

Read other 1 answers
RELEVANCY SCORE 68

My son clicked on a link he thought a friend sent him while chatting. Now his Windows Live Messenger sends bad stuff to everyone online in his contacts list if he starts Windows Live Messenger.

I would be very greatful if I could get some help resolving this.

Best regards,
Tomas


Here's the DDS log:

DDS (Ver_09-01-19.01) - NTFSx86
Run by Per Andr?asson at 14:32:24.42 on 2009-01-31
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1024.617 [GMT 1:00]

AV: avast! antivirus 4.7.942 [VPS 000742-0] *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\system32\winIogon.exe
C:\WINDOWS\fxstaller.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\yqqhsl.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Windows... Read more

A:Windows Live Messenger - Virus

BUMP, please

Read other 10 answers
RELEVANCY SCORE 68

Hello everyone,

Be gentle as i am not very technical with computer jargon,
my problem is that whilst my daughter was on wlm with her friends a link appeared and she clicked on it opening a blank web page and then asking to run a program(dont know what it was) ,since then wlm closes her conversations and wont let her continue unless she logs out and back in again,it also seems it starts sending this link to other people in her contacts,i know this because i was trying to set up a web cam using my laptop and i recieved the link whilst she was on the pc,the link was foto foto-img.com/image.php followed by her email address. i have ran mcafee and spybot but both found nothing.
any help would be very much appreciated.

thanks
mintsauce
 

Read other answers
RELEVANCY SCORE 68

Hi everybody!
first of all, this is my first time around, so a nice welcome couldn't harm anyone...
anyhow, i'm pretty sure you've got this problem before, but i would like to resolve it if you have done so.
so, you know the story: i get this message with a zip file attachment saying "facebook.zip" and i downloaded it and virus scaned it with Kaspersky Anti-Virus and nothing wrong came up. i also scaned the file itself and nothing came up.
but then i opened it and it started spreading around my messenger and sending the same file to everybody and got my computer stuck several times (didn't need to reboot).
later on i've checked up with the web, and i've scanned it with ad-aware and with spybot.
i've deleted all of the threats, BUT NOTHING HELPS!!!

in short, please help me get this over with. even if i need to hijack it and all, i just want it removed.
please help me! i'm desperate!

ArmyMan007

Cuz you can't beat the best...

 

A:Windows Live Messenger pic virus

Read other 9 answers