Over 1 million tech questions and answers.

Windows Live Messenger Virus Problems

Q: Windows Live Messenger Virus Problems

I somehow got a virus/worm/thing related to my Windows Live account. Whenever I would log in, I would send a message with a link to all online contacts (the message being "HOT! HOT! www.isexsexsex.com" or something close to that). I would also spam any contacts of mine that came online while I was. I personally couldn't see the message going out, and I was not logged out of my account. I spent half a day trying to get rid of this dang thing before finally giving up. I first changed my password and security question, but that didn't work. Then I went and downloaded and updated every antivirus/antispyware program I could think of (Malwarebytes, Spybot S&D, Crap Cleaner, Glary Utilities, AVG). After everything was fully updated, I disconnected my computer from the internet and ran scans from all of the above mentioned programs. While the scans were going on, I went on to a completely different computer and changed my passwords to all my important web accounts, then changed my Windows Live account password and security question to a completely different password from the rest. After all the scans on the infected computer were completed and everything they found cleaned up, I uninstalled Windows Live completely, then installed it again fresh. I then reconnected to the internet, and tried signing into Windows Live. Same thing happened, I was still spamming people. I then proceeded to go and manually check all my running processes, and they were all legit and clean. At that point I just got fed up and uninstalled Windows Live again, and I haven't installed it since then. I'm told that the only thing left now to get rid of it is a reformat, but I really don't want to have to do that. Is there anything else I can do that I missed? Also, am I freaking out over nothing? I'm afraid that whatever this is that has infected my account can also collect passwords and other personal information from my computer.Forgot to mention, I'm running Windows XP Professional, and was using the latest version of Windows Live Messenger.

RELEVANCY SCORE 200
Preferred Solution: Windows Live Messenger Virus Problems

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Windows Live Messenger Virus Problems

Hi Legile Blade,Before thinking of a reformat, there are still a few steps that can be taken. I want to ask you to do two scans and post me the results. If you did scans with these programs already, please let me know. Did you update the programs you mention in your post you used to scan?Before we start fixing anything you should print out these instructions or copy them to a NotePad file so they will be accessible. Some steps will require you to disconnect from the Internet or use Safe Mode and you will not have access to this page.ATF-CLEANER------------------Please download ATF Cleaner by Atribune. (This program is for XP and Windows 2000 only)Double-click ATF-Cleaner.exe to run the program.Under Main "Select Files to Delete" choose: Select All.Click the Empty Selected button.If you use Firefox browserClick Firefox at the top and choose: Select AllClick the Empty Selected button.NOTE: If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browserClick Opera at the top and choose: Select AllClick the Empty Selected button.NOTE: If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.For Technical Support, double-click the e-mail address located at the bottom of each menu.Please download SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)In the Main Menu, click the Preferences... button.Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program.Do not run a scan just yet.Please download Dr.Web CureIt and save it to your desktop. DO NOT perform a scan yet.alternate download linkNote: The file will be randomly named (i.e. 5mkuvc4z.exe).. Do NOT run a scan yet.Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in Safe Mode.SUPERANTISPYWARE------------------------------Scan with SUPERAntiSpyware as follows:Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.On the left, make sure you check C:\Fixed Drive.On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".Make sure everything has a checkmark next to it and click "Next".A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.If asked if you want to reboot, click "Yes" and reboot normally.To retrieve the removal information after reboot, launch SUPERAntispyware again.Click Preferences, then click the Statistics/Logs tab.Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.Please copy and paste the Scan Log results in your next reply.Click Close to exit the program.DR. WEB CUREIT----------------------Scan with Dr.Web CureIt as follows:Double-click on the randomly named file to open the program and click Start. (There is no need to update if you just downloaded the most current versionRead the Virus check by DrWeb scanner prompt and click Ok where asked to Start scan now? Allow the setup.exe to load if asked by any of your security programs.The Express scan will automatically begin.
(This is a short scan of files currently running in memory, boot sectors, and targeted folders).If prompted to dowload the Full version Free Trial, ignore and click the X to close the window.If an infected object is found, you will be prompted to move anything that cannot be cured. Click Yes to All. (This will move any detected files to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if they can't be cured)After the Express Scan is finished, put a check next to Complete scan to scan all local disks and removable media.In the top menu, click Settings > Change settings, and uncheck "Heuristic analysis" under the "Scanning" tab, then click Apply, Ok.Back at the main window, click the green arrow "Start Scanning" button on the right under the Dr.Web logo.Please be patient as this scan could take a long time to complete.When the scan has finished, a message will be displayed at the bottom indicating if any viruses were found.Click Select All, then choose Cure > Move incurable.In the top menu, click file and choose save report list.Save the DrWeb.csv report to your desktop.Exit Dr.Web Cureit when done.Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)

Read other 1 answers
RELEVANCY SCORE 74

Hi, I stupidly clicked on one of the link a friend sent me through msn.
The link derected me to this website and asked me to log in, since then my messenger logs off on its own with a notice saying that i've loged off to another device and sent ppl in my contact list this link: hxxp://thatzz.awesomeofferz.com

i've tried to scan the my computer with AVG-free and it did not help at all. Also try one of the software msn virus removal, and the software couldnt find any malfunction.

Could someone help me please.... Many many thanks

Here's the DDS.txt log:

DDS (Ver_09-01-07.01) - NTFSx86
Run by Cindy at 7:21:59.09 on 12/01/2009
Internet Explorer: 7.0.6001.18000
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.65.1033.18.3068.1761 [GMT -8:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\rundll32.exe
C:\Windows\system32\WLANExt.exe
C:\Wi... Read more

Read other answers
RELEVANCY SCORE 68

Hey there!

I've been having problems with WLM 9.0 (14.0.8064.0206, 14.0.8050.1202). WLM Keeps popping up from the taskbarn everytime I minimize Firefox. When I minimize other windows or applications, WLM keeps it's position in the taskbar like it should.

So there's some kind of problem between WLM and Firefox, but what the problem is, I dont know.

Any thoughts?

A:Problems with Windows Live Messenger 9.0.

Hi,

I have W7 beta 7000, WLM9 and FF latest version and have not noticed this behaviour. Which W7 beta do you use?

Read other 6 answers
RELEVANCY SCORE 68

I cannot see the bar on my windows live messenger Version 9 that tells me who I am talking to in my tabbed chats! It is realy annoying me because I can only talk to one person at a time! What can I do!

A:Windows Live Messenger Problems!

uninstall and reinstall new copy

Read other 1 answers
RELEVANCY SCORE 68

Hi guys, hoping you will be able to help me out with my Windows Live Messenger, Microsoft forced all users to update to this new version, great, well not really for a lot of people, like me :S, I am now receiving error 80040154, I have tried EVERYTHING that I can find to try and fix it with no luck. Internet connection is fine, firewall is set up correct, and so is everything else, I can't find where this error is and nor can I fix it, all help would be appreciated.

Thanks in advance, Jake.
 

A:Windows Live Messenger Problems

Read other 8 answers
RELEVANCY SCORE 68

I am having problems with Windows Live Messenger, I have windows Vista, could this be the problem? When I try to sign in, the message either says that my "IP Address is not correct" or that WLM is temporarily unavailable. I have uninstalled, and installed a couple of times, nothing is working. I have tried everything that the messenger help service advises.....NOTHING IS WORKING!!
Can anyone help with what to do.....or is there another messenger service I could use instead?
 

Read other answers
RELEVANCY SCORE 68

Hey guys, I'm really stuck.

I've just downloaded Windows Live Messenger and I can't get it to sign me in.
Every time I click the Sign In button, it pauses for a few seconds and then a box comes up saying:

"Signing in to Windows Live Messenger failed because the service it temporarily unavailable. Error code: 800401f3".

I've been trying to sort out the connections but I have no idea what I'm doing, any help would be muchly appreciated.

Cheers.

 

A:Windows Live Messenger problems

click on the drop down bar and go to tools---->options then select the network tab and try the connection tests and such. Also try advanced connection and let me whats in there if anything.
 

Read other 2 answers
RELEVANCY SCORE 68

The program is not sending the mails.

A:Problems with Windows Live Messenger

Hello,

Is it possible a firewall is blocking it? Try disabling any anti-virus/firewalls you might have.

You can also try removing the program and reinstalling.

Read other 5 answers
RELEVANCY SCORE 68

Okay, so a few days ago I updated my Windows Essentials and it updated my messenger to 2011. I did not like that version, so I uninstalled it from my laptop. Then I installed an the old version I liked, (or I think I did.)
Anyways, the problem is with my cam.
As you can see, it says "Start or stop a video call" It did not say that before. It used to say " Invite contact to send cam" or " Send your cam". Now it only says "Start or stop video call"
Does anyone know how to fix this and make back to what it said before? I really need it back to that way. Or is there a version of messenger that has it that way? All help is appreciated. Thank you very much.

A:Windows Live Messenger problems

Well, an update, I asked some friends and this is what happened.

This one can see the old version options.
But this friend says that "start or stop video call" is given to him for all his contacts.
But at the same time, this friend said that the option "start or stop video call" is only given to me. To the rest of her contact list, its a normal "send cam" or "start or stop contact's cam"
Is there any way to configure my settings on messenger to show the option "send my cam" or "start or stop contact's cam" instead of "start or stop video call" ??
I would really really appreciate any help on this. Please. All ideas are welcome. I really need the help. PLEASE.

Read other 1 answers
RELEVANCY SCORE 68

Hi, I have being getting the error since this afternoon now
i have also search tru and read tru many website regarding the error 81000306

Well the Windows Live Messenger works fine earlier this morning while during the noon, me and my housemate changed the ISP since we have being using our friend's internet
And since we have our own ISP now, we switched the router and start using the internet
All works fine accept i cannot access into windows live messenger.
the thing says that It is not connect to .Net Messenger Services.

Runned all the rgsrv32 dll files, cleared the Socks, Flushed the DNS but none ever work.

It is still the same router tho Linksys that the MSN actually work before the switch of ISP
so either there's something wrong with the ISP or there's something that i need to configure.

Any Ideas where i Should start and do?
Thanks in Advances, much is appreciated and if you live in Asia, i'll buy you some beer.

[edit] i'd just noticed that i cant actualyl access into my hotmail accounts nor can i actualyl post anything at certain forum nor does certain microsoft website works, such as entries of windows and stuff

it would only show blank page after i post or login which basically i got nothing

wait maybe it work from which the problem may lies to the internet making most of the page load into blanks
 

A:Problems for Windows Live Messenger

Several current threads on TechSpot about this issue. Please search for information that will help you. If you do not find it from existing threads, please advise.

EDIT: Here's one: http://www.techspot.com/vb/topic125191.html
 

Read other 2 answers
RELEVANCY SCORE 68

I downloaded the newer version of windows live messenger, I had to update it because I could not log in. After updating to the 2009 version I signed in and I lost all of my contacts they are all missing . I then up graded by IE to IE8 thinking this was the problem. Well it didn't work. I checked all of my options out and they were what the shoud be. I went to the connections part of the program and noticed that there was and error in my connection I refreshed it and it is still there. I can't use the diagnose connection problems because I don't have access to it. I have removed the program and then reinstalled it and still nothing. I can't send out invitations to invite my old contacts. One of them sent me an IM and the program froze up my cursor had the hour glass beside it and stayed that way for a long time. I then exited the program and it said it was not responding. Can anyone help me. I am running Windows XP. Thanks in advance,
Computernut

Read other answers
RELEVANCY SCORE 68

Ok, does this happen to anyone else?
You go to bed, things are working fine, but wake up and it is screwed up?
The midnite gremlins always seem to play havoc with me!
Now when I login to windows live messenger, I get the "so and so wants to add you to their list" box for anyone and everyone who has ever been on my list or in my contact list. I am talking a hundred or more of these boxes I have to manually cancel!

This happened at work, but my home computer was ok.
Now it does it at home, but my new work computer doesn't do it

What is up with messenger?

If you say uninstall and reinstall, how does one save all the custom emoticons? And I did this at my first work computer and it made no difference! You would think that your profile and setup would be the same on any computer but with this it isn't, why not?

Anyone got an idea??????

[email protected] me if u want

Also, does xp have a fix or repair section where it will diagnosis itself and little things will be repaired-such as selective password rememberance, IE7 stuff?

Read other answers
RELEVANCY SCORE 68

Ok, so I recently had my ISP changed, and all of a sudden I couldn't get webcams to work on windows live messenger. No one's cams worked, not mine, not my friends, no one.
I called my ISP and they said it wasn't them, I reinstalled messenger, I've had no luck.
I can still make video calls but they're slow and pixelated.
What can I do?????
 

A:Windows Live Messenger Cam Problems

check internet speed what was you on before changing?

http://www.speedtest.net/
 

Read other 1 answers
RELEVANCY SCORE 68

Hello,

When I try to Log in to my MSN IM, it just freezes and stays frozen till I restart my computer and then it freezes again. I try to you Ctrl+Alt+Del, but it won't load it. Thanks

Corey
 

Read other answers
RELEVANCY SCORE 68

Hi, new here. Sorry if this is the wrong forum, please move to appropriate one, thanks. :)

Basically I'm on Windows Vista 64-bit, loads of problems with Windows Live. I've always been using old msn, but I accidently now can't go back to it. So I've been struggling for hours trying to sort this, unless I'm doing something wrong, possibly.

Anywho the error is I sign in and straight away (1-5 secs) I get 'Windows Live Messenger has stopped working'. After which the program closes.

After all the trouble and errors I can't get past this one, I'll be honest it is REALLY infuriating me at the moment.

Before hand I used to get an error that it couldn't log in and that there may have been something wrong with servers, or something. I ended the process of the Nvidia Network Access Controller to solve that, but I get this new error now.

Help, anyone?

Thanks in advance.

Sho

A:Windows Live messenger problems.

Hi -

Do you have an Internet Security package installed - Norton NIS, N360; Kaspersky, McAfee, etc...?

jcgriff2

.

Read other 3 answers
RELEVANCY SCORE 68

Hi there. had some trouble with WLM, couldn't get signed in. that was resolved (thanks!) but I am having a new problem. I cannot connect to a contact with a gmail address. I added her, and she shows up in my contact list but only appears as offline. We were both on line, but she showed as offline. then it suddenly changed to Mobile, but I could still not connect and chat with her. Other contacts popped up as available and I could chat with them. Is it the gmail that is the problem?

any suggestions?
 

A:Windows live messenger problems

is she signing using a Google Talk or using MSN?? i dont know if it is possible to chat to Gmail users thru Google Talk.
The only way is if she registers her email with .NET Passport and signs in using WLM. did she do that already?
 

Read other 2 answers
RELEVANCY SCORE 68

With or without running Kaspersky antivirus trial i cannot access from my windows live messenger my hotmail account. It says something about java not installed or blocked.

I downloaded / updated Java from the Sun site and the old JSE enviroment like it says on your site was deleted . Now Messenger went haywire.

Please help!

first post original logs and problems with "My Computer":

http://www.techsupportforum.com/secu...-high-cpu.html

Thanks!

A:Windows Live Messenger Problems

Please be patient and wait for replies to your first HJT help thread - and do not create new threads to get attention.

Read other 1 answers
RELEVANCY SCORE 68

Hi all, Im hoping someone can help with the new windows live messenger which I have downloaded recently. I cant seem to access some of the content and am being given an error message of " your current security settings prohibit running ActiveX controls on this page. As a result, the page may not display correctly."

I have searched my security settings in IE and Mozilla firefox but it doesnt seem to make any difference.

Any help would be appreciated.......
 

A:windows live messenger problems

A few questions:

1) do you have any firewalls running? Some firewalls can be configured to block ActiveX content, as it a known route of infection.

2) Have you tried uninstalling, downloading a fresh copy, rebooting, and then re-installing. Sometimes this clears up "weird problems" with software.

This will help me and the rest of us see if we can't figure out the source of the problem.
 

Read other 1 answers
RELEVANCY SCORE 68

Hi, I have been having a problem with my computer.

I accidentally opened a file from a friend that I believe was a compressed zip file and it said that I was gonna open some picture of some sort.

As it is, I opened it and it happened to be a virus and now it continuously sends it to everyone on my messenger contact list.

I looked at some of the other threads on this website and tried some of the methods but nothing seemed to work, so I decided to add my problem personally.

I am with Windows XP, and I have the Windows Live Onecare virus program.
I should also add that when i did a virus scan, it showed up that the unwanted software "Backdoor:Win32/Sdbot.gen!A" was quarantined, however, the problems i am experiencing are not stoping.

Please help me....
 

A:Windows live messenger virus!!!

* Click here to download HJTsetup.exe.
Save HJTsetup.exe to your desktop.

Double click on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This.
Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch Hijack This.
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
 

Read other 1 answers
RELEVANCY SCORE 68

my contacts within live messenger receive a message from me directing them to a web link ( haha see your photos on myspace etc)
Here is my hjt log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:25:16, on 07/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Nuance\PDF Professional 5\PdfPro5Hook.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Visagesoft\eXPert PDF 6\vspdfprsrv.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\TomTom HOME 2\TomTomHOME... Read more

Read other answers
RELEVANCY SCORE 68

Hi I've just found this site and am desperate for some help. I looked at another thread and it was similar. Basically got a line in msn from someone and it said something about a pic, and there was a file attached (image25). I tried to open it, but it wouldn't, so I found a way to unblock it (stupid me!!!) even though i was feeling a little suspicious, I still did it. So when I did unzip the file and tried to open pic, nothing happened... well i thought nothing until the screen would start blinking and my online contacts would pop up for a second and it would send them a line about a pic... but no file. maybe cos i deleted the file. but it still is extremely annoying sending out messages and then freezing on me - i cant do anything with msn once it happens. i've downloaded the msncleaner 1.4.1 and deleted the files. here's the report.
- Logfile MSNCleaner 1.4.1 by www.forospyware.com
- Created Logfile: 10/1/2007 on 10:06:47 PM
- Operative System: Windows XP
- Boot mode: Safe mode
_________________________________________

Detected files: 6
Deleted file: 6
Undeleted Files: 0

C:\Documents and Settings\winxp\Local Settings\Temp\image08.zip <--- Deleted
C:\Documents and Settings\winxp\Local Settings\Temp\image09.zip <--- Deleted
C:\Documents and Settings\winxp\Local Settings\Temp\image25.zip <--- Deleted
C:\Documents and Settings\winxp\Local Settings\Temp\image41.zip <--- Deleted
C:\Documents and Settings\winxp\Local Settings\Temp\image50.zip &l... Read more

A:Windows Live Messenger - virus please help!

Click here to download HJTInstall.exe

Save HJTInstall.exe to your desktop.
Doubleclick on the HJTInstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\HijackThis .
Click on Install.
It will create a HijackThis icon on the desktop.
Once installed, it will launch Hijackthis.
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 only

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

Click Exit on the Main menu to close the program.

Download and scan with SUPERAntiSpyware Free for Home Users
Double-click SUPERAntiSpyware.exe and use the default settings for installation.
An icon will be created on your desktop. Double-click that icon to launch the program.
If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
Under "Configuration and P... Read more

Read other 1 answers
RELEVANCY SCORE 68

Hi you all. I've been downloading some things yesterday and now other people in my msn list have told me, that I've got a Windows Live Messenger Virus. It sends things to other people in my contact list like this:

www. PhotoShotz. com

HAHAHA!

But then a little bit different ofcourse. Now I've got some questions.

1. I've scanned my whole computer, including USB stick and other attached hardware. I've scanned with AVG 8.5 Free and with the Trial Version of Kaspersky (newest version). But they both haven't noticed the virus. Why?

2. Are AVG 8.5 Free and Kaspersky Trial Version enough to keep viruses away?

3. Well now, how can I delete the virus? I have no idea how to delete Windows Live Messenger, because it isn't in my 'Software' list. Or is it called 'Windows Live Essentials?' Is that WLM?

I've got some more questions, but I guess this is enough for now. THANKS ALOT, IN ADVANCE!
 

Read other answers
RELEVANCY SCORE 68

My son clicked on a link he thought a friend sent him while chatting. Now his Windows Live Messenger sends bad stuff to everyone online in his contacts list if he starts Windows Live Messenger.

I would be very greatful if I could get some help resolving this.

Best regards,
Tomas


Here's the DDS log:

DDS (Ver_09-01-19.01) - NTFSx86
Run by Per Andr?asson at 14:32:24.42 on 2009-01-31
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1024.617 [GMT 1:00]

AV: avast! antivirus 4.7.942 [VPS 000742-0] *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\system32\winIogon.exe
C:\WINDOWS\fxstaller.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\yqqhsl.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Windows... Read more

A:Windows Live Messenger - Virus

BUMP, please

Read other 10 answers
RELEVANCY SCORE 68

Last night, I was chatting to my friend on WLM, when she 'sent' me a message saying

"hey is it ok if i put these pics of you on my profile"

and it was accompanied by an 11kb file, which was called "Image11.zip"

I was foolish enough to accept, extract and run the file inside the .zip.

Now, I can't figure out how to get rid of it.

I've run Ad-Aware and AVG. AVG picked up nothing, Ad-Aware picked up somethings but its still there.

It makes all my contacts pop up on the screen for a second and then go away, so I think it's trying to send the virus to them too.

Does anyone know what to do?

I need help!!!

PLEASE!!
 

A:Windows Live Messenger virus

Hi and welcome

* Click here to download HJTsetup.exe.
Save HJTsetup.exe to your desktop.

Double click on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This.
Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch Hijack This.
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
 

Read other 1 answers
RELEVANCY SCORE 68

Hi, I keep getting messages on Windows Live Messenger supposedly from people on my contact list that say stuff about them trying acai berries to help lose weight and they think I should try them. Weird messages like that, and it will give a link to a website that says I should click on for more information. I've never clicked on the links and my friend said she never sent those messages to me. Is this a virus or something? And how to I make it stop? Thanks for your help!

A:Windows Live Messenger virus?

Hello, the first thin we should do is run MBAM (MalwareBytes):Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be... Read more

Read other 1 answers
RELEVANCY SCORE 68

hey there...
i got infected with this virus on WLM.. I got a link from a friend (while talking with him):
http://lmageshack.org/img/imgzwo.jpg

since then my WLM keeps sending these links to my contacts in middle of conversations like crazy...

my NOD didn't find anything..

pls help me.. i'll be so greatful!!
tnx
 

A:windows live messenger virus :[

i don't want to be annoying, but pls help me! I cant get read of the virus, and cant even do a system restore... pleaseeee help :[
 

Read other 1 answers
RELEVANCY SCORE 68

my friend received an IM from someone on her contact list with the msg that went something like.

hey is this your display pic...... (a link was here with her email add)

and she went to click it, on my laptop. -___- so now whenever i use messenger for a few mins, a conversation window opens and flickers in and out. and then my messenger hangs.

arghh it's seriously getting on my last nerve, i have a ton of assignments due and msn is the only way my team members and i can send each other files.

A:Windows Messenger Live Virus

Hello and welcome. Lets start with what is your OS (XP)?What Antivirus and spyware tools do you haveon hand.Have you run a scan from Safe Mode?How to start Windows in Safe Mode

Read other 7 answers
RELEVANCY SCORE 68

I think this virus was brought on a year ago or so. I log into my messenger, talk to my contacts, and then sooner or later, messages are being automatically sent to them. Then I cant even talk to them, and have to log out/sign back in to talk to them. They tell me that I sent them a picture or sumthin and that it contained a virus. I don't know how to fix this. Please help.
 

A:Windows Live Messenger Virus

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:20:50 AM, on 11/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Icons\SetIcon.exe
C:\WINDOWS\system32\mdesvc.exe... Read more

Read other 1 answers
RELEVANCY SCORE 68

Hello all,

I received a virus through Windows Live Messenger through one of my contacts that said: "jesus this picture really looks like you." and the conversation window had a file for download. Foolishly I downloaded the file and now not only do I have the virus, but my Messenger is sending out messages just like the one I opened. I am copying a log file from HJT. I hope this is the right thing to copy. Adaware, Spyware Doctor, and Norton Antivirus cant catch this thing. I appreciate any help on removing it.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:39:36 PM, on 12/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program... Read more

A:Windows Live Messenger Virus

Hello r.d.j.,

Welcome to TSG. Malware is showing there, so let's start some repairs now.

Be sure to temporarily disable any protective software when running the scan tools we use here. Very important. You will want to make a copy or have other access to these steps as they will be done without net access.

Open HijackThis, and choose None of the above, just start the program. Click Config Misc Tools Open process manager. From the list, click each of the following if it is present, and Kill Process. Close HijackThis.

C:\WINDOWS\system32\gwqx.exe
Download SDFix.exe and save it to your desktop.

Download ComboFix.exe from here to your desktop.

Now disable your net connection, and if dsl/cable physically disconnect the cable from the machine, if dial-up, the phone line.
===================================================
Reboot into Safe Mode (at startup tap the F8 key and select Safe Mode).
In Safe Mode, click the SDFix.exe and allow it to extract to it's own folder (C:\SDFix). Navigate to that folder and double click RunThis.bat to start the script.

Next type Y to begin the script. Once the fix has run it will prompt you to restart your computer. Press any key to restart at this time. Your system will take longer that normal to restart as the fixtool will be running and removing files.

When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons.

Then open the C... Read more

Read other 1 answers
RELEVANCY SCORE 68

Hi
Yesterday I recieved a message from a friend with a link about something to do with a photo of me, it had my email address in the link and as it came from a good friend, I stupidly clicked on it.
Ever since it has sent the same message to all my friends on messenger, and it has caused messenger to close down all the time and flicker conversation windows on and off all the time!
Im not very computer literate, (i know the basics) so I would really appreciate some help on this!
I ran my windows system scan, and it didnt seem to find anything, yet I suspect after reading other threads it is somehow still on my computer!
Any help would be gratefully appreciated, im starting to panic now!
Kind Regards!
 

Read other answers
RELEVANCY SCORE 68

Hi guys i have a link virus in my windowa live messenger account. It keeps disconnecting me from msn saying my computer is being used in another location, it adds porno images to my display picture and it keeps sending links to my contacts like: watch my cam at http://www.reddit.com/xxxxx

tried

msn virus remover
spybot search & destroy (safe mode without network)
super anti spyware (safe mode without network)
malware bytes (safe mode without network)
it looks like as if a bot took over of my account. how can i remove this annoying virus?

any help would be appreciated

thanks in advance

Read other answers
RELEVANCY SCORE 68

Hi, i was in a chat box yesterday and my friend said "hey look at my photo album" and i extracted the file, only to find out its a virius

my norton antivirius doesnt read it being on the pc but i know its there because it keeps making my wlm crash and sends the message to all my online contacts

can you help please?
 

Read other answers
RELEVANCY SCORE 68

A few days ago, I got a message from a friend on Windows Live Messenger that said "is that u babe!??" This was from a person who was prone to saying stupid things like this and sending me links, so I didn't think much of it and stupidly clicked the link, which was something containing the words "facebook" and my email address used for MSN (I can post the full link if anyone asks, however until then I will refrain from doing so). It downloaded a very suspicious .exe file that my computer recognized as a .jpg. I scanned it with several virus scanners, none of which found anything, and I deleted it.
The next day, Windows Live Messenger was running in the background (I was playing Final Fantasy XI) and appeared to open and close itself without me signing out. Shortly after, I got a message from a friend saying my account sent her a virus, one of her active protection softwares caught it before it did her any harm.
After some research I found a few additional couple scanners (and this site) that people have used to get rid of previous windows live messenger viruses, but so far I have had no luck removing it. I have used AVG, SuperAntiSpyware (recommended for a previous virus), and a few others (a couple from TrendMicro)...I made MSN instant messenger stop loading on boot, and after rebooting, as my settings and programs loaded, Windows stopped a file named mstcm32.exe from executing, it asked me if I wanted to, and I clicked no, this has never happened be... Read more

Read other answers
RELEVANCY SCORE 68

Hello,

I also stupidly clicked on the link sent to me by a friend and now I'm sending the same message to my contacts as well. I tried to look at the solutions offered to other people but I'm not sure if the same will apply to me, so here is my hijack-this log and also the combofix log. I have tried scanning with F-prot antivirus, spybot, and ad-aware (all defintions have been updated) and nothing has helped. I tried to uninstall and reinstall messenger, and now, several of my contacts have just blocked me so I'm sure that I still have a problem. Also, I'm using Windows XP, thank you in advance.

ComboFix 07-12-02.7 - njanevsk 2007-12-03 13:38:56.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.203 [GMT -5:00]
Running from: C:\Documents and Settings\njanevsk\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2007-11-03 to 2007-12-03 )))))))))))))))))))))))))))))))
.

2007-12-03 13:24 . 2007-12-03 13:29 <DIR> d-------- C:\Program Files\Windows Live
2007-11-30 16:06 . 2007-11-30 16:06 <DIR> d-------- C:\Documents and Settings\njanevsk\Application Data\Lavasoft
2007-11-30 16:05 . 2007-11-30 16:05 <DIR> d-------- C:\Program Files\Lavasoft
2007-11-30 11:45 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-11-30 11:45 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-11-30 11:45 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS... Read more

A:Another Windows Live Messenger Virus

Read other 16 answers
RELEVANCY SCORE 68

I don't know what it is and I've been meaning to do something about it.

It usually sends it when I'm not online with a message that is rather vague in description and contains a link. The link takes the person to a page asking for the log on info.

There's also one that advertises some sort of drug that is either for weightloss or male enhancement (I haven't figured that one out, yet).

I'm tired of this and it has caused me to block one person, and be blocked by my mother of all people.

A:Windows Live Messenger Virus?

Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The... Read more

Read other 4 answers
RELEVANCY SCORE 68

I was having a conversation with a friend of mine when a IM came up from (what i though was) her, and it said something like "Is this picture of you? <link>" not knowing it was a virus, i clicked it, and seemed to spread to several people through me. I tried uninstalling, then re-installing messenger, but gave the same results.
Anyways, here's the Log...

Logfile of HijackThis v1.99.1
Scan saved at 4:15:50 PM, on 3/3/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\lxdjcoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
C:\WINDOWS\System32\PAStiSvc.ex... Read more

Read other answers
RELEVANCY SCORE 68

Hi,

People on my windows live messenger contact list have been complaining that the y have been getting messages from me displaying links to sites such as freeoffersforyou dotcom. I havent sent these messages and i think i have some sort of virus because when it does it, it allso logs me out of messenger. It also send this message to people in my contact list when I'm offline. I have enclosed the log from the panda scan and the hijack this log. Any help will be greatly appreciated

Cheers
Macca

ActiveScan.txt

Incident Status Location

Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Home Laptop\Cookies\home [email protected][1].txt
Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Home Laptop\Cookies\home [email protected][2].txt
Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Home Laptop\Cookies\home [email protected][2].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Home Laptop\Cookies\home [email protected][2].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Home Laptop\Cookies\home [email protected][1].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Home Laptop\Cookies\home [email protected][1].txt
Spyware:Spyware/Vundo Not disinfected C:\Program Files\TrojanHunter 4.7\Quarantine\5R526e.dat
Virus:Trj/Downloader.OZB Disinfected C:\Program Files\TrojanHunter 4.7\Quarantine\9Kv8Tz.dat
Virus:Trj/Downloader.OZ... Read more

A:Windows Live Messenger Virus

Read other 14 answers
RELEVANCY SCORE 68

I dont think I need to tell you what happened, as most likely you have already heard about this thing. Below is my Hijack this log, if there is anyone at all who can help I would really really appreciate it. I really do not want to re-build my PC, so this is my last hope. Thanks in advance!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:41:26 AM, on 1/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\lotus\notes\nslsvice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\lotus\notes\ntmulti.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\system32\ssisvr32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\logon.scr
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Lotus\Notes\NLNOTES.EXE
C:\Lotus\Notes\ntaskldr.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Searc... Read more

Read other answers
RELEVANCY SCORE 68

So it was a normal night, and one of my contacts gave me a random message. He then sent me more and more of the same message. The message was:

So i thought it was some pic, and out of curiosity clicked on it. Then there was nothing but a blank page and a message that said "Do you wish to download this file?" (I was using Google Chrome), so I clicked yes. And then some random .exe file opened up and noth ing really happened after that.

Now, when I go on msn, i automatically spam all my contacts with the "is this you?? thing. My friend said it was a bot virus and he cant stop it himself. Now, i spam people without noticing it, my computer is much slower than usual, and when I play games or full-screen applications, it just automatically minimizes every 5 seconds.

Please Help!!!
 

Read other answers
RELEVANCY SCORE 68

Hi =]
I've messed up my Windows Live Messenger. I got a link from a contact saying something about a photo, and even though i knew not to click it, i did. Curiosity killed the cat. I can't remember the name of the file that came up, but i'm pretty sure it was an MSDOS application.
After i clicked it, it sent the same link to my online contacts, and i uninstalled WLM, thinking that'd fix it. Restarted my system, and downloaded it again, but it won't install. I get the error:

"There was a problem with this installation. Windows Live Suite was not installed.

System error details
Code: 0x80070643
Description: Fatal error during installation"

I downloaded WLM from the official site and i can't find anywhere else to download it from.

Please help, this is driving me mad (even though it's my own fault =[ )
Thank you!
 

A:Windows Live Messenger Virus

I ran HJT and this is what i got. I thought i'd just add as well that since i've done this, my desktop icons and start bar often dissapear, and i've had a lot more popups; most for antivirus things, but also for banks and other things.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:55:21, on 28/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Fil... Read more

Read other 2 answers
RELEVANCY SCORE 68

Hi,

I just had a message from a contact saying something like

"Can I put this picture of you in my album"

There was a link which i clicked and downloaded a zip file, which i stupidly unzipped & run.
My PC seems ok at the moment, i have shut down MSN and am running a virus check.

Are there any fixes that I will need to install to clear this??

Cheers
 

A:Windows Live Messenger Virus !!!

Click here to download HJTsetup.exe.

Save HJTsetup.exe to your desktop.
Double click on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This.
Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch Hijack This.
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

Note: During this process, it would help a great deal and be very much appreciated if you would refrain from installing any new software or hardware on this machine, unless absolutely necessary, until the clean up process is finished as it makes our job more tedious, with additional new files that may have to be researched, which is very time consuming.

Also, please do not run any security programs or fixes on your own as doing so may compromise what we will be doing. It is important that you wait for instructions.
 

Read other 1 answers
RELEVANCY SCORE 68

Hello,

The name is Michael and I'm here because I'm having trouble with Windows live messenger. I'm actually working on a friend's computer right now; I received a familiar message saying, "hey look at this pic!!" or something like that from her computer, and so I've let her know that shes got a virus. I have her computer for a few days to try to help her out.

Anyway, I've followed the above instructions and here are the files from DSS:

Deckard's System Scanner v20071014.68
Run by Queen layla on 2008-04-10 17:08:53
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
19: 2008-04-11 02:36:52 UTC - RP246 - Installed SUPERAntiSpyware Free Edition
18: 2008-04-10 19:42:02 UTC - RP245 - Windows Update
17: 2008-04-10 19:22:09 UTC - RP244 - Windows Update
16: 2008-04-09 08:20:01 UTC - RP243 - Scheduled Checkpoint
15: 2008-04-07 19:52:05 UTC - RP242 - Windows Update


-- First Restore Point --
1: 2008-03-13 13:01:20 UTC - RP228 - Windows Update


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 958 MiB (1024 MiB recommended).


-- HijackThis (run as Queen layla.exe) -----------------------------------------

Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-04-10 17:13:53... Read more

A:Windows Live Messenger virus

Biddy biddy Bump bump please.

Read other 4 answers
RELEVANCY SCORE 68

I recently accepted a zip file from a friend named 'photo album'. I extracted it and ran the file inside it. Very dumb i know.

Know I have some type of virus on my computer.

When in action it opens and closes WLM windows repetitively (presumably sending the virus in the same way as I received it). Alas, it's happened to quite a few people independent of the apparent chain I'd got myself into, so I assume it's more widespread than I thought.

Can anyone facilitate in helping me remove this Trojan or take appropriate action please?
 

Read other answers
RELEVANCY SCORE 68

Hey, I got the same imagexx.zip virus trojan thing that other people on this forum have been getting. My hijackthis log is below.

-------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 9:04:41 PM, on 29/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\nvbsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Ahead\Ahead\data\Xtras\mssysmgr.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\iPod\bin\iPodService.exe
C:\... Read more

Read other answers
RELEVANCY SCORE 68

Hi,

About 2 weeks ago my entire contact list from Windows Live Messenger disappeared. After trying a lot of different things, I found an easy solution. Somehow all my contacts had been moved to my block list, so I moved them to the allow list and the problem was fixed.

Yesterday, I signed into Windows Live Messenger, and suddenly my contact list disappeared. All my contacts were already on my allow list, so I don't know how to fix this problem. Now I'm constantly getting emails to my hotmail address- from [email protected] with the subject line- Delivery Status Notification (Failure).

It looks to me as though it's some sort of virus/spyware and AdAware, Spybot Search and Destroy and AVG Anti-Spyware have picked up a little bit of spyware, but nothing has fixed my Windows Live Messenger contact list disappeared problem.

Does anyone know how to fix this? I would really appreciate a fix without needing to reinstall messenger and adding all my contacts from scratch.

Thanks in advance everyone!!


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:38:32 PM, on 20/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\... Read more

Read other answers
RELEVANCY SCORE 68

Hi,

People on my windows live messenger contact list have been complaining that the y have been getting messages from me displaying links to sites such freeoffersforyou dotcom. I havent sent these messages and i think i have some sort of virus because when it does it, it allso logs me out of messenger. I have enclosed the log from the panda scan and the hijack this log. Any help will be greatly appreciated

Cheers
Macca

ActiveScan.txt

Incident Status Location

Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Home Laptop\Cookies\home [email protected][1].txt
Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Home Laptop\Cookies\home [email protected][2].txt ... Read more

A:windows live messenger virus

Hi Macca18112002 and welcome to TSF.

Sorry for the delay in looking into your log, as we are extremely busy as you may have noticed. If you still require assistance, then please carry out my instructions.

Please subscribe to this thread so that you are notified when you receive a reply. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Add Subscription.

--------------------------------------------------------------

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
Please attach extra.txt to your post.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

Click Upload.
What DSS will do: create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
chec... Read more

Read other 9 answers