Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus Through Aim Link


  • Please log in to reply
2 replies to this topic

#1 thestraw

thestraw

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 01 March 2006 - 03:43 AM

I got this in an IM from a friend the other day:
should i put these pictures of us on myspace or facebook?

silly me clicked the link, because I thought my friend really did have pictures of us.. well it started to download something, which i thought was weird because i use photobucket, and i know they dont download anything.. anyways, i didnt think anything of it.. that was 2 or 3 days ago, and then last night (tues nite) something took over my AIM.. it started sending IMs, but i didnt see what the message was.. for some reason I was getting ims back of my friend's away messages.
I had no idea what was going on, until I got a txt sent to my cell phone (on AIM you can add cell phone numbers, and I put mine on my buddy list) with the message I posted above.

I ran adaware, spybot search and destroy, house call and PC-cillan antivirus (thats the program I use), and no viruses were found, but a whole bunch of other stuff was found and deleted.. not sure if it was adaware, malware or anyother type of ware.

My question is.. how do I know if my system really is clean, or if its just a virus that isnt known by my program.

Thank you in advance for any help, I really do appreciate it

Removed hot link - Grinler

Edited by Grinler, 01 March 2006 - 10:25 AM.


BC AdBot (Login to Remove)

 


#2 Albert Frankenstein

Albert Frankenstein

  • Members
  • 2,707 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Michigan, USA
  • Local time:11:22 AM

Posted 01 March 2006 - 09:19 AM

Well, it sounds like your friend is infected with something that sends out instant messages to his buddy list, and then you clicked on the link and got infected as well, as it sent itself out to everyone in your buddy list. At least that is my best guess.

For help with removing your infection I would like to refer you to the Highjack This (HJT) forum here at BleepingComputer.com:

First: Read the Preparation Guide found HERE. It is very important that you follow ALL of the instructions found within. (There are many important steps in this guide that may clean your computer.)

Second: Post your system information along with a brief description of the problems you are having, and your HJT log in the HJT forum found HERE.

NOTE: Please, after you post your HJT log DO NOT make another post in the HJT forum until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post there will be 1 reply. The team member glancing over the replies might think someone is already helping you out and will not respond. So, just make your post and let it sit there until a team member responds. The volunteers who work that forum are very busy, so please be patient and wait for a response. It can sometimes take a few days.

Third: If, after finishing your work with the folks at the HJT forum you have issues with XP related to the removal of the infection, then come back in here and let us help you get your computer back to normal.

You are in good hands! Good luck!

Edited by Albert Frankenstein, 01 March 2006 - 09:19 AM.

ALBERT FRANKENSTEIN
I'M SO SMART IT'S SCARY!


Currently home chillin' with the fam and my two dogs!


#3 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:10:22 AM

Posted 01 March 2006 - 10:41 AM

Sounds like a trojan.

Your friend probably had it and that's why it got sent to you, as your computer is sending it to everyone in your IM list and possibly your address book.

You should immediately notify everyone on your "buddies" list and everyone in your email address book not to open any attachments sent from your computer.

What firewall are you using?

If it is the one that comes with Windows XP it will not prevent any application on your computer from sending malicious files out.

Download the freeware firewall Zonealarm, and after you configure it disable the Windows firewall. At least you will be able to stop the trojan from sending itself out of your computer.
http://www.zonelabs.com/store/content/cata...g=en&lid=nav_za

Try the following web based anti-trojan scans if you can:

online trojan scans here -
http://scan.sygatetech.com/pretrojanscan.html


Windows Security Trojanscan
http://windowsecurity.com/trojanscan
See instructions for it here:
http://www.windowsecurity.com/trojanscan/trojanscan.asp

Edited by Enthusiast, 01 March 2006 - 10:48 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users