Newgrounds.com — Everything, By Everyone.

I've got a trojan which activates while i'm in MSN!
It spams messages to all my online contacts on it, i got it by recieving a file from a contact, but what i didn't know was that it's an automated message which goes:

lol check:P
(Link to a PIF file)

I clicked it, and then it spammed it to all online contacts!
The worst is that whenever i go into MSN, this virus activates!

Please help me! Atleast SOMEONE must have encountered this before!

GET OF MY INTERNETS AND TAKE J0R AIDS WITH J0!! >:(

But srsly, dont touch anything.

Yes, it did. I had the same thing. My contact was saying: "lol check :P (Some weird link)".

I suggest running Hitman Pro would solve it. It spreads real quick, since you're getting it from another contact, and once clicked it already installs a .bat file on your computer.

Perhaps it was JesusCyborg! ;)

At 9/22/06 10:57 AM, EccinNET wrote:

Perhaps it was JesusCyborg! ;)

Perhapds ;P

At 9/22/06 10:57 AM, EccinNET wrote: Perhaps it was JesusCyborg! ;)

Probably was :P Don't worry, I'll egg his house for ya :x

LOLOL i be gotting one of thems viruses in t3h past...
I just got the files I wanted onto my external HDD and formatted C:.. Simple.

Menz- it's easy relleh, BATCH files are really basic but powerful-
If it's starting everytime you turn you're comp on (which it undoubtedly will be) then all you need to do is check the following-
1. Check the easy way:
-Alt, Ctrl, Del: Click processes Tab>Click CPU sort>Scroll to the bottom and look for a wierd app. that takes up a bit of CPU>Only if you're sure, select it and click end proc. This should work >.<

-Start>All progs>Startup>*.bat
Then check for the BATCH file, delete it and restart you're comp and see how it goes.

-If that didn't work and it still happens OR it wasnt in there, then you need to check you're registry. I'd guess that if the guy that made the virus had as much mental cap. as a fish, then he would at least disable such things as reg editing. SO! Do this:
Start>Run...>Then type in- Regedit
If you've never checked a reg before then you will be stumped, it's just like a windows explorer except more precise and confusing.
SO! On the left hand pane, navigate to the following file (key):
-HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run
OR! If you're using some other OS than XP, it might be RunOnce on the end instead.

-Now, this should be all the applications that run when you start up your computer
Note: Be VERY careful with this.
Look through the list in the right hand section through the keys which have "ab" as their ICO (std strings)
You should be able to see some really FUNKY files in here, the ones that look more suspicious than something you might expect, double click on them and it opens a small box containing some info on this key. There should be a path to a file that looks REALLY suspicious such as- "XmSoftware" that's just an example, the file on the end should be something like the process that you ended earlier in TaskMan. Copy this path then delete that registry key, (remember to back it up first XD). Now, go to my comp or w/e and nav. to that path and delete that file, retart,
and see how it works :)

Good luck! Tell me how it goes! :D

Cheers ;)
Fr00b00ble*

Sorry about the double posting guys :(
I just forgot to add this in- you can scan it, t'aint a virus.

---If when you tried to use task manager or open up the regeditor it gave you a prompt saying-
"Task managing has been disabled by your administrator."
OR
"Registry editing has been disabled by your administrator."

Then, it's more likely to be the virus that did it >.<
The thing that stops you editing the registry is a key in the registry Lol Somewhat of a paradox eh?
I know, many people are stumped on the idea of how to over this contradictory(sp?) puzzlement...
It's in moderation a simple task but it involves you with installing some software to edit you're reg through another type of application.
There is no need for this...
So, I've made this quick fixer, it does such things as change back the keys which disable you from doing most things that some viruses do-
This is free at the moment, it's INCREDIBLY effective. many people have used this with delight just to put you at ease- This too was made in a BATCH file and compiled.

So here-
http://rapidshare.de..QuickRegFix.zip.html

If you do not feel safe using this then don't, just try and find another way around changing it,
find a tutorial if you don't. It wouldn't be worth risking downloading it if you can't trust it :D

Thanks anyway, can someone verify it?

Cheers ;)
Fr00b00ble*

Nice guide! Froo, you should submit it as an article somewhere. :)

Thanks man ;)
Naw, I can just do that if anybody requests it I guess XD

Or! If you like, you can copy it :P I don't mind if you take credit for it and make it an article :P
As long as you don't take credit for the file XD

Cheers ;)
Fr00b00ble*

At 9/24/06 10:23 AM, Froobooble wrote: Thanks man ;)
Naw, I can just do that if anybody requests it I guess XD

Or! If you like, you can copy it :P I don't mind if you take credit for it and make it an article :P
As long as you don't take credit for the file XD

Cheers ;)
Fr00b00ble*

I <3 fr00b00ble as of now. he gained mah respeck, yo.