So someone sends me an IM and says check this out. I click on the link and I get a norton antivirus message saying it found a virus and its been deleted from your computer and I cant open the file. I update my virus deff., run a full system scan and reboot and still no luck. Now when I type in the address it takes me to a BS website with a bunch of advertisements for posting photos. So my question is this...can anyone figure out how to get to this and open it up? Im just real curious as to what the heck it is and the person who IM'ed it to me is no longer online. Thanks for any help you can give.

EDITED at Rockys request!!!


BREW

 

My Advice? Forget the link and move on before you crash your computer

 

I hear ya UC..but he looked at it with no problems so thats why I was wondering if anyone could figure it out. No biggie, Ill just tell him to send it again next time I catch him online. Thanks


BREW

 

YEa it's riddeld with SpyWare.. I kind of figured as much from what you described but since it was a .jpg url then I figured I'd give it a click. BUT I did it on a junk computer! Norton didnt pop up BUT... pop up blocker could not stop them fast enough! Let me get rid of all the spy ware that it put on and I'll let you know what you will need to do.

 

Hey Matt,,thanks man. Let me know if I need to do anything. I just found out it was some sort of spyware or virus or whatever. I did however update everything and run a full system scan and it seems to be ok now. What do you think?? should I be worried about anything?

BREW

 

I'm not finding anything to be worried about yet... Some spy ware, but nothing to menacing.. I am browseing throu my registery to see if I can see anything that LavaSoft and SpyBot didn't find. If you have any ADware/Spy ware software, you might go ahead and run it while I continue searching.

 

Program CAlled Hijack this should help. But u have to know what shouldnt be there. Down load it and post the log here.

For the Lazy

http://www.merijn.org/files/hijackthis.zip

 

Alright there is one nasty trojan viri that Norton was not able to take care of... it's called "download.fugif" and it filename is "ms32.tmp"!

Removal Instructions

The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.

1. Disable System Restore (Windows Me/XP).
2. Update the virus definitions.
3. Run a full system scan and delete all the files detected.
4. Overwrite the alternate data stream.
5. Delete any values added to the registry

go here For specific details on each of these steps, read the following instructions. Provided by Symantec/Norton

 

Well Matt, I was able to do the first 4 steps. Once I got to #5 I couldnt find the subkey or whatever they were telling me to find after the CLSID. When it gets this deep its all greek to me. However, not sure if it means anything or not, but after I updated my deff. and ran a full system scan, there were no viruses or anything detected. I guess I'll just cross my fingers and hope for the best. Thanks for the help.


BREW

 

Don't worry about it, I didnt have that one either. So I'm going to say it's not a big deal. The heart of it has been removed so anything that is left is not alive!

 

COOL!!! Thanks man


BREW

 

No Prob

 

BrewDude-
The reason your 'friend' sent you the PM is because he clicked on something stupid and got infected. The virus then hijacked his 'puter and sent PM's to everyone on his list. Now you're bound and determined to get infected even though your Norton initially blocked the first attack.

Please edit the first post in this thread and delete the virus-infected link before you cause more ignorant folks to click on it and get infected.

 

Rocky...relax, ***** like this happens all the time. Its done and over. We figured it out and obviously it wasnt anything life threatening. Sorry if Im coming off wrong, but I feel thats how you came off in your post.


BREW

 

Sorry bud, I was just reading your first post and I was amazed at how hard you worked at trying to download that virus into your computer. And then you posted the infected link asking for help in opening it. And ***** like this "happens all the time" because people keep trying so damn hard to open infected files even after finding out they are infected.

And I seem to be offending damn near everybody lately, so don't feel all special.