Virus via MSN / Windows Messenger warning

« Back to All Topics 

Virus via MSN / Windows Messenger warning

Posted in

Off-topic

Virus via MSN / Windows Messenger warning

Posted in

Off-topic

GHOST MP

Off-topic

Virus via MSN / Windows Messenger warning

Just a friendly warning to all who use
MSN Messenger and / or Windows Live Messenger..

A virus that populates your contact list, then propagates itself to your messenger contacts via a specially crafted instant message, is in the wild..

Virus description:
W32.Funner is a worm that spreads using 
Microsoft's MSN Messenger instant message program 
and modifies the system hosts file.

Be aware of ANY messages contaning the text:

"OMG.. is this you?" or a similar text,
followed by a link that appears
to have a image extension (.jpg or other) 
or a similar text.

The only additional information I have found 
on the web so far was publised on the ZDnet.uk website,
 [url=

http://news.zdnet.co.uk/internet/security/0

,39020375,39169941,00.htm]

ZDNetUK Story

/url] 
A portion of this story below:

"known as Funner, it spreads using the MSN instant-messaging service and tries to direct people to a Web site, www.78p.com. However, security software firm Symantec found no evidence that the virus, which had only spread to a small number of PCs, had caused any disruptions.


"From what we have been able to see, it tries to send itself out to all of your MSN Messenger contacts," said Oliver Friedrichs, senior director of Symantec's security response team. "But we have only seen about 34 submissions in the last 24 hours -- really not that significant."

The virus changes the configuration of an infected computer so that users who try to browse to one of more than 900 Web sites will be redirected to www.78p.com, according to information on Symantec's Web site. The virus may also attempt to download additional functionality from the site. The site, however, appears to be down."



We had an instance of a member posting this link into the chat in 8 ball 1 and it did become an issue for a few that clicked this link and executed the file it pointed to.

In the event that you do get this link in an instant message, DO NOT click on it,  
simply close the window and let your contact know 
it was sent by them so they can take actions to 
remove the virus from their machine.

Symantec has posted removal instructions 
on their website...at this location:

[url=

http://www.symantec.com/security_response/writeup.jsp?docid=2004-101116-3507-99&tabid=3

W32.Funner Removal Instructions

/url]

GHOST MP

Çhris

lol my mate just got that about 2 minutes ago and he stupidly accepted :|

Đένϊℓş Дđνσçαţέ

lol Phillip must have clicked it as well (Jetstream) it spammed me out til i had to block him;\

Çhris

It stopped my friend using msn messenger (he came online on windows messenger) he repaired msn messenger by going into 

control panel > add or remove programs etc. 

and now he's back on msn but still could be on his system lol....

ITS FINAL DAY



http://www.symantec.com

to more informations.

Beppe No More



-Cyrax-

i accepted it 2,  very annoying virus,  got rid of it now though.

¶dØûGïÊ¶

like an idiot iv also just accepted this worm after clicking on a link 1 of my contacts sent to me.
before i knew it spammed all the people i had online so if iv infected anyone who reading this im sorry but i couldnt stop it in time:(

i ran my antivirus but no files have come up as infected,but it still mucking up all my settings and givin me spyware.

any help how to get rid would be much appreciated but please explain clearly as im not very bright when it comes to computers

thanks in advance........

Çhris

This is how my friend got rid of his (it may work for you it may not)

Go to control panel then add or remove programs.
Find msn messenger on the list and click on it, it should say "change or remove" click change and click on the repair button.

Like i said it may work for you this is just what i told my mate to do and it seemed to work for him. If the instructions aren't clear enough post back ;)

Good Luck :)

ηιqυιтιη ¢q

dougie u give it me :@, it closed my msn down n windows gave a warning to check when i restarted msn so hopefully ok now, if i'll format :p

¶dØûGïÊ¶

ok cheers chris i done that;)

i also looked around the net and used ad-adware and spybot to clean my whole system,restarted my comp on safety mode then used both programs again.then i restarted on normal mode.

so far everything is back to normal,i get 1 pop up when i log onto explorer but thats it and my msn not had any problems yet as far either

¶dØûGïÊ¶

oh and sorry again niquitine as i said it had spammed all my contacts before i knew it had happened:)

DjangoX

I got hit by this and removing Messenger didn't work.

And I can't see the instrustions. Can't you post 'em here?

DaSnookaMan



Disable System Restore (Windows Me/XP). 
Update the virus definitions. 
Restart the computer in Safe mode or VGA mode. 
Run a full system scan and delete all the files detected as W32.Funner. 
Reverse the changes made to the registry. 
Reverse the changes made to the System.ini file 
Remove entries from the Hosts file ;)

DaSnookaMan



 I strongly recommend that you back up the registry before making any changes to it. Incorrect changes to the registry can result in permanent data loss or corrupted files.