Virus and/or hacking problem with Windows Messenger

  • Thread starter Thread starter John
  • Start date Start date
J

John

I'm running Windows XP Pro SP2 and Windows Messenger v5.1.0701

About 10 days ago, I received 2 IM's, several hours apart, from one of
my contacts. Both of them asked me to go to unknown websites, a
different site in each message. I was very suspicious and cautious,
because I had never received this kind of IM before. The website from
the first message asked me to login with my MSN account and password. I
refused to do so. I never visited the website from the second message.

I sent an email to my contact and asked him if he had originated these 2
IM's. His answer was that he had not, and that many of his other
contacts had reported the same thing happening to them. He suspects
either he has a virus which is exploiting his Messenger account, or
someone has hacked into his account and is using it.

I shut down Messenger on my end and left it off until today. When I
re-started Messenger I had a notice that someone I have never heard of
has added me as a contact. I blocked that person from contacting me. His
ID is Brooke, his email and Sign-in name are (e-mail address removed),
and his service is .NET Messenger Service.

I see how to remove him from *my* contact list. Is there any way for me
to remove myself from *his* contact list?

Is this something new, or is this a known and documented exploit? Is
there a fix for my contact, who apparently is the victim?

Thanks!

John
 
Hi there,

I have had a similar experience to John. I have gotten messages from
contacts who seem to be infected, which I always ignore and inform them.

Yesterday, I logged into Messenger for the first time in two weeks and
promptly got a message from an unknown contact. I closed the window without
going to the link in the message. However, when I did, it looked like it
quickly ran a dos window that closed. I am now concerned that I am infected.

I have done the following: Checked to make sure this unknown user is not in
my contacts. Uninstalled Messenger (am going to reinstall) and have updated
my AV and Ad-Aware, which have noth come up clean on several scans.

Is this a new trojan out there? How can I be certain I am not infected?

Any help or guidance is greatly appreciated.


Jonathan Kay said:
Greetings John,

The vast majority of Messenger viruses and worms work exactly in the way you just described.
They link you to a website, prompt you for your credentials or download and ask you to
execute an executable. They then do whatever they're programmed to do, and then send the web
site link to their entire contact list. As such, it sure sounds like that one contact of
yours is infected. You are not.

There is no way to remove yourself from someone else's contact list. All you can do is block
and then delete them. After that you can continue to control your status with said contact
by clicking the Tools menu, then Options, and then the Privacy tab. If the contact in
question has removed you from their main contact list, then you can right-click that contact
in the Privacy tab options block or allow list, and choose Delete. If they have not removed
you from their main contact list however, the option will be grayed out.

--
Jonathan Kay
Microsoft MVP - Windows Live Messenger
MSN Messenger/Windows Messenger
MessengerGeek Blog: http://www.messengergeek.com
Messenger Resources: http://messenger.jonathankay.com
(c) 2008 Jonathan Kay - If redistributing, you must include this signature or citation
 
Greetings Jason,

There is no possible way anyone can send you a link on Messenger that will go and execute
anything without further prompting. It was probably something else.

Don't bother reinstalling Messenger, it doesn't even remove it's configuration files when you
do it -- it's a simple copy files, save windows installer registry key routine.

--
Jonathan Kay
Microsoft MVP - Windows Live Messenger
MSN Messenger/Windows Messenger
MessengerGeek Blog: http://www.messengergeek.com
Messenger Resources: http://messenger.jonathankay.com
(c) 2008 Jonathan Kay - If redistributing, you must include this signature or citation
--



Jason said:
Hi there,

I have had a similar experience to John. I have gotten messages from
contacts who seem to be infected, which I always ignore and inform them.

Yesterday, I logged into Messenger for the first time in two weeks and
promptly got a message from an unknown contact. I closed the window without
going to the link in the message. However, when I did, it looked like it
quickly ran a dos window that closed. I am now concerned that I am infected.

I have done the following: Checked to make sure this unknown user is not in
my contacts. Uninstalled Messenger (am going to reinstall) and have updated
my AV and Ad-Aware, which have noth come up clean on several scans.

Is this a new trojan out there? How can I be certain I am not infected?

Any help or guidance is greatly appreciated.
 
Jonathan Kay said:
Greetings Jason,

There is no possible way anyone can send you a link on Messenger that will go and execute
anything without further prompting. It was probably something else.

Don't bother reinstalling Messenger, it doesn't even remove it's configuration files when you
do it -- it's a simple copy files, save windows installer registry key routine.

--
Jonathan Kay
Microsoft MVP - Windows Live Messenger
MSN Messenger/Windows Messenger
MessengerGeek Blog: http://www.messengergeek.com
Messenger Resources: http://messenger.jonathankay.com
(c) 2008 Jonathan Kay - If redistributing, you must include this signature or citation

To: Jonathan Kay
Microsoft MVP - Windows Live Messenger
MSN Messenger/Windows Messenger

Jonathan do you work for Microsoft? Are you new? These annoying links have
been spreading like wildfire for the better part of a year! Yes people get
fooled because the links appear to be from a friend (one of your contacts).

Bill Gates is too busy making dumb commercials while his userbase gets
frustated to no end. Only in America!

Change your MSN password some people say.. shouldn't happen in the first
place if MS techs cared.

Rant over..
 
Back
Top