hey, is this you? http://www.imstuff.us/profile.php?msn=username@hotmail.com

Discussion in 'Virus Information' started by Gordon J. Rattray, Feb 18, 2006.

  1. Hi there,

    Got a machine here that received the following on MSN: "hey, is this you?
    http://www.imstuff.us/profile.php?msn="

    After dbl clicking it and installing it, my Norton was disabled. So, it's a
    bug/worm/virus?

    Several of my friends got it from me and 2 of them installed it and same
    thing happened, disabled the NAV.

    Is this something new that's just started to go around?

    How to fix it?

    Thanks,

    Gordon
     
    Gordon J. Rattray, Feb 18, 2006
    #1
    1. Advertisements

  2. From: "Gordon J. Rattray" <>

    | Hi there,
    |
    | Got a machine here that received the following on MSN: "hey, is this you?
    | http://www.imstuff.us/profile.php?msn="
    |
    | After dbl clicking it and installing it, my Norton was disabled. So, it's a
    | bug/worm/virus?
    |
    | Several of my friends got it from me and 2 of them installed it and same
    | thing happened, disabled the NAV.
    |
    | Is this something new that's just started to go around?
    |
    | How to fix it?
    |
    | Thanks,
    |
    | Gordon
    |

    Download MULTI_AV.EXE from the URL --
    http://www.ik-cs.com/programs/virtools/Multi_AV.exe

    To use this utility, perform the following...
    Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
    Choose; Unzip
    Choose; Close

    Execute; C:\AV-CLS\StartMenu.BAT
    { or Double-click on 'Start Menu' in C:\AV-CLS }

    NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
    FireWall to allow it to download the needed AV vendor related files.

    C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
    This will bring up the initial menu of choices and should be executed in Normal Mode.
    This way all the components can be downloaded from each AV vendor's web site.
    The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

    You can choose to go to each menu item and just download the needed files or you can
    download the files and perform a scan in Normal Mode. Once you have downloaded the files
    needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
    during boot] and re-run the menu again and choose which scanner you want to run in Safe
    Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

    When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
    file. http://www.ik-cs.com/multi-av.htm


    * * * Please report back your results * * *
     
    David H. Lipman, Feb 18, 2006
    #2
    1. Advertisements

  3. Hi Gordon .First ,please never again post malware links because there may be
    other guys in these publuc newsgroups who can do the same as you did (and you
    obviously saw it is bad).

    Now ,goto my web-site :
    http://pandaman.hit.bg
    and perform the fast malware removal instructions .

    At the end , scan your PC with :
    Panda's free Active Scan (for all kind of security threats)
    http://www.activescan.com


    Make ALL your friends do the same siggestions.At the end ,reinstall your
    Norton AV .
    Make sure it is correctly configured-> scan ALL files ,compressed ,use
    Bloodhoud (heuristic) and also update it regularly.
    Also ,as you use Norton you might want to increase your protection.
    If you use Norton 2006 version ,you are already much more protected than the
    old versions.However ,if you use Norton 2003,2004 or 2005 version you
    probably know that Norton's Live Update offers only weekly updates which is
    very very bad if there is an epidemic of new threats (such as Sober ,
    Mitgleider ,Netsky ,MyDoom.........)
    That's why ,if you use version 2003/2004/2005 you could be interested to
    understand how to use Symantec's Intelligent Updater in combination with Live
    Update:

    http://service1.symantec.com/SUPPORT/sharedtech.nsf/docid/2002021908382713?OpenDocument&src=sec_web_nam

    http://www.symantec.com/avcenter/download.html


    Don't hesitate to contact the Communities again! :)


    Panda_man
     
    =?Utf-8?B?UGFuZGFfbWFu?=, Feb 18, 2006
    #3
  4. Learn your self and your friends how to protect their computers:
    http://pandaman.hit.bg -> "Protect your PC" sections


    Panda_man
     
    =?Utf-8?B?UGFuZGFfbWFu?=, Feb 18, 2006
    #4
  5. Gordon J. Rattray

    jen Guest

    Probably a variant of this worm:
    http://securityresponse.symantec.com/avcenter/venc/data/w32.chod.d.html
     
    jen, Feb 18, 2006
    #5
  6. Gordon J. Rattray

    Temur Guest

    why do u post stuff twice?
    is this spam or what?
     
    Temur, Feb 18, 2006
    #6
  7. Right on, Panda Man... will watch my step in future so as not to spread
    things..

    Thanks for the advice and info, am checking things out right now...

    Gordon
     
    Gordon J. Rattray, Feb 18, 2006
    #7
  8. You're welcome ! :)

    Panda_man
     
    =?Utf-8?B?UGFuZGFfbWFu?=, Feb 19, 2006
    #8
  9. Gordon J. Rattray

    Peter Foldes Guest

    This is almost the same as dancing and stepping on the other ones feet
     
    Peter Foldes, Feb 19, 2006
    #9
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.