Are there a load of new worms today ?

[Wij]

My PC has been vainly fighting off spyware attacks all day. I've got the Windows firewall on but the same 7 or 8 rogue processes keep appearing. I've run Spybot, Adaware SE, Spysweeper and MWAV and they clear them up to some extent but Spysweeper always detects the "Microsofts Mediascope" and "wmstu" thigs being re-added to my Windows "Run" reg keys. I thought maybe it was something else on my PC that kept re-adding them but when I disconnected my NIC they stopped re-appearing.

Downloading SP2 and such now but not much hope. A google for wmstu.exe and some of the others reveals nothing. Not 1 match.

 

[dysfunction]

Ive not noticed anything.

Maybe someone has it in for you. I blame Sumo tbh.

 

[TdC]

you're not running msn7 by any chance? teh gf installed *shudders* that and all kinds of hell broke loose in her ickle poota. serves me right for giving in to her demands to have her administrator password restored to her :/ *shame*

 

[Wij]

msn7 ? not that i know of

 

[TdC]

it seems there's a "beta" of some sort floating about and when you install it all kinds of homepage-snatchers and advert thingys and what not pop up in your process list. was a bit naff to see her have a couple iexplor* things in her process list with nothing running. kill them off and two separate processes spawned to create even more explorers. teh win. if it's a real msn product they should be shot for allowing that kind of crap to be packaged with their product :/

as to wormies and other stuff, I still get attacks against my webserver every so often, but the majority of stuff blocked by my firewall are scans to see if I'm running unfirewalled windows.

 

[Gray]

I like 6.2, i see no need of change. The emoticons suck, but so does all the MSNs..

Give me back the OLD emoticons thx

 

[leggy]

I have 7 beta. I had better go check for computer STDs.

 

[JingleBells]

I have MSN 7 Beta, no bugs as I downloaded it off MSNs website its rather snazzy too.

 

[Wazzerphuk]

I can't believe no-one's made a joke about Wij having worms yet.

 

[MYstIC G]

It's too easy tbfh.

 

[PLightstar]

Spybot search and destroy, my friend

 

[Wij]

It recognises some of the worms but not all. Then they all come back anyway. None of the Anti-Spyware progs work

 

[Cyradix]

Go into safe mode and run your anti-spyware tools. In a few cases this solved my spyware probs.

 

[SawTooTH]

Turn off system restore, do virus check, spyware check (Adaware & Sybot S&D). Then Do another check all over again. If you dont find anything, disconnect from the internet, and never ever use it again.

I have Adaware pro + adwatch, S&D, and pestpatrol. I use NOD32 Virus checker and I use the Sygate firewall in addition to my router firewall (that doesnt stop F all from what I can see & Ive set that up as best as I can)

I think its a losing battle tbh. I just routinely run Pestpatrol and adaware everyday. I do recommend pestpatrol as a program as it made my old system run a lot better and found a couple of trojans and all sorts of adware (mainly from gamespy)

 

[Sharma]

I have MSN 7 Beta, no bugs as I downloaded it off MSNs website its rather snazzy too.

Just a pity ho you cant remove the fucking tabs, I dont want to know about that crap and msn plus for it doesnt remove the SODDING ADVERT!

 

[Ch3tan]

http://www.theinquirer.net/?article=20825

New worm spreading itself via MSN messanger. Been opening goatse.pif have we wij?

 

[Wij]

http://www.theinquirer.net/?article=20825

New worm spreading itself via MSN messanger. Been opening goatse.pif have we wij?

Why else would you send me it ?

 

[Mobius]

Hey Wij you big freak, do you still play Daoc? I restarted, gifv gold plz!!!1111

 

[Wij]

I've not logged on in a couple of months but I probably have a bit of spare cash

 

[Deebs]

There is a variant of a new worm/backdoor virus.

We discovered it yesterday and only a few virus programs can detect it and only on a full deep sweep.

NOD32 as of yesterday when I spoke to them couldnt detect it, yet they reckon they added it to the database back in October. So how come it's sat on my pc and I am scanning the file and NOD32 says it is clean yet AVP detects it, machine guns it and leaves me with a warm fuzzy feeling?

I will post the variant name when I get to work.

/update

Right, NOD32 did 2 updates to their base configuration files yesterday. The one at 20:27 (1.977) can now detect

Win32/TrojanProxy.Agent.DP trojan

Shame, as it was already in the wild for a good few hours replication extremely fast.

Anyway, thats the nasty one, it renames itself, replicates, downloads a backdoor and installs itself as a service.

 

[Tom]

How come your avatar doesn't say 'cock ale' any more?

 

[Mobius]

I've not logged on in a couple of months but I probably have a bit of spare cash

Kewl, check yer PMs.

 

[old.user4556]

Hmmm, just done a full system scan and i've got a trojan installed.

Fuckers.

 

[Wij]

Kewl, check yer PMs.

They were full. Try again

 

[TdC]

Right, NOD32 did 2 updates to their base configuration files yesterday. The one at 20:27 (1.977) can now detect

Win32/TrojanProxy.Agent.DP trojan

Shame, as it was already in the wild for a good few hours replication extremely fast.

Anyway, thats the nasty one, it renames itself, replicates, downloads a backdoor and installs itself as a service.

only on a full scan eh? hmm. cheers for the info I'll be checking my and my gf's poota tonight!

 

[Cyfr]

Some porn websites are exploiting java to install crap loads of stuff on my PC. It's annoying as crap. Yes ok, don't go on porn sites.. but I HAVE to!

and my firewall screams 'backdoor active trojan deltasource' and 'backdoor active trojan schoolbus' at me all the damn time, and I only have the bittorrent & msn port forwarded to my pc

So wondering if I have this undetectable thingie...

edit: I use Symantec AV(not norton) and kerio fw

 

[Cyfr]

Hmm actualy, now i've checked it out it seems the destination port is 1024 which is something to do with irc aint it? So theres prolly nothing to worrie about..

however the annoying java viruses still annoy me!

 

[TdC]

turn java and activeX off in IE Cyfr, or use a proper browser

 

[Gray]

On a related note to MSN. Ive put off installing to the new "MSN 7" version for a long long time (i was the same with the 6.xx until MSN forced it onto me).

But anyway, all day today MSN has failed to load up, first it said i have to update to the new version, which, in the end i just let it download (Only to find it was still my version - 6.2)

Now, as soon as i click Sign in, it just comes back straight away with "Problem connecting to Messenger, Error: 0x81000365"

Anyone else here on MSN 6.2 having problems, or you all updated to the new 7?

 

[nath]

I had that problem, told me I had to update then updated to 6.2 which I already have. However, I'm currently signed in to msn with no problems.