Trojan Horse Downloader

By ·
Using symantic anti virus & spy bot on xp pro -
Hmm.. well everything went ok,
Safe Mode ran well, nothing was found there,
when we rebooted as soon as messenger was started multiple messenger windows flew open,
eventually we were able to close messenger down, and the auto protect began scanning and found 13 items, pretty much all the same we cleared out this afternoon,
Hmm doesn't look good to me

My Thoughts. ));-(
it appears the bug is firmly in messenger ,
so why not just go into safe mode, uninstall messenger, run the scans, clear the bugs, and that should solve the problem on local machine or is that too simple ?
(Like me.)
Only thing with that is messenger has a giant suppository out there in cyber space somewhere that has all information stored in it, and when one goes to a particular user that obviously has the virus, from any machine, anywhere on the planet that machine will become infected ?
Or do I have that theory incorrect also .
Anyway, if the uninstallation of messenger will do the trick, before we do, is it possible to access a list of all that users contacts and at least save them somewhere so then can start a whole new messenger with a new user name, login, whatever.
Am struggling with that solution as anyone else with the bug will just reinfect .. Hmm .. like the common cold.. "don't send your kids to school, they will get sick from all the other kids"

hmm your thoughts please ,

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -


by Kiltie In reply to Trojan Horse Downloader

Did you post in the wrong place?

This looks like a middle-of-thread post.

We can help, but you'll need to start from the beginning I'm afraid.

Collapse -


by Tony Hopkinson In reply to Trojan Horse Downloader

I think is the word you were looking for , though suppository could be factually correct.
MSN messenger is a notorious vector for malicious files.
Let me guess you are using it from an admin login.
Once you sure you've cleaned the machine.
Kill the autosignon feature for your admin accounts.
Create an unprivileged user ans use that to signon.

What ever crap is coming through in the content probably won't succeed.
Once you've caught up on messages logoff (not switch. Sign back on as admin and do another scan.
See if you can recognise the content against your address book and block them, but again do it from the unprivileged account.

Related Discussions

Related Forums