Windows Live Messenger Virus

Oct 28, 2007 ##

Windows Live Messenger Virus There’s another MSN Messenger Windows Live Messenger Virus/Trojan on the loose. There have been several over the years, but this one seems to be quite popular. The virus basically sends a random message to people in your contacts, with messages like “haha lets hope your parents dont see this picture of you” or “I’ve been editing some pics you should def see em lol!”. The contact will also try to send you a .zip file called ImageXX.zip (where XX is a random number, e.g. “image08.zip”).

If you happen to download the file and open it, you’ll see a file called “imageXX.JPG-www.photobucket.com” or “imageXX.JPG-www.imageshack.com”. Now on first glance it looks like an image that someone downloaded from photobucket.com or imageshack.com. It’s not. The file has a .com extension which is an executable file. Basically if you open it, it attaches itself to your Windows Live Messenger and sends itself to your contacts. If you look at the Chinese Internet Security Response Team website, it says that the virus adds these files to your computer:

  • % System%\mdn.exe
  • % temp%\imageXX.zip (XX is random digitals, e.g. “image08.zip”)

And adds the following registry keys:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
“Machine Debug Mgr” = “mdn.exe”

Your best bet would be to close Windows Live Messenger, delete the above registry keys, restart your computer and then delete the above files. And don’t forget to warn the contact that sent you the virus.

  • jackskoko

    I have the problem but none of the above mentioned files. I keep “sending” messages to a friend and she is “sending” them to me. Neither of us can find anything wrong. HELP please

  • me

    i found da files in %windows\system32…… and \windows prefetch
    they got strange names like hqdvjxbdw or sth like dat
    there is more than one of em
    if u delete em it should work

  • http://jamemails.blogspot.com Jam

    I was a victim use below steps to solve:-
    1) Restart PC in save mode
    2) Run anti-spyware & -virus full scan
    3) Use “ATF Cleaner” to cleaner all the temp files.
    4) Done!

    Jam [URL: jamemails.blogspot.com]

  • Ann Diedericks

    I have gone so far as removing MSN Windows live Messenger from my system – I have scanded my PC – but to no avail – nothing stoped it – I am up in arms – cause I loved msn but I dont think I want to use if ever again – Please help

  • thanasis

    i made the same mistake and my computer was infected by the same virus. i read all the solutions but it doesn’t work. i want someone to tell me the excacly the steps to follow to solve this problem. the main problem is in system32 folder in a .dll file. is there anyone who can tell me what i shoud do????????????/

  • conor

    my windows live is sending wierd messages to other people to do withnudity how can i fix it???

  • Tim Ruyters

    What Jam says works , just get good anti virus software with laterst update nd anti spyware with latest update in safe mode. It doenst work when u just log in normal mode. safe mode is needed.

  • http://blog.trendmicro.sg Anti Virus

    I had the same problem too. I did the same thing that Jam did and it worked!

close

Photos