What happened to the Messenger Plus! forums on msghelp.net?
Shoutbox » MsgHelp Archive » Skype & Technology » Skype & Live Messenger » WinFixer spyware spreading in MSN / Windows Live Messenger ads

WinFixer spyware spreading in MSN / Windows Live Messenger ads
Author: Message:
Menthix
forum admin
*******

Avatar

Posts: 5537
Reputation: 102
40 / Male / Flag
Joined: Mar 2002
O.P. WinFixer spyware spreading in MSN / Windows Live Messenger ads
There was already news about this on mess.be yesterday. But although the ActiveX controls seem to be gone now, spyware is still spreading through Microsoft's banner network :S.

Whenever you see this banner in Messenger, do not click it, and if it launches any popups or warning, close them.
[Image: the_PC-Secure_banner_spreading_WinFixer_spyware.gif]

I saw that one today, here is what happens when you click it:
[Image: WLM_Screenshot_3.png]
[Image: screenshot3__site_after_banner_click.png]

When downloading the file the virus scanner kicked in:
[Image: screenshot4__virus_detected.png]

"Technical" details:
[Image: screenshot5__msnmsgr.exe_HTTP_traffic_log.png]

For those who don't know about WinFixer and its variants, read the Wikipedia WinFixer article. If you are infected by this, read http://www.spywareremove.com/removeWinFixer.html .

I wonder how many people that don't have a clue felt for it so far :(.

EDIT: Digg this http://digg.com/security/Microsoft_is_distributing_Winfixer_malware :p

This post was edited on 02-18-2007 at 11:18 AM by Menthix.
Finish the problem
Menthix.net | Contact Me
02-17-2007 09:10 PM
Profile E-Mail PM Web Find Quote Report
Voldemort
Veteran Member
*****

Avatar

Posts: 3504
Reputation: 49
– / – / Flag
Joined: Jul 2005
Status: Away
RE: WinFixer spyware spreading in MSN / Windows Live Messenger ads
Dodgy microsft... let's see what they have to say....

i wonder what sandi will say on her blog :P
let's take wlm out of the mvp thingo

This post was edited on 02-18-2007 at 02:26 AM by Voldemort.
*All posts are a purely speculative hypothesis based on abstract reasoning.
Not my daughter, you bitch!
[Image: ico-mollytrix16.gif]
02-17-2007 09:14 PM
Profile E-Mail PM Find Quote Report
Menthix
forum admin
*******

Avatar

Posts: 5537
Reputation: 102
40 / Male / Flag
Joined: Mar 2002
O.P. RE: WinFixer spyware spreading in MSN / Windows Live Messenger ads
quote:
Originally posted by Voldemort
wonder what sandi will say on her blog
Same :). Mailed her yesterday, she said she was investigating it. Just mailed her again with more details.
Finish the problem
Menthix.net | Contact Me
02-17-2007 09:17 PM
Profile E-Mail PM Web Find Quote Report
Nathan
Veteran Member
*****

Avatar
Yeah, "large dimensions" ;)

Posts: 2984
Reputation: 76
– / Male / Flag
Joined: Apr 2005
RE: WinFixer spyware spreading in MSN / Windows Live Messenger ads
Link to sandi's blog please :P
02-17-2007 09:32 PM
Profile E-Mail PM Web Find Quote Report
Nagamasa
Skinning Contest Winner
*****

Avatar

Posts: 1842
Reputation: 30
31 / Male / Flag
Joined: May 2006
RE: WinFixer spyware spreading in MSN / Windows Live Messenger ads
Coming to thinking of this, it suprises me how fragile certain Microsoft things are...perhaps they should get rid of advirstisements to 'avoid' that problem :P

Lets hope they cant hack into someone's display picture or anything else and advirtise something else (perhaps inappropriate), and that everything else is secure.
[Image: unled1uo.png]
Joined this forum 6765 days, 11 hours, 40 minutes, 25 seconds ago.



02-17-2007 11:33 PM
Profile PM Web Find Quote Report
Menthix
forum admin
*******

Avatar

Posts: 5537
Reputation: 102
40 / Male / Flag
Joined: Mar 2002
O.P. RE: WinFixer spyware spreading in MSN / Windows Live Messenger ads
quote:
Originally posted by Nathan
Link to sandi's blog please
http://www.msmvps.com/blogs/spywaresucks/ but she hasn't posted anything about it yet.

This post was edited on 02-18-2007 at 01:02 AM by Menthix.
Finish the problem
Menthix.net | Contact Me
02-18-2007 01:02 AM
Profile E-Mail PM Web Find Quote Report
Voldemort
Veteran Member
*****

Avatar

Posts: 3504
Reputation: 49
– / – / Flag
Joined: Jul 2005
Status: Away
RE: WinFixer spyware spreading in MSN / Windows Live Messenger ads
quote:
Originally posted by Nagamasa
Lets hope they cant hack into someone's display picture
errrrrrrrr dodgy ads != backdoor or something...
*All posts are a purely speculative hypothesis based on abstract reasoning.
Not my daughter, you bitch!
[Image: ico-mollytrix16.gif]
02-18-2007 02:08 AM
Profile E-Mail PM Find Quote Report
Patchou
Messenger Plus! Creator
*****

Avatar

Posts: 8607
Reputation: 201
43 / Male / Flag
Joined: Apr 2002
RE: WinFixer spyware spreading in MSN / Windows Live Messenger ads
Quick note, as we're in the subject: I trust all of you NOT to post anything "stupid" to comment Sandi's blog (or any other blog for that matter). I know most of you sometimes just want to protect Messenger Plus! but history has shown it's better to stay civilized.

I know most of you already know that and in this particular case, there's nothing against Messenger Plus! itself anyway (all the countrary if you read the latest posts). I just want to be sure everybody is crystal clear on that :). So, if you post a comment anywhere and you mention Messenger Plus! or this forum, please act like gentlemen! (and demoiselles ;)).
[Image: signature2.gif]
02-18-2007 07:30 AM
Profile PM Web Find Quote Report
High Speed Chaser
Full Member
***

Avatar
Don't mess with the Wambulance!

Posts: 364
Reputation: 17
– / Male / Flag
Joined: May 2006
RE: RE: WinFixer spyware spreading in MSN / Windows Live Messenger ads
quote:
Originally posted by MenthiX
quote:
Originally posted by Nathan
Link to sandi's blog please
http://www.msmvps.com/blogs/spywaresucks/ but she hasn't posted anything about it yet.


She has now
If only I knew what I should put here
02-18-2007 07:33 AM
Profile PM Find Quote Report
Menthix
forum admin
*******

Avatar

Posts: 5537
Reputation: 102
40 / Male / Flag
Joined: Mar 2002
O.P. RE: WinFixer spyware spreading in MSN / Windows Live Messenger ads
http://digg.com/security/Microsoft_is_distributing_Winfixer_malware :banana:
Finish the problem
Menthix.net | Contact Me
02-18-2007 11:19 AM
Profile E-Mail PM Web Find Quote Report
« Next Oldest Return to Top Next Newest »


Threaded Mode | Linear Mode
View a Printable Version
Send this Thread to a Friend
Subscribe | Add to Favorites
Rate This Thread:

Forum Jump:

Forum Rules:
You cannot post new threads
You cannot post replies
You cannot post attachments
You can edit your posts
HTML is Off
myCode is On
Smilies are On
[img] Code is On