Jump to content

msn virus? you gotta be ######ing kidding me


deadly_sniper22
 Share

Recommended Posts

alright where to start. A guy on msn ssends me a link saying something along the lines of

"hey is this you --> (my e-mail here)@jlkdsjflds.com"

i wasn't paying attention at the time so i click it, as soon as i did and a page didn't come up i realized what i had done and shut down my computer immediatly. I let it sit for a bit and fired it back up. I ran Norton and it found nothing so i figured i was o.k. I go on msn and it seems fine but after 10 minutes, everyone who is online in my list, a window automaticaly pops up for them one at a time, than exits and it goes through every person online. This is when i realized i was in trouble.

I hit ctrl + alt + delete and there is atleast 20 listings of 'winoldap' and i can't get rid of them.

I search for winoldap under start>search>files and folders and it turns up nothing....i have no idea how to get rid of this th ing, right now the closest i could find was this thread

link

i'm running through some online scans and see what comes up

:wall::wall::wall::wall::wall:

anyone know what this is and how to get rid of it?

DS22

Link to comment
Share on other sites

Yeah, this is getting bad. So far I've seen two people that have it. I think one of them defeated it by deleting msn messenger. I'm not sure so I'll come back here after I've talked to him, and if I don't talk to him by tonight then I doubt I'll be able to talk to him for a few days, so don't hold your breath.

Link to comment
Share on other sites

Yeah, this is getting bad. So far I've seen two people that have it. I think one of them defeated it by deleting msn messenger. I'm not sure so I'll come back here after I've talked to him, and if I don't talk to him by tonight then I doubt I'll be able to talk to him for a few days, so don't hold your breath.

ya i know i can always do that but i've had trouble with installing msn for some reason and updates always seem to give me errors so i'm sure that will just cause more headaches...

DS22

Link to comment
Share on other sites

Okay, I'm pretty certain that to have this quit is by uninstalling, then installing it again, and update it if you can. That is how the two that I talk to got rid of it. But, there must be a better way to get rid of it, I don't think that uninstalling it will take it out of your system, but I'm not computer savvy so I wouldn't know.

Link to comment
Share on other sites

From Wintasks, heres some info on the process

winoldap - winoldap.exe - Process Information

Process File: winoldap or winoldap.exe

Process Name: Microsoft MS-Dos Executer

 

Description:

winoldap.exe is a legitimate process used on Windows 98 based computers which deals with old ms-dos based programs. This program is non-essential process to the running of the system, but should not be terminated unless suspected to be causing problems.

Note: winoldap.exe is a process which is used by many unclassified trojan. These Trojan allows attackers to access your computer, stealing passwords and personal data. It is a registered security risk and should be removed immediately. Please see additional details regarding this process

and theres a thread here that tells how some guys have successfully removed it

http://www.broadbandreports.com/forum/remark,12917048

Link to comment
Share on other sites

ok update here:

the random msn windows popping up has stopped but i still have all the 'winoldap' when i hit ctrl alt delete.....

DS22

You can go into safe mode, and delete it from the System32 folder. You can also go into the registry and remove it. If you would like a walkthrough on this, let me know.

Personally, I have never seen that process. Not in XP, not in ME or 98.

I think it may have been one back in the 9x series, but XP doesn't use DOS at all. Neither did ME. 98 was the last, and it used a hermaphrodite version of DOS called DOS v.7.

I know what Crowman's quote says, but I think what has happened here is that someone has taken the name and applied it to a virus or malware.

It can't be an actual DOS process, because XP uses no DOS at all.

Also, the only thing in XP with that name is a file called winoldap.mod, and it's in the C:\Winblows\System32 folder. It may have been renamed by whatever you opened. Look for folders in the C:\Winblows and in C:\Winblows\Program Files directories.

When you search for the file, use this as search criteria: In the Files and Folders box in the search app, type this: winoldap.*, or even winold.*, with the period and asterix. Those are wild cards. They, in this case, are telling Winblows to look for any file that starts with winold or winoldap, and has any extension after it.

Go into Safe Mode to remove it, and go into Regedit and Regedit 32 to make sure it isn't hiding in the hkey_local machine\software\Microsoft\Winblows\cCurrent version\ Run, Run Once, Run System folders, and also in the hkey_Current User\software\Microsoft\Winblows\current Version\Run folder, and make sure that in both of those Hkey's, there aren't any folders in the software directories with that name.

And make sure you do it in both Regedit, and Regedit32. Believe me, it's important, and Regedit32 has some stuff in it that Regedit doesn't.

Also, before doing anything in the Registry(either one of them), once they are open, go up to File, choose Export, and export copies of each to a safe place, just in case you mess up. Then, if you do mess up, you can reboot to safe mode, double click on the back up, and be back to where you were.

IF you need any help or clarification, look me up.

I also highly recommend AdAware Personal SE and SpywareBlaster.

And, sigh, yes, even me, recommend using the Microsoft Anti-Spyware Beta.(God, that hurt to say. I think I'll go throw up now.) :wacko::blink::x:x:x :'(

Just in case:

Microsoft = Microsoft

Winblows = Windows

Also, a tip here:

Unless you absolutely know what you are accepting, and you know without a single doubt that the person sending it to you won't screw you blind, DO NOT ACCEPT ANYTHING FROM ANYONE ! !

That is the number one rule in NOT getting viruses and spyware.

Number two rule would be to go LINUX ! !

BOYCOTT the software monopolizer ! !

linux.jpglinux.jpglinux.jpglinux.jpglinux.jpg

Edited by Phantm
Link to comment
Share on other sites

Also, a tip here:

Unless you absolutely know what you are accepting, and you know without a single doubt that the person sending it to you won't screw you blind, DO NOT ACCEPT ANYTHING FROM ANYONE ! !

Just to add on to that, a mate of mine on msn sent me a similar message, I thought it odd as I hadnt spoken to him in a while, so I sent him an email asking if he'd sent me that message, it turns out he hadnt and he was infected with some virus/trojan or other and got himself disinfected, so dont accept odd links from anybody, and if you do get one off a friend let them know about it so they can get disinfected.

Edited by CrowmanUK
Link to comment
Share on other sites

  • 2 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...