THE SQL Server Blog Spot on the Web

Welcome to - The SQL Server blog spot on the web Sign in | |
in Search

Peter DeBetta's SQL Programming Blog

Peter DeBetta's blog about programming in SQL Server using technologies such as T-SQL, .NET, CLR, C#, VB, Visual Studio, and SQL Server Management Studio.

Virus Alert: Windows Live Messenger

I received a IM message in Windows Live Messenger from a techie friend earlier today. The message reads (myname replaces my actual email name)

"Hey isnt this YOU??"

I thought it strange that my friend was offline when this message was sent, but I clicked the link anyways to see what he could be talking about (my ego/curiosity made a bad choice). Next thing I know, I am being prompted to Run or Save a MS-DOS application. Fortunately, I read the dialog and canceled the request.

According to news on the net, some AV programs didn't catch it and many people now have a trojan running on their system.

Published Tuesday, January 29, 2008 4:44 PM by Peter W. DeBetta



fangs73 said:

Did you find a fix?  Some people clicked on it and it killed their network connections etc.

This is one of the wores one I have seen.


January 30, 2008 2:27 PM

Peter W. DeBetta said:

From what I could tell, this is the fix: (Although I make no claim as to the validity of this site since I did not get infected) :-)

January 30, 2008 3:13 PM

Kevin3NF said:

That thing went running through here like may well have gotten it from my box.  My IE7 freezes from time to time for a few seconds and I wind up clicking on an app that wasn't even in front of me at the time :(

I got infected, but a fullscan, file delete and reboot did the trick!


January 30, 2008 3:22 PM

Peter W. DeBetta said:

Indeed, Kevin, you are the techie friend mentioned in the post. :-)

Glad the fix works!

January 30, 2008 3:26 PM

Kevin3NF said:

Dang....are we still friends? :)  I'm almost ready to come to a NTSSUG meeting again!

January 31, 2008 4:24 PM

Peter W. DeBetta said:

But of course - just don't let it happen again :-)

January 31, 2008 4:28 PM

Peter W. DeBetta said:

I just removed a comment that posted a link to a fix. The comment, by someone named Bjorn, read:

"I managed to get it fixed by running http : / / www. nucia. eu/ dedicated/ msnfix/"

No offense, but a link to an unknown exe file? Unless the fix comes from Microsoft, or one of the known anti-virus companies, please don't post it here.

February 18, 2008 3:58 PM

Peter W. DeBetta said:

Follow up: This fix is supposed to be from someone named Bendeboy. From what I have read, he has created a genuine fix for the problem and is supposedly now well-known in the Netherlands because of it; just the same, I would still be wary of running any executable on my system without confirmation of its safety.

February 18, 2008 4:04 PM

SL33KR said:

Hey guys i to got this virus from a friend being stupid enough to open it, even though i thought it was a bit odd. I just ran AdAware 2007 and it picked it up straight away. Now seems to be all clear

March 31, 2008 7:12 PM
New Comments to this post are disabled

About Peter W. DeBetta

Peter DeBetta works as a Data and Cloud Solution Manager at DB Best, a Microsoft gold partner company. Peter has written courseware, articles, and books on topics such as development and SQL Server. Peter has spoken at conferences around the world, including TechEd, SQL PASS Community Summit, DevTeach, SQL Connections, DevWeek, and VSLive!

When Peter isn’t working, you can find him singing and playing guitar, taking pictures, working on DIY projects, woodworking, or simply enjoying life with his kids.
Privacy Statement