The new forums will be named Coin Return (based on the most recent vote)! You can check on the status and timeline of the transition to the new forums here.
The Guiding Principles and New Rules document is now in effect.
"lmageshack.cn" MSN virus thingamabob
Echo
ski-bapba-dapModerator, Administrator admin
ski-bapba-dapModerator, Administrator admin
So a friend of mine suddenly started sending strange links to images at lmageshack.cn (with an L at the start). Bells instantly went off due to the obvious imageshack.us scam attempt.
I'm on a mac, so I clicked anyway. :P
Links redirect to a PIF file that I assume infects new people. Googled a bit, but I can't find anything on how to help him remove it. Anyone got some pointers? He's running ye olde ad-ware, malwarebytes etc now.
I'm on a mac, so I clicked anyway. :P
Links redirect to a PIF file that I assume infects new people. Googled a bit, but I can't find anything on how to help him remove it. Anyone got some pointers? He's running ye olde ad-ware, malwarebytes etc now.
Echo on
0
Posts
That said, most of my recommended tricks would generally require someone who knows what they are doing. HiJackThis is a good start and you can tell him what to remove after the automated tools are done, after that I would use Process Monitor (from Sysinternals/Microsoft) to check the threads in each Windows process (especially Explorer) for suspicious applications that decided to hide in them.
After that, I'd use either Root Repeal or GMER. They're invaluable for detecting hidden processes/files/services.