| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 95297 | 2008-12-01 11:13:00 | WLM Hijack | Bussani (14313) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 724679 | 2008-12-01 11:13:00 | I think a friend of mine has had their WLM hijacked by something. They sent me a weird link which I clicked without thinking. Hopefully it wasn't anything harmful. The link was realcoolss.com which I don't suggest clicking unless you know what you're doing. I think whatever his WLM is infected with is just spamming these ads, and I doubt I got infected just by clicking it and then closing it, but could anyone set my mind at ease about this? And does anyone have any idea what I should tell my friend to do when I see him? Thanks. Edit: Oh, and if the link is harmful in any way, let me know and I'll remove it from this post to be safe. |
Bussani (14313) | ||
| 724680 | 2008-12-01 11:29:00 | I just got that too from one of my contacts. Seems to be a infection stemming from a Chinese server. | beeswax34 (63) | ||
| 724681 | 2008-12-01 11:43:00 | Another friend just told me that this guy's account has been infected with this for ages and he doesn't even use that account any more, so the infection probably gets into the account itself. Either that or they get your login details and spam this stuff using the account. He says he's clicked the links before and nothing bad has happened to him. |
Bussani (14313) | ||
| 724682 | 2008-12-01 18:51:00 | Has he scanned his system for viruses? | Speedy Gonzales (78) | ||
| 724683 | 2008-12-01 22:16:00 | Has he scanned his system for viruses? No idea, I can't get hold of him at the moment. According to our mutual friend he stopped using the account in question for multiple reasons including this, so I think if there is a virus then it's probably in the account itself, if making a new account was enough to get rid of it and leave the old account still spamming the stuff. |
Bussani (14313) | ||
| 724684 | 2008-12-01 22:28:00 | I would scan it now before using it again I dont think changing the name / account will help. If its on the system it needs to be scanned / fixed |
Speedy Gonzales (78) | ||
| 724685 | 2008-12-02 03:18:00 | That's the thing, I'm not sure if it is on his system. He might have just been tricked by a phishing site into giving up his account details so they could use it to spam ads at his contacts. I think this because I found a list of similar sites that get spammed in this manner and a lot of them are phishing ones apparently. It's interesting that beeswax34 thought it was something to do with a Chinese server, as he uses a Chinese version of Windows I believe. I will tell him to do some scans next time I see him anyway. I've done adware and virus scans on my own machine just to be safe and I don't see anything suspicious in a Hijack This scan either, so I think I'm okay. |
Bussani (14313) | ||
| 724686 | 2008-12-03 05:37:00 | I've noticed in my firewall log that my MSN is connecting an unusual amount to a bunch of IPs, such as 72.66.74.49. Most of them are either Microsoft itself or DNS servers I think, but I don't remember it doing this in the past, and it doesn't do it on my laptop. At the moment it's connecting to 72.66.74.49 once every 20 seconds. |
Bussani (14313) | ||
| 724687 | 2008-12-03 05:48:00 | Looks like it belongs to verizon.net | Speedy Gonzales (78) | ||
| 724688 | 2008-12-03 05:57:00 | Looks like it belongs to verizon.net Yep. Do you think that's normal? It's another telecommunication company like some of the others it connects to. |
Bussani (14313) | ||
| 1 | |||||