1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Msn Wode virus removal

Discussion in 'Virus & Other Malware Removal' started by Raze, Sep 22, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. Raze

    Raze Thread Starter

    Joined:
    Sep 22, 2004
    Messages:
    3
    1. press cntrl + alt + delete to get the task manager. click the "processes" tab and close these files: moniker.exe, syslray.exe, hkt1.dll

    2. go to the start menu. click on "run." once its open type in regedit

    3. under the regedit window, use the explorer to the left to open HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

    4. find and delete realone_nt2003, realone_2004

    5. find the c:\windows\system32\ folder on your comp. Delete moniker.exe, syslray.exe, and hkt1.dll

    6. close msn messenger via the system tray and re-open.

    --

    Lemme know of any suggestions or problems w/this solution.
     
  2. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    Hi Raze

    Welcome to TSG! :)

    Are you saying that you are infected with this? :confused:
     
  3. Raze

    Raze Thread Starter

    Joined:
    Sep 22, 2004
    Messages:
    3
    Hey flrman1 and TSG forum,

    Thankfully I've not been infected by the wode virus. I've recieved about 20 complaints from my MSN buddy list from Europe, Latin America, and the MidEast. Deducing from my contact list, it doesn't appear that the virus has spread to the US region yet. The benign virus simply attaches the following message to a host computer's MSN Messenger messages (** WARNING** DO NOT FOLLOW LINK, IT LEADS TO ACTIVE VIRUS): "如果您寂寞、空虛...http://www.xf2s.com/msn/wode.jpg&#3...#22899;優]" The link is of a jpeg featuring a chinese celebrity of some sort, and of course, the virus.

    Here is the fault that the virus exploits:

    http://www.microsoft.com/security/bulletins/200409_jpeg.mspx
    "September 2004 Security Update for JPEG Processing (GDI+)
    The GDI+ security update for September 2004 addresses newly discovered issues in JPEG processing technology. This issue affects software that supports this image format, including some versions of Microsoft Windows, Microsoft Office, and Microsoft developer tools. If you have any of the listed software installed on your computer, you should install the related update."

    I found the solution and description on http://linkopedia.245corp.com/virus-msn-wode-moniker.htm and used common sense to translate it into english.

    Ramy Alani
     
  4. gata_negra

    gata_negra

    Joined:
    Sep 20, 2004
    Messages:
    8
    With this info now i know how to help my contacts without doing so many steeps, altough is good to know both ways.

    Thanks for posting the links.
     
  5. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
  6. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/277000

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice