Instant Messanger Virus (NEW?) [Archive]

View Full Version : Instant Messanger Virus (NEW?)

Nohosioko

2007-07-09, 02:13

Apperantly theres a new virus going around that steals your username and password for an Instant Messanger (i've only seen it on MSN messenger).

The Virus sends a message similar to "Here are my pictures from my vacation" or "Hey check out some pictures of my workspace" then they'll send a file called "myalbum2007.rar (52KB)". They will aslo somtimes advertise viagra 40% off, or somthing similar to that.

If possable could you guys make it detecable and fixable, so far me and two of my friends have been infected by this virus.

Nohosioko

2007-07-09, 02:35

Sorry for the double post i don't know where the edit button is. EDIT: ok nevermind you can't edit the first post of a thread

after you unzip myablum2007.rar it becomes "photo album-2007.screen saver (52 KB)", oh and sorry I accedently deleted the one I have, I was thinking of openning it with note pad and looking at its code (if thats even possable) and posting it here, with you permission.

tashi

2007-07-09, 04:49

Hello.

In future if you find infected file/s, please zip and send to: detections(AT)spybot.info (Replace AT with @)

Do you have an updated anti virus program installed, and have you confiqured MSN to use that resident AV?

Infections are quite common where file sharing is involved, or when someone sends a live link to a malicious site.

Nohosioko

2007-07-16, 07:27

oh sorry I kinda forgot about this, but anyways since I only have hot mail i can't send you the file, but i've found out where the virus is.

the script file is located at C:\WINDOWS\system32\sysprinters.dll

and the virus file is located at C:\WINDOWS\myalbum2007.rar

tashi

2007-07-16, 08:04

Hello.

Do you have an updated anti virus program installed, and have you confiqured MSN to use that resident AV? ;)

If you still have the infection on the PC, please follow the procedure in this link which includes running an on-line anti virus scan:
"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

Then start your own thread in the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22) A helper will advise you.

Regards. :)

Alotest

2007-08-06, 15:09

After I read this somebody tryed sending me this file. Wierd :P