What happened to the Messenger Plus! forums on msghelp.net?
Shoutbox » MsgHelp Archive » Skype & Technology » Skype & Live Messenger » New Virus: W32/Sumom-A

Pages: (2): « First [ 1 ] 2 » Last »
New Virus: W32/Sumom-A
Author: Message:
WDZ
Former Admin
*****

Avatar

Posts: 7106
Reputation: 107
– / Male / Flag
Joined: Mar 2002
O.P. New Virus: W32/Sumom-A
Apparently there's a new virus spreading through MSN Messenger called W32/Sumom-A, or W32/Crog.worm, or W32.Serflog.A.

Info: http://www.sophos.com/virusinfo/analyses/w32sumoma.html

If you check out the "Advanced" tab of that page, you'll see that the virus actually tries to pose as MsgPlus (Messenger Plus! 3.50.exe)... :dodgy:

More info...
- http://home.businesswire.com/portal/site/google/i...005979&newsLang=en
- http://www.computerworld.com/securitytopics/secur...801,100264,00.html

Someone in my family actually downloaded this virus, and I couldn't identify it until just now. Fortunately it didn't do any damage because it wasn't executed under an admin account, this PC is pretty secure, and I noticed it right away. :p

This post was edited on 03-09-2005 at 04:59 PM by WDZ.
03-08-2005 10:51 PM
Profile PM Web Find Quote Report
toddy
Veteran Member
*****

Avatar
kcus uoy

Posts: 2573
Reputation: 49
– / Male / Flag
Joined: Jun 2004
RE: New Virus: W32/Sumom-A
also.........

quote:
OMG this is... a virus!
OMG this is... a virus!
dwergs says:
     

Judging from the reports, a probable new Bropia variant [see UPDATE #3] is spreading over MSN Messenger like wildfire. If you receive a message similar to: "omg this is funny!" followed by a hyperlink to cute.pif (located at a random domain) do NOT click the link and inform the sender he or she is infected. You can take it as a general rule never to accept or click .pif files.

UPDATE: Sorry for double-posting this. Like Sean advised: "All messers should make sure their anti-virus software is up-to-date."

UPDATE #2: Kara reported the following variation to the message sent: "[domain.com/subdirectory/]omg.pif lol! see it! u'll like it"

UPDATE #3: Yup, it's a Bropia. T, this time, but the breed is better known as Kelvir.a. The text from UPDATE #2 is Kelvir.b. And a third one, Kelvir.c is sending parishilton.pif.

UPDATE #4: The one that comes with the message "haha look at us [domain.net]youandme.pif" is, surprisingly, called W32/Kelvir-D.

[Reported by: Adam, kinky_master!, Mwe99 & TML. And for the updates: Kara, Mr_Nitty, Crucio, Erik and lil't]
03-08-2005 10:54 PM
Profile PM Find Quote Report
~INVASION~
Veteran Member
*****

Avatar

Posts: 1094
Reputation: 29
36 / Male / Flag
Joined: May 2004
Status: Away
RE: New Virus: W32/Sumom-A
Stupid ass virus ppl trying to pose as 3.50. WTF is their problem. what does it say when someone gives u the message in msn? Is it a link or an actual file download?
{WindowsLive Butterfly ~ 2006 - 2009}
03-08-2005 10:56 PM
Profile PM Find Quote Report
Hank
Banned


Posts: 3129
Reputation: 5
– / – / Flag
Joined: Nov 2003
Status: Away
RE: New Virus: W32/Sumom-A
its a download file
03-09-2005 12:49 AM
Profile PM Find Quote Report
albert
Veteran Member
*****

Avatar

Posts: 2247
Reputation: 42
– / Male / Flag
Joined: Feb 2005
RE: New Virus: W32/Sumom-A
Thanks For The Info :)

Appreciate it!! ;-)
03-09-2005 03:42 AM
Profile E-Mail PM Web Find Quote Report
Dane
Non-Elite Member
*****

Avatar
Dont ask to ask, just ASK!

Posts: 1621
Reputation: 52
35 / Male / Flag
Joined: Dec 2002
Status: Away
RE: New Virus: W32/Sumom-A
No One should EVER get Messenger Plus! off of P2P anyway, its just too unsafe.
03-09-2005 09:16 PM
Profile PM Web Find Quote Report
-dt-
Scripting Contest Winner
*****

Avatar
;o

Posts: 1819
Reputation: 74
36 / Male / Flag
Joined: Mar 2004
RE: New Virus: W32/Sumom-A
blah i just find it amazing that the's things work and are spreading because of how hard it is to get the file like you have to
click on the link
download the file
open the file

too much hard work.
[Image: dt2.0v2.png]      Happy Birthday, WDZ
03-09-2005 10:53 PM
Profile PM Web Find Quote Report
Purity
Veteran Member
*****

Avatar
AngelFuck

Posts: 1348
Reputation: 38
34 / Female / –
Joined: Aug 2004
RE: New Virus: W32/Sumom-A
This will give MsgPlus a bad Reputation:dodgy:....
[Image: puritysig8.jpg/]
www.purity.toastednet.org
03-09-2005 11:07 PM
Profile E-Mail PM Web Find Quote Report
Fredzz
Full Member
***

Avatar

Posts: 409
Reputation: 12
37 / Male / –
Joined: Apr 2004
Status: Away
RE: New Virus: W32/Sumom-A
too many virus goin around msn network.. i myself got this one of someone who i have deleted some weeks ago of my list.. but u didnt blocked.. when i got the file i just said : "virus" .. and closed the window.. damn virus!!

.--------------------------------------------------------------------.
| Session Start: Wednesday, March 09, 2005                |
| Participants:                                                                |
|    ...then, you're a part of my imagination (xxx@hotmail.com) |
|    xxx@hotmail.com (crazcat12@hotmail.com)               |
.--------------------------------------------------------------------.
[03:52:33 AM] You have failed to receive file "The Cat And The Fan
              piccy.pif" from crazcat12@hotmail.com.
[03:52:37 AM] You'll become real w: viruuus

This post was edited on 03-10-2005 at 12:35 AM by Fredzz.
Fredzz rox00rz
03-10-2005 12:32 AM
Profile E-Mail PM Find Quote Report
Lt.Col.DraGon
Full Member
***

Avatar

Posts: 437
Reputation: 8
35 / Male / Flag
Joined: Apr 2004
RE: New Virus: W32/Sumom-A
Yea, i got the virus today, but i quickly made a full virus scan in my computer and found like 10 files of w32.summon-A.. I have no idea how i got the virus, but it deleted everything luckily. This is going to affect Msgplus!
03-10-2005 02:03 AM
Profile PM Web Find Quote Report
Pages: (2): « First [ 1 ] 2 » Last »
« Next Oldest Return to Top Next Newest »


Threaded Mode | Linear Mode
View a Printable Version
Send this Thread to a Friend
Subscribe | Add to Favorites
Rate This Thread:

Forum Jump:

Forum Rules:
You cannot post new threads
You cannot post replies
You cannot post attachments
You can edit your posts
HTML is Off
myCode is On
Smilies are On
[img] Code is On