user13774
Disabled Account
Posts: 1119
Joined: Apr 2003
Status: Away
|
RE: Webcam_015.pif -- Virus??
From mess.be:
quote:
WARNING: Bropia.A, a new MSN Messenger worm on the loose!
Based on numerous reports from messers, a new virus seems to be propagating itself rapidly through MSN Messenger.
F-Secure identifies the worm as Bropia.A, other antivirus software (like including Kaspersky) labels it IM-Worm.Win32.VB.a.
When received and executed by the victim, the worm places itself in the C directory with a random filename like:
sexy_bedroom.pif
drunk_lol.pif
naked_party.pif
webcam_(random number).pif
love_me.pif and similar looking names.
It then automatically sends itself to active MSN Messenger contacts. It also drops and executes oms.exe, a variant of Rbot, which copies itself as lexplore.exe and adds two registry keys so it will be executed at next system startup. The bot can be used as a backdoor, logging keystrokes, relaying spam and for various other purposes and is therefor a huge security threat to your system. Brobia.A can also disable mouse right button and manipulate Windows mixer volume settings.
![[Image: attachment.php?pid=365280]](http://shoutbox.menthix.net/attachment.php?pid=365280)
If you receive a file transfer request for such a file, press ALT-D or click Decline. Don't ever execute the file. If you did, delete the file immediately and permanently from your system (My Received Files and C drive) and take necessary security measures. For more information, visit F-Secure.
 Attachment: bropia-a-worm.gif (1.85 KB)
This file has been downloaded 429 time(s).
|
|
