Apparently there's a new virus spreading through MSN Messenger called W32/Sumom-A, or W32/Crog.worm, or W32.Serflog.A.

Info: http://www.sophos.com/virusinfo/analyses/w32sumoma.html

If you check out the "Advanced" tab of that page, you'll see that the virus actually tries to pose as MsgPlus (Messenger Plus! 3.50.exe)...

More info...
- http://home.businesswire.com/portal/site/google/i...005979&newsLang=en
- http://www.computerworld.com/securitytopics/secur...801,100264,00.html

Someone in my family actually downloaded this virus, and I couldn't identify it until just now. Fortunately it didn't do any damage because it wasn't executed under an admin account, this PC is pretty secure, and I noticed it right away.

also.........

quote:

---

OMG this is... a virus!
OMG this is... a virus!
dwergs says:
     

Judging from the reports, a probable new Bropia variant [see UPDATE #3] is spreading over MSN Messenger like wildfire. If you receive a message similar to: "omg this is funny!" followed by a hyperlink to cute.pif (located at a random domain) do NOT click the link and inform the sender he or she is infected. You can take it as a general rule never to accept or click .pif files.

UPDATE: Sorry for double-posting this. Like Sean advised: "All messers should make sure their anti-virus software is up-to-date."

UPDATE #2: Kara reported the following variation to the message sent: "[domain.com/subdirectory/]omg.pif lol! see it! u'll like it"

UPDATE #3: Yup, it's a Bropia. T, this time, but the breed is better known as Kelvir.a. The text from UPDATE #2 is Kelvir.b. And a third one, Kelvir.c is sending parishilton.pif.

UPDATE #4: The one that comes with the message "haha look at us [domain.net]youandme.pif" is, surprisingly, called W32/Kelvir-D.

[Reported by: Adam, kinky_master!, Mwe99 & TML. And for the updates: Kara, Mr_Nitty, Crucio, Erik and lil't]

---

Stupid ass virus ppl trying to pose as 3.50. WTF is their problem. what does it say when someone gives u the message in msn? Is it a link or an actual file download?

its a download file

Thanks For The Info

Appreciate it!!

No One should EVER get Messenger Plus! off of P2P anyway, its just too unsafe.

blah i just find it amazing that the's things work and are spreading because of how hard it is to get the file like you have to
click on the link
download the file
open the file

too much hard work.

This will give MsgPlus a bad Reputation....

too many virus goin around msn network.. i myself got this one of someone who i have deleted some weeks ago of my list.. but u didnt blocked.. when i got the file i just said : "virus" .. and closed the window.. damn virus!!

.--------------------------------------------------------------------.
| Session Start: Wednesday, March 09, 2005                |
| Participants:                                                                |
|    ...then, you're a part of my imagination (xxx@hotmail.com) |
|    xxx@hotmail.com (crazcat12@hotmail.com)               |
.--------------------------------------------------------------------.
[03:52:33 AM] You have failed to receive file "The Cat And The Fan
              piccy.pif" from crazcat12@hotmail.com.
[03:52:37 AM] You'll become real w: viruuus

Yea, i got the virus today, but i quickly made a full virus scan in my computer and found like 10 files of w32.summon-A.. I have no idea how i got the virus, but it deleted everything luckily. This is going to affect Msgplus!

I'm hoping that there is an end to this MSN Messenger virus madness in sight.  Patchou should appeal to Neowin and other sources to publish warnings about MsgPlus 3.50 not being released yet and the virus impersonating it.