MSN virus... (1 Viewer)

[Jonny90]

P_Dilemma dat guy talking shit

 

[Jonny90]

P_Dilemma dat guy (iamsickofyear12) talking shit........
I will explain to you how to get rid of the msn virus............

 

[Jonny90]

P_Dilemma dat guy (iamsickofyear12) is talking shit........
I will explain to you how to get rid of the msn virus............

 

[KickXSwitch]

Simple solution posted on http://mess.be

Thought all Messenger worms were rooted out? Think again, they're still running rampant. Recent reports include a worm that spreads by the imageXX.zip filename (eg. image13.zip) and drops rpmsvc.exe when the imageXX.JPG-www.photobucket.com inside the zip file is executed. The file transfer is usually preceded by one of the following messages:

This picture isnt you... right?
newest pics for ya
hey did i ever show you this picture of me?
is it ok if I add this pic to my new slideshow?
can i up some of these pics of ya to my myspace profile?
Wow i think i found your pic on myspace!
hah I think I found an old pic of us!
haha lets hope your parents dont see this picture of you
you care if i put this pictuer of you in my new album?
OMFG!!!!!!!!
wow! look at this old picture i found
sorry about the messup i fixed the pic! Try it one more time pz
is this pic tooo sexy for photobucket??
>> You can find a complete list here.

If you're one of the unfortunate victims that accepted the transfer and opened it, here are the removal instructions:

1) Run regedit.exe and delete the following registry entry:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"Remote Terminal Service" = "rpmsvc.exe "

2) Restart Windows.

3) Delete the virus files:

%System%\rpmsvc.exe (Read-only, System, Hide attribute)
%temp%\imageXX.zip

Another worm dubbed Warezov.* (or Stration) is spreading through the following link: http://.ladetuirunhandesuijin.com/ar31/49 (Don't click the link) and triggers the download of photo.exe. So whatever you do, don't!

[Source: C.I.S.R.T.]

 

[chemicalex]

www.mess.be