Sunday, July 15, 2007

Internet: back with another redirection

Same as before, two files, two sites. Same files, different target of redirection link. Looks like some people are persistent. Possible messages of the infected redirection you might see ( replaced the actual url):

  1. :D who is beside you in this pic so good-looking
  2. ;) 1 of my vacation pictures <:-P
  3. hot pics this week :x
  4. ;) 1 of my vacation pictures <:-P
  5. Screenshot of my new Ipod so cool :D
  6. Images shot in Iraq _ The war will never end << :(
  7. :)) I won an iPhone. You will never believe it :O <<
  8. never click into the links like something in this image #:-S !!!
  9. :( the page cannot be displayed Something was wrong !!! Check it again and tell me later. THanks
  10. My pics b-( <<
  11. New game ;;) sexy beach 3 (man only) !!
  12. Do you realize who is in this image: . Just think for a moment and tell me soon ;))

The dude disabled the adbrite click code, but still... he spreads the worm determinated to do something with it. Let's hope the antivirus programmers this time "get the message" and try wipe it out.
The results of the executables, YMworm.exe and worm2007.exe can be viewed here

It sets your home page as

Try clean it with Cwean Antimalware Package, I believe it can do wonders for some infections.

No comments: