MSN variant of the worm is still updating daily.
We now have a new one. The file name is “imageXX.zip” (XX is random digital, as image41.zip). In the. Zip, is a. Com file “imageXX.JPG-www.photosmart.com” (XX is random digital, as image41.JPG-www.photosmart.com). Make sure these files.
The collection of this variant through the mail. Zip to your contact list in MSN:
Filename: imageXX.zip (imageXX.JPG-www.photosmart.com)
Size: 60,928 bytes
MD5 hash: b18cc1ed9eac567af78e58f769b2e813
Detection: Trojan-Downloader.Win32.Injecter.n (Kaspersky)
Details:
(1) Drop the zip file and copy in the following folder.
%System%\nvsvc64.exe
%temp%\XX.exe
%temp%\imageXX.zip (XX is random digitals, for example, “image41.zip”)
(2) Adds the following registry keys.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
“nVidia Display Driver” = “nvsvc64.exe”
(3) Sends out the messages.
This picture isnt you… right?
Wow i think i found your pic on myspace!
hah I think I found an old pic of us!
haha lets hope your parents dont see this picture of you
hey did i ever show you this picture of me?
is it ok if I add this pic to my new slideshow?
can i up some of these pics of ya to my myspace profile?
you care if i put this pictuer of you in my new album?
sry about the messup i fixed the pic! Try it one more time pz
is this pic tooo sexy for photobucket??
wow I just dyed my hair… You will never believe the color it is now. lol And dont laugh
my crazy sister wants u to see these pics for some reason… take a look
OMFG!!!!!!!!
wow! look at this old picture i found….
wanna see this pic of my Boobs?
Can i put this pic of you into my new myspace album?
Take a look at the new pics already! :p
I cant believe they wanted me to upload this picture to facebook lol. Its terrible. Like my outfit tho?
Lmfao hey im sending my new pictures! Check em out!
I’ve been editing some pics you should def see em loL! accept
Can you believe somone actually wears this size bra? I could use it for a Tent.
haha, this guy up my street just slammed his $90k car into a telephone pole! I got a pic of it with my cellphone
dude i just got these pictures off my digital for you! Gimme a moment to find em and send
Wanna see my pics before i send em to facebook?
do you think this picture is too kinky for Myspace?
OMG just accept please its only some pics!!
Hey accept my pictures, i got a bunch from when i was like a toddler :X
I think this picture is terrible. but my friends on myspace want to see it. please dont show noone.
Hey just finished new myspace album!theres a few kinky ones in there!
OMG, i found ur pic on cuteornot.com! Check it out!!!
Have you seen me Naked Yet
ok, I DO NOT like my new hair color.. but people on facebook do. what do you think? And no laughing! lol
hey you got a myspace album? anyways heres my new myspace album
do I look dumb in this picture? I want to put it on myspace.
hey man accept my pics.i just edited it to look maad funny..
Dude i found your picture on hotornot.com! Take a look!
How to remove?
STEP 1
Delete registry entry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
“nVidia Display Driver” = “nvsvc64.exe”
STEP 2
Restart WINDOWS
STEP 3
Delete virus files:
%System%\nvsvc64.exe
%temp%\imageXX.zip
%temp%\XX.exe
