MSN Messenger Windows Live Messenger Virus/Trojan on the loose. There have been several over the years, but this one seems to be quite popular. The virus basically sends a random message to people in your contacts, with messages like “haha lets hope your parents dont see this picture of you” or “I’ve been editing some pics you should def see em lol!”. The contact will also try to send you a .zip file called ImageXX.zip (where XX is a random number, e.g. “image08.zip”).
If you happen to download the file and open it, you’ll see a file called “imageXX.JPG-www.photobucket.com” or “imageXX.JPG-www.imageshack.com”. Now on first glance it looks like an image that someone downloaded from photobucket.com or imageshack.com. It’s not. The file has a .com extension which is an executable file. Basically if you open it, it attaches itself to your Windows Live Messenger and sends itself to your contacts. If you look at the Chinese Internet Security Response Team website, it says that the virus adds these files to your computer:
- % System%\mdn.exe
- % temp%\imageXX.zip (XX is random digitals, e.g. “image08.zip”)
And adds the following registry keys:
“Machine Debug Mgr” = “mdn.exe”
Your best bet would be to close Windows Live Messenger, delete the above registry keys, restart your computer and then delete the above files. And don’t forget to warn the contact that sent you the virus.