Thursday, April 17, 2008

HELP!!!

To our family and friends out there,

I just use Yahoo Messenger to talk to a family member, and when I do I use my wife's YM account. Tonight I was amused when I received this message in the INBOX:

"Loi em noi cho tinh chung ta, nhu doan cuoi trong cuon phim buon. Nguoi da den nhu la giac mo roi ra di cho anh bat ngo... http://nhatquanglan.xlphp.net"

"Tra lai em niem vui khi duoc gan ben em, tra lai em loi yeu thuong em dem, tra lai em niem tin thang nam qua ta dap xay. Gio day chi la nhung ky niem buon... "

It read like a foreign language or a coded message. I took the path of lesser resistance and assumed that it's a foreign language (ang hirap mag break ng coded message).

That's why I googled the whole paragraph.

It turned out that it's a sweet, Vietnamese Poem. Translated in english it means...

"Give me back the happiness of when i'm next to you.
Give me back the words I love you.
Give me back the memories we've built these years gone by.
Now, it's just sad memories."

when GOOGLE came up with dozens of pages with almost similar vietnamese lines, quoted in verbatim, I knew I'm in deep crap because that's the hallmark of a MALICIOUS PROGRAM!

True enough, I found this blog...

http://blog.norfaiz.com/

and it contains this entry...

"W32.Svich is a worm that spreads through Yahoo! Messenger and by copying itself to all drives. It also downloads potentially malicious files and lowers security settings on the compromised computer.

Category: Worm

Risk Level: Low

Related Files and Process:

* %System%\autorun.ini
* %System%\SSVICHOSST.exe
* %Windir%\Tasks\At1.job
* %Windir%\SSVICHOSST.exe
* [DRIVE LETTER]:\New Folder.exe
* [DRIVE LETTER]:\SSVICHOSST.exe
* %System%\check01.exe
* %System%\check02.exe
* %System%\check03.exe

Symptoms: This worm can send these messages to its contact:

* E may, vao day coi co con nho nay ngon lam [http://]nhatquanglan1.0catch.com
* Vao day nghe bai nay di ban http://nhatquanglan1.0catch.com
* Vao day nghe bai nay di ban http://nhatquanglan1.0catch.com
* Biet tin gi chua, vao day coi di http://nhatquanglan1.0catch.com
* Trang Web nay coi cung hay, vao coi thu di http://nhatquanglan1.0catch.com
* Toi di lang thang lan trong bong toi buot gia, ve dau khi da mat em roi? Ve dau khi bao nhieu mo mong gio da vo tan… Ve dau toi biet di ve dau? “http://nhatquanglan1.0catch.com”
* Khoc cho nho thuong voi trong long, khoc cho noi sau nhe nhu khong. Bao nhieu yeu thuong nhung ngay qua da tan theo khoi may bay that xa… http://nhatquanglan1.0catch.com
* Tha nguoi dung noi se yeu minh toi mai thoi thi gio day toi se vui hon. Gio nguoi lac loi buoc chan ve noi xa xoi, cay dang chi rieng minh toi… http://nhatquanglan1.0catch.com
* Loi em noi cho tinh chung ta, nhu doan cuoi trong cuon phim buon. Nguoi da den nhu la giac mo roi ra di cho anh bat ngo… http://nhatquanglan1.0catch.com
* Tra lai em niem vui khi duoc gan ben em, tra lai em loi yeu thuong em dem, tra lai em niem tin thang nam qua ta dap xay. Gio day chi la nhung ky niem buon… http://nhatquanglan1.0catch.com

Source: Symantec"

I have no idea what the rest of the vietnamese message says. I'm sure it's beautiful... And I DON'T GIVE A FLYING F@c&

I just want to know the easiest way to remove this worm from the laptop's system. so

HELP!!!


PLEASE TAKE NOTE OF THIS:

If you USE Yahoo! Messenger
And you receive a Message in VIETNAMESE from a Loved One whom you know does not speak the language,
DO NOT OPEN IT!!!

4 comments:

Rudy said...

Pards, the best solution is to reformat your hard drive to rid yourself of this pest. Anti virus programs can only do so much...

tin-tin said...

lagi ako nakakareceive nyan. dinedelete ko lang. sorry, i don't know how to help

atticus said...

kung ako ang tatanungin mo...walang pag-asa. parang inutusan mo akong magluto ng adobo.

ask angel. she's my pc angel. she's my expert. she's my go-to girl.

just don't tell her i said that. walang humility ang batang iyon.

beatburn said...

kawawa naman pc mo.

right reformatting is a good suggestion. then make partitions in your hardrive one for programs and one for your files.

use a good antivirus software like kaspersky or norton.

Letters to my kids about their childhood adventures



To Sage, Sabe, Sade & 3Stan

To Sage, Sabe, Sade & 3Stan
WELCOME!