Malware foto049.com

[assalychris]

Greetings all,

Someone I know is sending me this e-mail:

>>

Images from this sender are always displayed. Don't display from now on.

hide details 9:32 AM (37 minutes ago)

9:32:08 AM Fotos 27/06 :

Imagens anexadas: DSC_0442.jpg - DSC_0443.jpg - DSC_0444.jpg

Videos Hotmail.com: www.hotmail.com/videos

<<

And when you click on the pictures of course you download some malware called foto049.com

So I am trying to help this person out; here is what I know from the file:

It is downloaded from http://vfoto.fromru.su/foto049.com

It's size is 136 KB

Affecting Windows XP (not sure about Vista) so maybe I should have posted elsewhere o.O

This malware is sent daily to people on his contact list.

Any idea folks?

Thank you!

[CrashG]

Sounds like he is infected and it's hijacked his contact list.

The only way to stop it is:

1) Block his emails

2) Have him get rid of the virus/malware on his coumpter that's causing it.

Avast or Avira

Malwarebytes Anti-Malware and/or SuperAntiSpyware

[assalychris]

Sounds like he is infected and it's hijacked his contact list.

The only way to stop it is:

1) Block his emails

2) Have him get rid of the virus/malware on his coumpter that's causing it.

Avast or Avira

Malwarebytes Anti-Malware and/or SuperAntiSpyware

Thank you for your help.

In my opinion it would be best to create a new e-mail address as well after he cleaned his PC. Any other thoughts?

[greythorne]

Greetings all,

Someone I know is sending me this e-mail:

>>

Images from this sender are always displayed. Don't display from now on.

hide details 9:32 AM (37 minutes ago)

9:32:08 AM Fotos 27/06 :

Imagens anexadas: DSC_0442.jpg - DSC_0443.jpg - DSC_0444.jpg

Videos Hotmail.com: www.hotmail.com/videos

<<

And when you click on the pictures of course you download some malware called foto049.com

So I am trying to help this person out; here is what I know from the file:

It is downloaded from http://vfoto.fromru.su/foto049.com

It's size is 136 KB

Affecting Windows XP (not sure about Vista) so maybe I should have posted elsewhere o.O

This malware is sent daily to people on his contact list.

Any idea folks?

Thank you!

I got this email from a friend of mine too. I clicked on one of the attachements and downloaded to my folder. I downloaded while having Malwarebytes and Avira running but both did not detect it being a malware.....

So my system is infected or not? Maybe a sealth malware??

P.S. ran a full scan using both programs did not detect anything unsual.

[soldier1st]

he should change his password once the pc has been cleaned out. also you could try a-squared and windows defender. also when you launch the downloaded file open process explorer and see what the pc is doing so perhaps it may be a cloaked malware also you could try spyware doctor starter edition.

[CrashG]

Here's a list of AV's and which ones detected it: http://www.virscan.org/report/094f67c2133c...13d24f96be.html

[kimsland]

I downloaded while having Malwarebytes and Avira running but both did not detect it being a malware.....

So my system is infected or not? Maybe a sealth malware??

P.S. ran a full scan using both programs did not detect anything unsual.

Here's a list of AV's and which ones detected it: http://www.virscan.org/report/094f67c2133c...13d24f96be.html

So Avira does detect it as "TR/Dldr.Delphi.Gen"

Please follow this guide in full: Viruses/Spyware/Malware Removal Guide