[ale] odd virus

[Jay Loden]

I realize this is an oldish topic, but I figured it was worth replying 
anyway...

I run an antivirus tool specific to AIM/IM viruses called AIMFix. It removes 
thousands of virus variants, including the one sent to you by your niece. 

Unfortunately, while this may be the first one you've seen, they're far from 
unusual - I've been removing these since 2003 and they've shown no signs of 
slowing. In fact, they've become even mroe common. They are normally adware 
downloaders/spyware installers and usually also include an IRC bot for 
backdoor access. More recent ones are also including rootkits to make them 
almost indetectable via the usual means.

Anyway, you can send your niece to http://jayloden.com/aimfix.htm or just have 
her download AIMFix directly from http://jayloden.com/AIMFix.exe to remove 
the virus and clean the system. In case you're not the trusting type, you can 
take a look at the users page - http://jayloden.com/users.htm - for a list of 
dozens of Universities that use AIMFix, and I've also received the SoftPedia 
"Free&Clean" award for being free of malware three times in a row.

To bring this back on topic...AIMFix is all cross-compiled under Linux using 
mingw, and I do all of my development with vim, cvs and scons. See? It 
involves Linux!

-Jay

On Thursday 22 December 2005 08:59 am, Sean Kilpatrick wrote:
> Just for the record, there is a virus spreading around that
> uses IM to spread the infection.  I haven't seen one like it before.
> I got what follows from a slightly naive/spacey niece who is
> just the sort of person to send out a message like this for real!
> That is, I got fooled and was saved only because this is a linux
> box and it doesn't know what to do with a pif file.
> If I had been paying better attention I might have noticed that the
> time stamp makes no sense as she is in France right now -- at least a
> five hour time difference.