I havn’t yet figured out exactly what this virus is. I think it may be more along the lines of a spyware/adware program than anything else, but it reproduces so quickly that I suspect it may have worm tendencies.
It spreads using AOL Instant Messenger. It might use other programs but so far I can only follow it through AIM. It sends a copy of itself using a link asking people to click it.
EDIT: Link removed by moderator
That is a link to the program. Surprisingly, it’s hosted on a legitimate company’s website, narprail.org. I have dispatched an email to their customer service using their “Contact Us” form to inform them of this file. Hopefully it’s not their own tech guy hosting it.
Can anyone here help me figure out how to tell my contacts about how to remove this program? I am currently not infected because I see these types of things all the time and I know how to avoid them. However, neither avast nor adaware recognizes this file as dangerous, so I don’t know how to clean it off an infected system.
To Strygun: Can you send the file to Alwil for analysis and to include it into next virus database update? (virus (at) avast.com)
To Alwil: Could you protect us from this?
Unfortunatly I have already deleted this file. I found a stinger for this virus on McAfee’s website and used that. However, could you not get the information needed to defend against this worm from Symantec or McAfee?