Picture_dl.exe - beware of viruses being spread via Facebook

 
|

Picture_dl.exe - beware of viruses being spread via Facebook

If you received a notification email from Facebook, notifying you that your friend “SOME FACEBOOK FRIEND” left a new message for you. This seemed to be OK until if you read the message:

“hello ‘USER“, hehe.. you could be tht naughty i didnt know… really hard to see taht from my eyes lol :-)
have a luk urself…
http://www.google.com.id.ewv1g6d2.ij4s0h.2b99df1a.cn/gallery.php?id=dd82hikzt&auth=9490559&cyua=iy2qpfgelm
(click open or run when prompted)”

The contents of the message apeat suspiciously similar to the virus messages. Another look at the URL revealed  that this is not a Google url,

site is:

http://www.google.com.id.ewv1g6d2.ij4s0h.2b99df1a.cn

( CN = China domain )

but a phishing site. If you followed the url, the link goes to a download page of Picture_dl.exe, which is some kind of a virus/worm or spyware.

Tags: , , , , ,
Posted under Bila neagra, Etc, Tech, Web, Windows |

3 Responses to “Picture_dl.exe - beware of viruses being spread via Facebook”

  1. By el_nacho on Aug 15, 2008 | Reply

    @Afro,

    I definitely got this virus but I can’t find the splm folder or the ncsjapi32 file anywhere.

  2. By Afro83 on Aug 9, 2008 | Reply

    delete this file on your computer.
    C:\windows\system32\splm\ncsjapi32.exe
    then search for any instance of picture_dl and delete them too. you are cured.

  3. By razor on Aug 7, 2008 | Reply

    I was half asleep and did click on the link.
    It showed me some sort of e-card greeting and then the system started to semi-crash.

    Running virus scanners now to clear it.
    Hopefully it works. I’ll keep updated.

Post a Comment

Olympics 2008 TV Schedule - NBC TV »
« Paris Hilton Runs for US President, Video Responds to McCain Ad