My girlfriend caught a virus using live messenger recently on my laptop that prevents her from receiving messages, and spams all of her contacts with an inticing message to look at some pic with a link that when clicked infects their computers with the virus. Running McAfee antivirus detects the virus in the file berikeki.dll and removes it, however, it comes back when restarting Windows or Messenger.
I would like the McAfee Antivirus team to update the McAfee Antivirus to enable it to properly/permantly remove this virus.
What is the status on this issue? Is anyone on the anti-virus team working on this?
Here's another example:
This is the ugliest picture I've ever seen in my entire lfe! You've got to see it. hxxp://img049.dlimageshack.info:89/img049/3741/DSC-NewPhoto003.JPEG.xxx
Message was edited by: Samantha Price - link edited on 21/01/10 04:59:00 CSTMessage was edited by: Mark (secured2k) live malware link removed on 1/21/10 2:30:55 PM EST
Please do not post live links to malware on this site. If someone accidentally clicks on them they risk infecting their machine too.
Our sample submission process is staed on the webpage I mentioned above.
The previous malware links are detected by Artemis and have many aliases. One of the more common ones is "VBInject" or "Injector". Chances are the file that is being detected and removed is being downloaded again by another program or module hiding inside a legitimate program. As Samantha Price stated before, the best way to get a sample to McAfee for an extra.dat and future detection in the main DAT set is to submit the questionable file to McAfee WebImmune.