Worm spreading using MSN Messenger "W32.Scrimge.A"

If a message of English sentence arrives suddenly from the person who usually talks in Japanese, it might be better to doubt it.

this isMSN Messenger(Or Windows Live Messenger) spreading worm "W32.Scrimge.A"It seems to be because it is because it was found, once infected with this worm, members in the member list of their own have English messages and the worm body entered"Img1756.zipIt will send an attachment file named.

Details are as follows.
W32.Scrimge.A - Symantec.com Technical Notes

Once this "W32.Scrimge.A" is executed, it rewrites the registry of the infected PC, and after that it uses port 1863 to access the domain called vpn.basecore.info and adds it to the member list of MSN Messenger In order to receive an instruction concerning the operation such as the following English message and an "img 1756.zip" containing the worm body, update the self, and download another file etc. It seems to be.

* Look @ my cute new puppy: - D
* Look @ this picture of me, when I was a kid
* I just took this picture with my webcam, like it?
* Check it, i shaved my head
* Have u seen my new hair?
* What the fuck, did you see this?
* Hey man, did you take this picture?

Symantec has set this worm as risky 1 (almost unaffected), but it may be because it does not destroy the machine itself. However, considering the possibility of subspecies appearing and the infectious power, there seems to have been no caution. And if infected, see the link below for disinfection methods.

W32.Scrimge.A - Symantec.com Extermination method