batch file that removes the virus: http://www.scriptmarket.co.uk/msnVirusRemoval.zip (download, extract and run, thanks to Billy)

Or so i guess.. it tries to send you a file named “photo album.zip“, it seems like this:

contact says:
HEY lol i’ve done a new photo album !:) Second ill find file and send you it.

contact sends:

photo album.zip (24 KB)

* You have failed to receive file “photo album.zip” from contact.

The contact went offline too soon, i wasn’t able to check the content of the file.. i guess it’s a virus because the contact is italian and has no clue about english

EDIT: IT IS A MSN MESSENGER VIRUS FROM CHINA..

There is a CSIRT (Chinese Internet Security Response Team) solution which site is currently offline but check here: http://www.cisrt.org/enblog/read.php?62 so i’m posting the solution under here:

SOLUTION

1. Delete these registry entries:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
ShellServiceObjectDelayLoad]
“rdfhost”
“rdihost”
“rdshost”

(start -> run -> write “regedit” (no quotes), surf trough the directory list on the left and find those files on the right)

2. Restart WINDOWS

3. Delete these files:
%Windows%\photo album.zip
%System%\rdfhost.dll
%System%\rdihost.dll
%System%\rdshost.dll

(you can do this from the command prompt: start -> run -> cmd, del “file” (with quotes) or just find those files in my computer)

Enjoy your chats