Shoutbox

I was just sent this

Mnjul Edit: Attachment removed for it contains link to (possible) virus

i clicked the link and it sent me to download the shown file...  just a warning

Thank you for reporting this.  I have forwarded this file to Symantec Security Response, Microsoft OneCare and McAfee WebImmune and will let you know what happens.

Glad to be a help.

Can i ask a few questions on the virus please?

- Did your contact see the message too?
- Did he accidentally send it?
- Is anyone else having it? (It could be just his PC)
- Was he a close contact or just random pop up?

Thanks

quote:

---

Originally posted by mwe99
Can i ask a few questions on the virus please?

- Did your contact see the message too?
- Did he accidentally send it?
- Is anyone else having it? (It could be just his PC)
- Was he a close contact or just random pop up?

Thanks

---

- Not sure, she wasn't home when it was sent
- Yeah.. i guess, she didn't mean to because her messenger at home is locked and she was with me
- No clue
- ex-girlfriend

quote:

---

Originally posted by jow cool

quote:

---

Originally posted by mwe99
Can i ask a few questions on the virus please?

- Did your contact see the message too?
- Did he accidentally send it?
- Is anyone else having it? (It could be just his PC)
- Was he a close contact or just random pop up?

Thanks

---

- Not sure, she wasn't home when it was sent
- Yeah.. i guess, she didn't mean to because her messenger at home is locked and she was with me
- No clue
- ex-girlfriend

---

Haha... ex-girlfriend ... Of course ... I guess if she was with you she didn't do it on purpose lol... Just kidding of course... But I'll make sure I watch out for something like that... Thanks for reporting!

quote:

---

Originally posted by McAfee WebImmune

Virus Research Analyst - Tokyo Japan: T. Goto
Identified: W32/Sdbot.worm.gen

---

You're infected with W32.SDBOT.Worm.Gen, according to McAfee.  Symantec has yet to return my email, along with Windows OneCare.

Install this EXTRA.DAT (Unzip it first) in your McAfee Program Files directory to get protected from this threat.

I didn't download the file, but thanks for that, I downloaded it anyways
EDIT: that sounds confusing, I downloaded YOUR file, but not the VIRUS

quote:

---

Originally posted by jow cool
I didn't download the file, but thanks for that, I downloaded it anyways

---

it's always better to be safe. You might have not accepted the file, but it could have already started downloading

quote:

---

Originally posted by Symantec Security Response

We have analyzed your submission.  The following is a report of our
findings for each file you have submitted:

filename: IMG000583.com
machine: HOME
result: This file is infected with W32.Randex

Developer notes:
IMG000583.com is non-repairable threat.  NAV with the latest rapidrelease definition detects this.  Please delete this file and replace it if neccessary.  Please follow the instruction at the end of this email message to install the latest rapidrelease definitions.

Symantec Security Response has determined that the sample(s) that you provided are infected with a virus, worm, or Trojan. We have created RapidRelease definitions that will detect this threat. Please follow the instruction at the end of this email message to download and install the latest RapidRelease definitions.
Symantec is now building a new set of definitions to include the threat you have submitted. The approximate time to complete this process is one hour. We recommend checking the ftp site periodically over the next 60 to 90 minutes to download these definitions as soon as they are available.

Downloading and Installing RapidRelease Definitions:
1. Open your Web browser. If you are using a dial-up connection, connect to any Web site, such as:  http://securityresponse.symantec.com/
2. Copy and paste the address ftp://ftp.symantec.com/public/english_us_canada/a...drelease/sequence/ into the address bar of your Web browser and then press Enter.(this could take a minute or so if you have a slow connection)
3. Now select 47088 folder or a higher. Open the folder.
4. Select the file symrapidreleasedefsi32.exe
5. When a download dialog box appears, save the file to the Windows desktop.
6. Double-click the downloaded file and follow the prompts.

---

Symantec will include this definition in NEXT WEDNESDAYS Virus Definition set OR tommorows Intelligent Updater.

Windows OneCare prolly wont include a def.