MSN virus

[Jaffa]

Hey.

I'm looking for some information on a possible msn Virus.

Whilst signed in, I received a message off a friend saying: "hey. I look so
cool in this pic "http://www.q8hell.org/NewImage-9.exe ".

I instantly thought, why is this an exe file? But he's a trust worthy mate
and even against my better knowledge I clicked the link and downloaded to my
desktop and tried to run it. Stupid me I know, but I'd never heard of such
msn viruses as I don't use msn so much.

Once the message started repeating itself over and over I figured something
was wrong.

I've tried searching on google but to my amazement, nothing came up.

The file isn't on my desktop or in msn received files. I run Norton Internet
Security 2005 so I hope that caught it, but I don't know.

Any ideas please?

 

[Jari Lehtonen]

Hey.

I'm looking for some information on a possible msn Virus.

Whilst signed in, I received a message off a friend saying: "hey. I look so
cool in this pic "http://www.q8hell.org/NewImage-9.exe ".

I instantly thought, why is this an exe file? But he's a trust worthy mate
and even against my better knowledge I clicked the link and downloaded to my
desktop and tried to run it. Stupid me I know, but I'd never heard of such
msn viruses as I don't use msn so much.

Once the message started repeating itself over and over I figured something
was wrong.

I've tried searching on google but to my amazement, nothing came up.

The file isn't on my desktop or in msn received files. I run Norton Internet
Security 2005 so I hope that caught it, but I don't know.

Any ideas please?

Surely it is a virus, Nod32 named it heuristically as unknown
PE-virus. I am submitting it now to jotti.org to see if some Av
program recognizes it. Kaspersky and McAfee does not find it!

JL

 

[Jari Lehtonen]

Results from viruscan.jotti.org

AntiVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found BehavesLike:Win32.IRC-Backdoor (probable variant)
ClamAV Found nothing
Dr.Web Found Win32.HLLW.ForBot
F-Prot Antivirus Found unknown virus (probable variant)
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
mks_vir Found nothing
NOD32 Found probably unknown NewHeur_PE (probable variant)
Norman Virus Control Found nothing
VBA32 Found nothing

JL

 

[Mat]

This virus bein sent about new msn old msn or both@jaffa?

 

[Jaffa]

I have ver 6.2.

This virus bein sent about new msn old msn or both@jaffa?

 

[Jaffa]

Thanks man. Not quite sure what all that means tho.

But I think I may have got it anyway. I did a search on my computer for the
file "newimage-9.exe" and it was found at "c:\windows\prefetch" so I simply
deleted it.

I actually have another virus on my computer at the moment which Norton
can't delete. So every time I open internet explorer or even windows
explorer I get a Norton pop up telling me about the virus.

I've followed the removal instructions which involves me going into safe
mode and scanning with Norton, but Norton won't open. Comes up with some
error along the lines of "symantec integrator has encountered a
problem......".

Anyway, maybe I'll start a new thread on that if I continue to struggle with
it.

 

[Jari Lehtonen]

I'm looking for some information on a possible msn Virus.
Any ideas please?

F-secure informs that it is a variant of SDbot. Sdbot removal tools
can be freely downloaded from
http://www.f-secure.com/v-descs/sdbot.shtml

JL

 

[Peacekeeper]

F-secure informs that it is a variant of SDbot. Sdbot removal tools
can be freely downloaded from
http://www.f-secure.com/v-descs/sdbot.shtml

JL

Avert when given it says

A.V.E.R.T. Sample Analysis
Issue Number: 1731065
Virus Research Analyst:
Identified: W32/Sdbot.worm.gen.y

AVERT(tm) Labs, Bangalore.

Thank you for submitting your suspicious file

 

[What's in a Name?]

Hey.

I'm looking for some information on a possible msn Virus.

Whilst signed in, I received a message off a friend saying: "hey. I look so
cool in this pic "snipped ".

I instantly thought, why is this an exe file? But he's a trust worthy mate
and even against my better knowledge I clicked the link and downloaded to my
desktop and tried to run it. Stupid me I know, but I'd never heard of such
msn viruses as I don't use msn so much.

Once the message started repeating itself over and over I figured something
was wrong.

I've tried searching on google but to my amazement, nothing came up.

The file isn't on my desktop or in msn received files. I run Norton Internet
Security 2005 so I hope that caught it, but I don't know.

Any ideas please?

You may want to scan your system with a couple of online scanners,I have
links to some on my site.
http://home.neo.rr.com/manna4u/tools.html
-max