mailing list archives
re: New Virus?
From: "meowbaby" <9mv7615ts9er3rg8tr2hjn02 () sneakemail com>
Date: 29 Jun 2005 02:01:10 -0000
McAfee says it's one of the Bagle variants.. Virus Profile: W32/Bagle.dldr
-- Update 27 June, 2005--
The spamming from yesterday continue today, with filenames such as:
The typical subject line of these messages is "The picture is sent on SMS"
Detection requirements for these 2 files is the same as yesterday, DAT version 4522.
Note: Stinger has not been updated for either of these two spammings, as these two updates were not classified as
Medium or above severity.
-- Update 26 June, 2005--
There was another round of mass-spamming, of a new Bagle downloader. Messages may contain an attachment with one of
the following names:
The ZIP files contain a file named f22-013.exe (36,864 bytes)
This new variant is detected in the 4522 DAT files.
I'd try Housecall(trend micro) or Mcafee online scanners to see if they can rid you of the pestilence, in Safe Mode
with Networking mode.. before formatting/reinstalling.
-------------------- BEGIN SNIP---------------------
As you can guess, I'm hamish1 () webhosting net nz
This email contained no text, only an attachment called legs.zip, which
Norton (fully updated to its' latest version and data files) did not detect
any viruses in.
Within the legs.zip file there is a file called ds-rwe.exe - this again was
not detected as a virus.
My girlfriend thought she would be smart and ran ds-rwe.exe, which gave me a
memory overflow message for explorer.exe immidiately.
Does anyone have any idea of what this might be, and also if it is a virus
that has already been identified? If not, I am willing to pass it through to
someone to take a look at in its' zip format.
Otherwise if the effects cannot be reversed, I am afraid I will have to
reformat this machine *sigh* NOT AGAIN :(
Have a great day everyone and thanks in advance for your help.
-------------------- END SNIP-----------------------
- Re: New Virus?, (continued)