Re: New Virus?
From: ChayoteMu (chayotemu_at_gmail.com)
Date: 06/29/05
- Previous message: Justin Gill: "Re: New Virus?"
- In reply to: Hamish Stanaway: "New Virus?"
- Next in thread: meowbaby: "re: New Virus?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 28 Jun 2005 18:49:39 -0700 To: Hamish Stanaway <koremeltdown@hotmail.com>
I did a google search for *rwe.exe and found that it's a known virus.
Here's the info from McAfee on it:
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=129512
On 6/27/05, Hamish Stanaway <koremeltdown@hotmail.com> wrote:
> Hey there everyone,
>
> I recieved a mysterious email this morning at 1728 GMT which had headers as
> follows:
>
> Return-path: <hamish1@voyager.co.nz>
> Envelope-to: hamish1@webhosting.net.nz
> Delivery-date: Tue, 28 Jun 2005 05:22:44 +1200
> Received: from [217.125.252.60] (helo=david.org)
> by fearless.absolutewebhosting.biz with smtp (Exim 4.24)
> id 1DmxJg-0003ou-Rg
> for hamish1@webhosting.net.nz; Tue, 28 Jun 2005 05:22:41 +1200
> Date: Mon, 27 Jun 2005 19:20:42 +0100
> To: "Hamish" <hamish1@webhosting.net.nz>
> From: "Hamish" <hamish1@voyager.co.nz>
> Subject: The picture is sent on SMS
> Message-ID: <pvkpnopcnwraqblcgfg@webhosting.net.nz>
> MIME-Version: 1.0
> Content-Type: multipart/mixed;
> boundary="--------hukvuvgobciyuhmojdug"
>
> -------------------- END SNIP-----------------------
>
> As you can guess, I'm hamish1@webhosting.net.nz.
> This email contained no text, only an attachment called legs.zip, which
> Norton (fully updated to its' latest version and data files) did not detect
> any viruses in.
> Within the legs.zip file there is a file called ds-rwe.exe - this again was
> not detected as a virus.
> My girlfriend thought she would be smart and ran ds-rwe.exe, which gave me a
> memory overflow message for explorer.exe immidiately.
> Does anyone have any idea of what this might be, and also if it is a virus
> that has already been identified? If not, I am willing to pass it through to
> someone to take a look at in its' zip format.
> Otherwise if the effects cannot be reversed, I am afraid I will have to
> reformat this machine *sigh* NOT AGAIN :(
> Have a great day everyone and thanks in advance for your help.
>
>
> Kindest of regards,
>
> Hamish Stanaway, CEO
>
> Absolute Web Hosting / -= KoRe WoRkS =- Internet Security
> Auckland, New Zealand
>
> http://www.webhosting.net.nz
> http://www.buywebhosting.co.nz
> http://www.koreworks.com
>
>
>
-- "To catch a theif, think like a theif. To catch a master theif, be a master theif."
- Previous message: Justin Gill: "Re: New Virus?"
- In reply to: Hamish Stanaway: "New Virus?"
- Next in thread: meowbaby: "re: New Virus?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
