Avast WEBforum
Other => Viruses and worms => Topic started by: JuninhoSlo on February 10, 2010, 06:21:00 PM
-
Hi :)
I have big problem,my friend wants to harm my computer? My friend gave me a link to a picture, but is blocked by Avast,when I ask my friend why he doing this I get no answer.
Picture:hxxxxp://lmaoimages.com/image.php?=juninhoslo@hotmail.com
Virustotal:http://www.virustotal.com/sl/analisis/11c2462c493d9c0680e5028bea106f7514a7c0c89747caeea0182b876ffa37f9-1265821845
Camas.comodo:http://camas.comodo.com/cgi-bin/submit?file=11c2462c493d9c0680e5028bea106f7514a7c0c89747caeea0182b876ffa37f9
Should I send this picture for analysis?
Thx and have a nice day. :)
-
when I ask my friend why he doing this I get no answer.
hmmm......does not sound like a friend...... >:(
-
oohhh that's really nasty :o tell him/her that he/she's not your friend anymore :D
-
How was the link sent ?
How do you know it is from your so called friend, emails/messages are easily forged ?
Commonly this is an infected system sending out emails, using the address book/contacts for the To and From addresses.
If you know it is from him for sure, report him to his ISP.
-
How was the link sent ?
How do you know it is from your so called friend, emails/messages are easily forged ?
Commonly this is an infected system sending out emails, using the address book/contacts for the To and From addresses.
If you know it is from him for sure, report him to his ISP.
How was link sent?Link was sent via MSN.
Which website should I choose? http://www.google.com/webhp?hl=en#hl=en&source=hp&q=What+is+ISP%3F&aq=f&aqi=g10&oq=&fp=c26c79a56c95bda8
Should I send this picture for analysis?
Have a nice day :)
-
If they are using an MSN account to send the link then report it to MSN.
Secondly this isn't actually an image but a php file called image.php, more than that it is on a malicious site hxxp://lmaoimages.com and that is what the network shield is blocking, image1.
Since avast is blocking the site, but the image.php tries to load this IMG36822_18.JPG-www.myspace.com.exe which again isn't an image but an executable file, so you should send it for analysis as a possible undetected malware.
The file the image.php would try to load IMG36822_18.JPG-www.myspace.com.exe has a higher hit rate on VT http://www.virustotal.com/sl/analisis/11c2462c493d9c0680e5028bea106f7514a7c0c89747caeea0182b876ffa37f9-1265821845 (http://www.virustotal.com/sl/analisis/11c2462c493d9c0680e5028bea106f7514a7c0c89747caeea0182b876ffa37f9-1265821845) than the one you uploaded. So it maybe that the payload changes in this image.php file.
-
Microsoft Forefront Client Security flags this as a tool used to create viruses, so idk what's going on here.
It sounds like your friend has a bigger problem though, providing you didn't run that EXE. Either he's going to lose his Internet connection for sending malware or his computer's been taken over by one of the countless malware variants that spread via MSN, Yahoo Chat, IRC, e-mail, or something similar, taking advantage of the trust friends/co-workers/bosses/employees/family members place in each other.
If you can meet your friend face-to-face, you'd better do so and tell him what's going on. If you can't meet face-to-face, a phone call would be best; barring that, try e-mail and hope the virus (I'm assuming the problem here is a virus) doesn't get to it.
-
How do I report dirty friend on MSN?
Anyway Avast now detect virus in this file...Thx ;)
-
just block him and remove his name from your contact list.
-
Well if you know this friend in real life i would appreciatly you do contact him or me if its was me i would just ignore his thing. Also a good thing for avast! IS is you could block them and if you visit later by accidently the site blocker could block it. But like i can see i dont think you got IS but you use Free. But so far i wouldnt trust any link excepted if you judge it legit. Dont open what you dont know or seem to be strange with incomplete information. ;)