locked
New potential threat ? sur4you.exe RRS feed

  • Question

  • A coworker got a link to sendspace-usa.net in an email.
    She went to the site but fortunately did not download/run the sur4you.exe file that was being pushed.
    I guess repeated training about this actually pays off.

    I fired up my Linux workstation and investigated the site, it's sole purpose seems to be to push
    the sur4you.exe file.  Downloading it to a quarantined area and scanning the file show it to be clean though.
    Carefully downloading (only) the file and scanning with onecare also show it to be clean.
    The file was safely deleted, but the nature of this site scream either virus or trojan.

    Not sure what the mechanism is for feedback to One care so they can investigate and push a virus definition as required.
    Any way.. Heads up.  Hopefully most intelligent users will already know never run a file they didn't intend to go get in the first place.

    Thursday, April 2, 2009 4:11 PM

Answers