Here You Have: New E-Mail Virus, McAfee Puts Out Warning
McAfee Labs is Currently Investigating What is Being Called the 'Here You Have' E-mail Virus
There are different variations of this e-mail virus, but everyone should be warned that if you receive any kind of e-mail stating 'here you have' and a link to a PDF document, do not open it.
McAfee has posed the different versions they know of so far on their blog.
It can look like this:
This is The Document I told you about,you can find it Here.
Please check it and reply as soon as possible.
This is The Free Dowload Sex Movies,you can find it Here.
Enjoy Your Time.
The URL does not actually lead to a PDF document, but rather an executable in disguise, such as PDF_Document21_025542010_pdf.scr served from a different domain, such as members.multimania.co.uk this URL is no longer active and the email propagation vector is believed to be crippled at this time (though already infected hosts may continue to spread email messages).
If anyone clicks on the link then they will be asked to download or run the virus, which will then install itself on the Windows directory under the name CSRSS.EXE. Your computer will then send out similar messages to the one you received so that it will spread it to your contacts. McAfee points out that it can spread through remote machines, mapped drives and removable media via Autorun replication.
McAfee lays out what file names the virus may take and what security services it will attempt to stop.