*** VIRUS WARNING ***

If you receive an e-mail entitled "Bad times", delete it IMMEDIATELY.

Do not open it. Apparently this one is pretty nasty.

It will not only erase everything on your hard drive, but it will also delete
anything on disks within 20 feet of your computer. It demagnetises the strips on ALL of your credit cards. It reprograms your PIN number, screws up the tracking on your VCR and uses subspace field harmonics to scratch any CD's you attempt to play. It will program your phone auto-dial to call only 0898 numbers. This virus will mix antifreeze into your fish tank.

It will cause your toilet to flush while you are showering. It will drink ALL your beer.

It will leave **** stained underwear on the coffee table when you are expecting company. It will replace your shampoo with hair remover, and screw your current boy/girlfriend behind your back, while charging their hotel rendezvous and all their room service to your Visa card. It will cause you to run naked through the streets with scissors and gouge people's eyes out. It will rewrite your backup files, changing all your active verbs to passive tense and incorporating undetectable misspellings which grossly change the interpretations of key sentences.

If the "Badtimes" message opened in a Windows 95/98 environment, it will leave the toilet seat up and leave your hairdryer plugged in dangerously close to a full bathtub. It will refill your skimmed milk with Milk of Magnesia!

******* WARN AS MANY PEOPLE AS YOU CAN *******

And if you don't send this to 5000 people in 20 seconds you'll fart so hard that your right leg will spasm and shoot straight out in front of you, sending sparks that will ignite the person nearest you.

The scary thing is, the above post is 100% true.

this iz a damn scarey virus :evil:

Hello everybody....

had an email warning me so i thought i'd pass it on

Dont open ANY emails marked WTC survivor (stands for world trade centre) so people think its a story bout 9/11

But it wipes ur c: drive , friend of mine cannot use computer at all now !!!

thankyou i will look out for that one

Virus warning!!!!1!1

Caution! There is a new type of virus about which is propogating wildly throughout the world!! It works like this:

Someone makes up a completely false "virus e-mail" story (usually centred around opening a dubiously attractive attachment) and sends it to everyone they can think of.. People believe it, and so forward it to everyone they know.. Rinse and repeat..

Net result: a completely erroneous virus report being spread all over the world, clogging up mailservers and taking up peoples' valuable time as they fire off e-mails warning others about nothing..

General rule of thumb: ignore any and all virus warnings you get via e-mail unless they are from your sys admin or an offical virus authority (such as the authors of a virus package which you have purchased and installed)..

see - http://www.breakthechain.org/exclusives/wtcsurvivor.html

Thanks for that :thumbsup:

If you just open it?

That can put a virus on your computer?

Surely it asks you to install something?

Originally posted by IanMitchell
If you just open it?

That can put a virus on your computer?

Surely it asks you to install something?

lol clearly the sarcasm in my post was too subtle..

i would be inclined to ignore the OP's post.. these types of virus warnings are akin to worms themselves, in that they propogate throughout the world and cause needless mail traffic.. you will not have your hdd erased as a result of reading this e-mail..

incidentally, i don't mean this to sound as if i am accusing the OP of fabricating the story, simply that he has been taken in by a ruse that is becoming more and more prevalent on teh intarweb these days..

And the one a few years back telling people to delete a certain file that the virus apparently placed on the hard drive and it turns out to be one of the system files, erm one with a bear icon I think.... I had a few folk at work deleting it!

ah yes, the java debugger i think that was... i remember *nearly* falling for that 1

as i recall you couldnt delete it tho as it was a file used by windows.

luckily for the hundreds of people that did try to delete it against my wishes!

nope, that was only if u were on a java webpage. u could delete it easily... :(

Just found this:

DO NOT pass it on as this is how an email HOAX propagates.

Below is the actual text from the message that may be received via email.

Virus hoax

Description

There are several versions of this hoax.

The text of the first version of this hoax reads as follows:

I received this from a reliable family friend this morning. 10/28/01 BIG TROUBLE !!!! DO NOT OPEN "WTC Survivor" It is a virus that will erase your whole "C" drive. It will come to you in the form of an E-Mail from a familiar person. I repeat a friend sent it to me, but called and warned me before I opened it. He was not so lucky and now he can't even start his computer! Forward this to everyone in your address book. I would rather receive this 25 times than not not all.

If you receive an email called "WTC Survivor" do not open it. Delete it right away! This virus removes all dynamic link libraries (.dll files) from your computer. This is a serious one.

The text of the second version of this hoax reads as follows:

During the next several weeks be VERY cautious about opening or launching any e-mails that refer to the World Trade Centre or 9/11 in any way, regardless of who sent it. PLEASE FORWARD TO ALL YOUR FRIENDS AND FAMILY. FOR THOSE WHO DON'T KNOW, "WTC" STANDS FOR THE WORLD TRADE CENTRE. REALLY DANGEROUS BECAUSE PEOPLE WILL OPEN IT RIGHT AWAY, THINKING ITS A STORY RELATING TO 9/11!

BIGGGG TROUBLE !!!! DO NOT OPEN "WTC Survivor" It is a virus that will erase your whole "C" drive. It will come to you in the form of an E-Mail from a familiar person. I repeat, a friend sent it to me, but called and warned me before I opened it. He was not so lucky and now he can't even start his computer!

Forward this to everyone in your address book. I would rather receive this 25 times than not at all. So, if you receive an email called "WTC Survivor", do not open it. Delete it right away! This virus removes all dynamic link libraries (.dll files) from your computer.

PLEASE FORWARD THIS MESSAGE

Microsoft have just issued a bulletin though involving ELEVEN URGENT security patches involving all versions of windows and Explorer from 5.1 onwards.

Full details at www.itsafe.gov.uk

That was the email i got ..

how come its a hoax and how do you know for sure :confused:

There is about one a week saying similar things. There is nothing that can wipe your C drive just by opening an email.

http://www.symantec.com/avcenter/venc/data/wtc.survivor.hoax.html

Originally posted by mer1002
That was the email i got ..

how come its a hoax and how do you know for sure :confused:
Because people are gullible... pure and simple...



As for this whole hoax thing.. I actually had a department head for where I was in uni (as a mature student) give me short shrift for providing links to information proving that a rather unlikely "mugging" scenario was in fact a hoax...

They then did what you did and said they had a friend of a colleague who's best mate knew someone who'd had it happen to them...

.. and these were people with doctorates...

Originally posted by Martin_s

.. and these were people with doctorates...

tell me about it.

Leave virus security to you AV software and keep it updated all the time - Warnings like these are , more often than not, hoaxes/timewasters.

It's not a case of being gullible .....just carefull


i have only had one virus but got rid pretty easy as phanerothyme sez 'cause my security was top notch !!


Cant understand why people do it, cant see wot buzz they get from it even if it get sent back to them ...pretty sad if u ask me some saddo spotty kid sat at his pc with nowt else better to do !!

I always liked the irish virus email, it went along the lines of:

"Greetings

You have just received the "IRISH VIRUS".

As we don't have any programming experience, this Virus works on the honour system.

Please delete all the files on your hard drive manually and forward this virus to everyone on your mailing list.

That'd be grand.

Thanks for your cooperation"

:hihi:

A new Internet virus has been detected that can infect Microsoft's Windows platforms faster than previous computer worms, said an anti-virus computer software maker.

The ZOTOB virus appeared shortly after the world's largest software maker warned of three newly found "critical" security flaws in its software, including one that could allow attackers to take complete control of a computer.

http://today.reuters.com/news/newsarticle.aspx?type=technologyNews&summit=&storyid=2005-08-15T104030Z_01_DIT538409_RTRIDST_0_TECH-SINGAPORE-VIRUS-DC.XML

Not worried is I;).

Though I did wonder why NAV (stop laughing) updated today when I'd performed a manual update last night.


From what I've read, any decent (ZAP) firewall will stop it functioning (ie connecting to irc/altering hosts file etc). All you'd then need do is stop the file running (if it is), delete its' start up entry then simply delete the BOTZOR.EXE file in the %windir%/system folder:thumbsup:.

I have just been informed that there is a potential threat from a virus that is due to be released tonight.

CAn anyone confirm or put pay to this rumour, if it is true is there any patches available yet?

I've just recievet this email. It was not forwarded to me it was typed out and sent by a friend.. Trouble is i don't know how to find out it these things are hoaxes or not. Does anyone know if it is? I tried snoops but got no where. I'm always careful anyway, but if its real then you should all know about it. Thanks.

WORST VIRUS EVER --- CNN ANNOUNCED >>PLEASE SEND THIS TO EVERYONE ON YOUR CONTACT LIST!! >>
A new virus has just been discovered that has been classified by >>Microsoft as the most destructive ever. This virus was discovered yesterday afternoon by McAfee . This virus simply destroys Sector >>Zero from the hard disk, where vital information for its functioning are stored. >>This virus acts in the following manner:
It sends itself automatically to all contacts on your list with the >>title: >>"A Card for You". As soon as the supposed virtual card is opened the computer freezes >>so >>that the user has to reboot. When the ctrl+alt+del keys or the >>reset button are pressed, the virus destroys Sector Zero, thus >>permanently destroying the hard disk. Yesterday in just a few hours >>this virus caused panic in. New York, according to ne4 ws broadcast by >>CNN. >> >>This alert was received by an employee of Microsoft itself. >>So don't open any mails with subject: "A Virtual Card for You." As >>soon as you get the mail, delete it!! Even if you know the sender

sounds great :) and also sounds a bit of a hoax - if you receive it delete it ;)

for the answer go to http://www.symantec.com/avcenter/venc/data/virtual.card.for.you.html

Yup..as with most of these e-mails it is a hoax.

i was told to be careful of any e-mails i get on the 3rd due to a virus. don't know any details though

It could be a variant of this - and here's the fix just in case

http://securityresponse.symantec.com/avcenter/venc/data/w32.blackmal@mm.removal.tool.html

Here's (http://www.snopes.com/computer/virus/kamasutra.asp) a link to some information about it.

http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=98893

It's a year 2000 hoax :rolleyes: but.... there is a virus due to activate tomorrow, just not the one you mentioned ;)

Thanks guys. :thumbsup:

just stick part of the name of the virus or something relevant in google, they usually come up as hoaxs.

just stick part of the name of the virus or something relevant in google, they usually come up as hoaxs.
Apart from this (http://www.snopes.com/computer/virus/kamasutra.asp)one, apparently. Make sure your virus scanners etc are up to date.

http://news.bbc.co.uk/1/hi/technology/4661582.stm

This appears NOT to be a hoax!
http://news.bbc.co.uk/1/hi/technology/4661582.stm

The university has told us about this virus It comes on the 3rd of every month, the uni have also just sent me a trojan something or other in an email what ever that is all my virus protection doesn't seem to be shifting it though.

This appears NOT to be a hoax!
http://news.bbc.co.uk/1/hi/technology/4661582.stm
That's the one I refer to above, and as I said there, no it isn't a hoax.

the fix for it is on my earlier message

Don't think it's going to be as bad as some stories are making out, not in the UK anyway.

http://software.silicon.com/security/0,39024655,39156086,00.htm

i cant wait! no virus will destroy me!!!!!!!!!! :)

I have just been informed that there is a potential threat from a virus that is due to be released tonight.

CAn anyone confirm or put pay to this rumour, if it is true is there any patches available yet?

Yes, read in The Mail today about it.The virus known as Grew.A or My Wife, tricks users by appearing as an e-mail attachment with subject lines such as "Hot Movie" "give me a kiss" and "Miss Lebanon 2006".It claims to be a movie or picture with some sort of sexual content.That is how it tricks you.So dont open any attachments.Ive just run a virus scan before coming on,and O.K.up to now,but I think they are still getting through.

The story was on Radio 4 as well; they said although it was targeted at businesses, estimated that some 300,000 computers are going to be affected and would ultimately cause most harm to home users.

I always find it realy interesting, how people react just because a story has got in the papers/radio/media they assume it's suddenly a worse threat than it ever was before.....they're just making news, it's what they do to sell papers...make money.

The best way to check for any types of new virus found is to go to a good AV website, like this http://securityresponse.symantec.com/

you can check it every day and be more prepared/paranoid, whatever floats your boat :thumbsup:

I have just been informed that there is a potential threat from a virus that is due to be released tonight.

CAn anyone confirm or put pay to this rumour, if it is true is there any patches available yet?
Blooming Terrorists. Is it like Anthrax this virus?
No patches for that just a chemical suit sorry.

VERY IMPORTANT WARNING
Please Be Extremely Careful especially if using internet mail such as
Yahoo, Hotmail, AOL and so on. This information arrived this morning
direct from both Microsoft and Norton.
Please send it to everybody you know who has access to the Internet.
You may receive an apparently harmless email with a Power Point
presentation "Life is beautiful."
If you receive it DO NOT OPEN THE FILE UNDER ANY CIRCUMSTANCES, and
delete it immediately. If you open this file, a message will appear on
your screen saying: "It is too late now, your life is no longer
beautiful." Subsequently you will LOSE EVERYTHING IN YOUR PC and the
person who sent it to you will gain access to your name, e-mail and
password.
This is a new virus which started to circulate on Saturday afternoon.
AOL has already confirmed the severity, and the antivirus software's are not capable of destroying it. The virus has been created by a hacker who
calls himself "life owner."

http://www.symantec.com/avcenter/venc/data/life.is.beautiful.hoax.html

As always, all I can say is 'Google is your friend'.

Although well intentioned, whoever sent you the message had it wrong.

http://www.google.co.uk/search?hl=en&q=%22Life+is+beautiful%22+virus&btnG=Google+Search&meta=

Joe

Cheers people. I will do a search first next time

Havent had one like that but this very evening had a completely new E mail,from some one I hadnt heard of before.Something like Mailer-Daemon with the subject Failure notice.Has anyone else with yahoo Mail had anything like this? Ive deleted it anyway just to make sure.What do I do in future if I dont know who it is ?

Havent had one like that but this very evening had a completely new E mail,from some one I hadnt heard of before.Something like Mailer-Daemon with the subject Failure notice.Has anyone else with yahoo Mail had anything like this? Ive deleted it anyway just to make sure.What do I do in future if I dont know who it is ?

thats just telling you an email youve sent hasnt got through to the person you sent it to patricia

the email address could be wrong, they might not be using that email address, the host might be having problems

thats just telling you an email youve sent hasnt got through to the person you sent it to patricia

the email address could be wrong, they might not be using that email address, the host might be having problems

Thanks,melthebell,I do feel stupid now,but very glad you told me.Im surprised because Id just sent an E Mail to my son,and it seemed to go alright,but I will go back on the site to see if Ive sent it properly.Thank you so much.

although be careful - some viruses and phishing attempts do disguise themselves by appearing to be these email failure notices. they should include the email address and subject of the email you tried to send. if in doubt, as always, delete :)

There's a virus kicking around that infects a users computer and then sends messages to everyone on their contact list containing a link. The link then prompts you to download a file.

The message looks like:

hey is this you? http://www.msgrprofiles.net/members.php?msn=yourmsn@msn.com

I am not sure of what else the virus does!

You just know someone's going to click on that link.

You just know someone's going to click on that link.

that'll be me then. its a 404.

Hi folks, I'm having a prob at the mo, and would really appreciatate any advice...!

Basically, for the past month or so, I've been getting approximately 70-100 emails a day to my gmail account, most of them from Mail Delivery System or Postmaster or Mailer-Daemon, in which case the subject line tends to be along the lines of "delivery failed:returing message" or "unable to deliver:virus". Others come from random people/orgnaisations, with subject lines along the lines of "thanks for your email". Now, I don't understand these things at all and haven't opened any of the emails. but from what I gather looking at the subject lines is that there seems to be an email address almost the same as mine (but slightly different) sending off infected emails which are being bounced back to me.

Clearly these aren't emails that I deliberately sent, being returned to me. But I don't know what to do either to stop my computer sending off these infected emails (if that's what's happening) or to stop the emails being sent to me.

Can anyone please offer any advice?! I hate now checking my emails because it's horrible seeing all these unwanted ones!

If it's of any relevance, I have McAfee, AdAware and Spybot all regularly running.

Thanks in advance!
xx

Somebody who has you as a contact in their address book has a virus, which is sending out these emails to everyone in that address book.

You will probably find all those emails have an attachment, in which the virus is contained. If you open the attachment, the virus can attack your address book and start sending out emails to all contacts in your address book.

When you receive these emails, delete them straight away, without opening them. Whatever you do, don't open the attachment.

Do a full system AV scan.

I posted this on another forum, a few years' ago, and it may be useful here:

HOW TO TRICK THE WORM COMPUTER VIRUS

This was in the last issue of "P C World" magazine. It does work!

As you may know, when/if a worm virus gets into your computer it heads straight for your email address book and sends itself to everyone in there, thus infecting all your friends and associates.

This trick won't keep the virus from getting into your computer, but it will stop it from using your address book to spread further, and it will alert you to the fact that the worm has gotten into your system.

Here's what you do:

First: Open your address book and click on "new contact" or "new person" just as you would do if you were adding a new friend to your list of email addresses.

Second: In the window where you would type your friend's FIRST name,type in !000 (that's an exclamation mark followed by 3 zeros). In the window below where it prompts you to enter the new email address, type in WormAlert@bob.com (actually any @.com will work).

Third: Then complete everything by clicking add, enter, OK, etc.

Now, here's what you've done and why it works: the "name" !000 will be placed at the top of your address book as entry #1. This will be where the worm will start in an effort to send itself to all your friends.

But when it tries to send itself to !000, it will be undeliverable because of the phony email address you entered (WormAlert). If the first attempt fails (which it will because of the phony address), the worm goes no further and your friends will not be infected.

Here's the second great advantage of this method: If an email cannot be delivered, you will be notified of this in your InBox almost immediately.

Hence, if you ever get an email telling you that an email addressed to WormAlert could not be delivered, you know right away that you have the worm virus in your system. You can then take steps to get rid of it.

Pretty slick huh?

If everybody you know does this, then you needn't ever worry about opening mail from friends.



Good luck

Either you, or someone with your email address saved in their contacts, is infected with a virus/worm.

That infection is spreading using your email address in the 'sender' header... so you're getting all the bounce-backs and auto-responders to your account...



+

Ive been getting emails like this recently. Yahoo have emailed out to lots of people warning them.

Im constantly getting the 'call me urgently, you are to inherit £3m' emails too.

Your email address is probably on the web somewhere then... getting harvested by the spambots.......



+

Thanks for all your help people! I'll do as suggested, ta!

Your email address is probably on the web somewhere then... getting harvested by the spambots.......



+

The thing that's annoying me the most is that this gmail account is my 'proper' account that i never give out to randomers or use to join/sign in anywhere so I'd been hoping to keep it safe ... booo!

Anyway, thanks again :)

Come on. This hoax must be at least three years old!

damn its happened to me

it also causes memory loss in men close to the computer meaning they'll forget their anniversary, birthdays etc!

scary stuff!

damn its happened to me

it also causes memory loss in men close to the computer meaning they'll forget their anniversary, birthdays etc!

scary stuff!


Now I know it is a hoax! Us men don't need a virus to make us forget birthdays etc...it's genetic!

Come on. This hoax must be at least three years old!
So is this thread!:loopy:

So is this thread!:loopy:

:hihi: :hihi: :hihi:

haha. he reopens a 3 year old thread and complains that the content is 3 years old. everyone point and laugh at markwit :)

haha. he reopens a 3 year old thread and complains that the content is 3 years old. everyone point and laugh at markwit :)

Shunt that be "Halfwit" :hihi: :hihi: :hihi:

damn its happened to me

it also causes memory loss in men close to the computer meaning they'll forget their anniversary, birthdays etc!

scary stuff!


LOL:hihi: :hihi: :hihi:

Warning over 'Storm Worm' email.

A virus that has been dubbed the "Storm Worm" is baiting people with information about the recent bad weather in Europe.

It is creating one of the largest worm attacks in recent years.

Over an eight-hour period yesterday, the worm sent malicious emails across the globe to hundreds of thousands of people.

Storm Worm carries the subject line "230 dead as storm batters Europe".

The email has an attached file that contains a malicious code.

If opened, it can allow criminals to access your computer and pilfer information for financial gain.

There's a couple of different ones going around at the moment (I'd read about the storm worm one). I received one yesterday, but I can't remember what the title was about.

When I'm not sure about an email I receive (which I wasn't in this case), I read the message source/headers and details, without opening the email. The email I received yesterday had a suspect attachment, which AVG had blocked due to it containing a virus. Thank goodness for Outlook Express because, if I was using BT webmail, I probably wouldn't have been able to view the email in that way.

Anyway, I just blocked and completely deleted it.

I got one this morning titled Sadam Hussein found safe and well. Norton immiediately told me it contained a Trojan so I deleted it without opening.

Thanks unregistered have have made a note of it

yeh thanks for that:thumbsup:

For once, www.snopes.com reckons this one is real

You should be alert during the next days:

Do not open any message with an attached file called
'Invitation' regardless of who sent it, It is a virus
that opens an Olympic Torch which 'burns' the whole
hard disc C of your computer.

This virus will be received from someone who has your
e-mail address in his/her contact list, that is why
you should send this e-mail to all your contacts. It
is better to receive this message 25 times than to
receive the virus and open it.

If you receive a mail called 'invitation' , though
sent by a friend , do not open it and shut down your
computer immediately. This is the worst virus
announced by CNN, it has been classified by Microsoft
as the most destructive virus ever.

This virus was discovered by McAfee yesterday, and
there is no repair yet for this kind of virus. This
virus simply destroys the Zero Sector of the Hard
Disc, where the vital information is kept

Nope, 'fraid not. http://www.snopes.com/computer/virus/invitation.asp

HOAX.

http://www.snopes.com/computer/virus/invitation.asp

Ha! funny, great minds etc, Hels. :)

as the old thread was moved to the computer part which is pretty useless for the people who dont go there I will let you know that

Do not open any email message with an attached file called
'Invitation' regardless of who sent it, It is a virus
that opens an Olympic Torch which 'burns' the whole
hard disc C of your computer.

It's still a hoax though: http://www.sheffieldforum.co.uk/showthread.php?t=285406

thanks it does seem a bit jobsworthy to move it as you say not everybody uses those sections

What a load of old nonsense.

Thanks for the warning - hope folks take it seriously. I've also had a warning message not dissimilar to yours - I was told on no account to open any e.mail (even from a trusted source) with a title containing 'a postcard from.......' The virus in it apparently causes your screen to lock and the damage is done when you would press your Ctrl/Alt/Del keys to clear the problem as a last resort - clears the whole memmory so I am told! Sad world we live in eh?

It's still a hoax though: http://www.sheffieldforum.co.uk/showthread.php?t=285406

hoax or not its better to be safe than sorry

hoax or not its better to be safe than sorry

No, what's better is to know it's a hoax so people don't think it's actually real.

Thanks for the warning - hope folks take it seriously.

You do not need to take this seriously - it is not real, it is a fake, it is a hoax, this email will do nothing to your system, it's spam, delete it - get it?

Driving on wet tram tracks, opening unknown attachments ... all the same really!

HOAX.

http://www.snopes.com/computer/virus/invitation.asp

Its better to let people know than having friends and family get screwed by these sick idiots but if anyone is willing to open the file then be my guest its better to be safe than sorry.

Its better to let people know than having friends and family get screwed by these sick idiots but if anyone is willing to open the file then be my guest its better to be safe than sorry.

But it's a hoax, it's not real. There's no "better to be safe than sorry" - it doesn't exist. Anyhow - like they say, the oldies are always the best and this one has been going around for years and years and years.

Its better to let people know than having friends and family get screwed by these sick idiots but if anyone is willing to open the file then be my guest its better to be safe than sorry.

Get over yourself. ITS NONSENSE.

What next? Press 9 and this post will automatically cost you £20.

HOAX.]
It's still a hoax though
No, what's better is to know it's a hoax so people don't think it's actually real.
You do not need to take this seriously - it is not real, it is a fake, it is a hoax, this email will do nothing to your system, it's spam, delete it - get it?
But it's a hoax, it's not real.

Can anyone tell me if its a hoax.

Can anyone tell me if its a hoax.

i think it is :hihi:

Do you think it is?

:mrgreen:

Maybe this threads a hoax and the email is real ;)

I have received a scam e mail concerning my non existant Abbey a/c.
If I right click on the url given and click on the "report E mail scam"
which comes up, the resulting page is the same as the genuine Google/ Firefox page EXCEPT there is a firefox logo on the page.
The url on this page is the same as that given by thunderbird's scam warning when I click on the original URL.

I have subtituted the word "images" with ****** so that it can't be opened accidentally.

http://www.scotland4justice4palestine.org/******/index/2/www.abbey.co.uk/CentralLogonWeb/myonlineaccounts2.abbeynational.co.uk/abbey/submit.php?cmd=validate

Edit The url that I have typed doesn't appear totally when posted..strange!

Never, ever, ever, EVER click on any links provided by spam emails. Even 'unsubscribe here' links unless you are 110% sure of the provenance of the email.

At best they could be coded to allow the web site to confirm that your email address is a real one opening the flood gates for even more spam (same applies if you allow your email client to view in HTML and automatically display any images), and at worst they could drop you onto a web page that makes your anti-virus/anti-spam software (you are using both I assume?) work overtime to keep your system safe and clean.

The forum software automatically trims the displayed URL so don't worry about how it looks here btw.

Update - Just got up after not enough sleep following Nights. Apologies - mis-read what you were doing; reporting spam to Thunderbird/Firefox/Google.
The warning is still valid though!

Just a warning, there is a raft of mail purporting to come from UPS - they all contain viruses or trojans.

Nod32 is not picking up this variant yet nor is AVG.

Virus total report

AhnLab-V3 2008.7.21.1 2008.07.22 -
AntiVir 7.8.1.11 2008.07.22 TR/Spy.ZBot.dip
Authentium 5.1.0.4 2008.07.22 W32/Trojan2.AUFA
Avast 4.8.1195.0 2008.07.22 -
AVG 8.0.0.130 2008.07.21 -
BitDefender 7.2 2008.07.22 -
CAT-QuickHeal 9.50 2008.07.21 -
ClamAV 0.93.1 2008.07.22 -
DrWeb 4.44.0.09170 2008.07.22 -
eSafe 7.0.17.0 2008.07.21 Suspicious File
eTrust-Vet 31.6.5973 2008.07.22 -
Ewido 4.0 2008.07.21 -
F-Prot 4.4.4.56 2008.07.22 W32/Trojan2.AUFA
F-Secure 7.60.13501.0 2008.07.22 Trojan-Spy:W32/Zbot.QF
Fortinet 3.14.0.0 2008.07.22 -
GData 2.0.7306.1023 2008.07.22 Trojan-Spy.Win32.Zbot.dip
Ikarus T3.1.1.34.0 2008.07.22 Win32.Outbreak
Kaspersky 7.0.0.125 2008.07.22 Trojan-Spy.Win32.Zbot.dip
McAfee 5343 2008.07.21 -
Microsoft 1.3704 2008.07.22 -
NOD32v2 3285 2008.07.22 -
Norman 5.80.02 2008.07.21 -
Panda 9.0.0.4 2008.07.21 -
Prevx1 V2 2008.07.22 Malicious Software
Rising 20.54.10.00 2008.07.22 -
Sophos 4.31.0 2008.07.22 Troj/Agent-HFZ
Sunbelt 3.1.1536.1 2008.07.18 -
Symantec 10 2008.07.22 Backdoor.Paproxy
TheHacker 6.2.96.385 2008.07.20 -
TrendMicro 8.700.0.1004 2008.07.22 -
VBA32 3.12.8.1 2008.07.21 suspected of Malware-Cryptor.Win32.General.2
VirusBuster 4.5.11.0 2008.07.21 -
Webwasher-Gateway 6.6.2 2008.07.22 Trojan.Spy.ZBot.dip

Had around two dozen copies of it so far today. I'm already fed up of deleting the quarantine notifications. :(

Got an email on Outlook Express today about an undelivered parcel sent by UPS. It even gives you a tracking number. I thought I was being safe saving the attachment to a folder and scaning it before unzipping but it still got me. What it does is it puts a red circle with a white cross on the bottom right toolbar next to clock. A bubble comes up saying that Windows has detected a spyware and click here to download the latest anti-spyware. When you click it tries to get you, fortunately for me my Norton blocked it and on doing a pc scan it got rid of it.

Got an email on Outlook Express today about an undelivered parcel sent by UPS. It even gives you a tracking number. I thought I was being safe saving the attachment to a folder and scaning it before unzipping but it still got me. What it does is it puts a red circle with a white cross on the bottom right toolbar next to clock. A bubble comes up saying that Windows has detected a spyware and click here to download the latest anti-spyware. When you click it tries to get you, fortunately for me my Norton blocked it and on doing a pc scan it got rid of it.

Were you actually tracking a parcel? NEVER open or save attachments you haven't requested or can't be sure of.

Forum search is your friend...

http://sheffieldforum.co.uk/showthread.php?t=374004

Too true :hihi:

Got an email on Outlook Express today about an undelivered parcel sent by UPS. It even gives you a tracking number. I thought I was being safe saving the attachment to a folder and scaning it before unzipping but it still got me. What it does is it puts a red circle with a white cross on the bottom right toolbar next to clock. A bubble comes up saying that Windows has detected a spyware and click here to download the latest anti-spyware. When you click it tries to get you, fortunately for me my Norton blocked it and on doing a pc scan it got rid of it.

Glad you caught it in time, but it might be worth you doing another scan in Safe Mode, just in case this spyware tries to reinstall itself after the scan... some have a habit of doing this so a rescan is a must.

Can I ask though, have you actually registered your e-mail with UPS?
If you haven't then they wouldn't contact you via e-mail.
Secondly If you did have an undelivered parcel, surely they would simply put a note through your letter box rather than e-mail you?

I usually am quite careful but all I can put it down to is a "2 days on the trot of warm,dry weather confusing brain syndrome"

A very convincing new one is doing the rounds, it is telling you that you have a customs package that needs signing for and details given from France, the attachment is a .zip file so it gets through the spam filters, inside it is an executable file DO NOT OPEN IT AND DELETE IT STRAIGHT AWAY.

If you haven't ordered anything from France, and/ or aren't expecting a package from there, then it should ring warning bells, like the phishing mails :-

I know I haven't got a bank account with The Halifax/ Barclays/ Lloyds-tsb,etc etc, or with paypal, so I know that if I get a mail from "them" I know it's a load of cobblers, and delete, after reporting them.

If the package contains Melissa Theuriau, I'll take a risk .....

I had this today too but since I know full well I have no incoming parcels from France, I didn't bother with it :)

There will always be a new type of spam / virus mail like this, basically always employ common sense. Unfortunately computers are thought to be idiot proof these days - they are not!

received this yesterday.. seems suspicious as i hadn.t odered anything from France. Deleted it straight away.

Six copies of it so far. Time to adjust the ISP spam filter.

My ISP is Plusnet, and their Spam filter picked this one up a couple of days ago and blocked it.

A very convincing new one is doing the rounds, it is telling you that you have a customs package that needs signing for and details given from France, the attachment is a .zip file so it gets through the spam filters, inside it is an executable file DO NOT OPEN IT AND DELETE IT STRAIGHT AWAY.

Did you receive this email or are you passing on an email warning?

99% of these are hoaxes and the above warning sounds very much like a hoax. Saying that its a .zip file so gets through your spam filters is wrong in the first place, spam filters in most cases read the email text to determine whether or not it’s SPAM, plus all good email AV software will scan the contents of any attachment and pick up which ever virus/Trojan is inside.

I am yet to see one of these emails actually being in the wild.

My ISP is Plusnet, and their Spam filter picked this one up a couple of days ago and blocked it.

Shame how plusnet where hacked a few years ago and all their customers email addresses where stolen and are now for sale on the net to spammers.

Hmm, Plusnet didn't pick it up for me, and my root domain is where most of my spam is sent, which as I never use it can only be through their previous problems. Ah well.

But, seeing as AVG didn't ID it as a virus either it's probably safe. Is it a 419?

But, seeing as AVG didn't ID it as a virus either it's probably safe. Is it a 419?

You get what you pay for. I used to be an advocate of AVG but a few months ago it failed to pick up a virus I found. I left it a week and even Symantec failed to pick it up even after I submitted it to them!

Microsoft One Care came to my rescue in the end.

i got an email to my personal email address from UPS the carrier service. it was a short email telling me that a parcel i had sent on the 1st of july could not reach the address because to it not been recognised. i had to open the invoice attatchment & check the address. firstly i only send parcels for work & we use TNT, my personal email is just that i dont use it for work related mail & i was on holiday just come back from glastonbury festival on 1st of july so i knew it was probably a virus.

unfortunatley a work collegue opened the email & clicked on the invoice bit, even tho we have a good antivirus it completely shut his computer down. just beware of this virus, i know many people who use UPS & may think that it is a genuine email from them.

You get what you pay for. I used to be an advocate of AVG but a few months ago it failed to pick up a virus I found. I left it a week and even Symantec failed to pick it up even after I submitted it to them!

Microsoft One Care came to my rescue in the end.

The latest version of AVG seems to have turned into bloatware in the very best model of Symantec - shame.

MS One Care? Tell me more.

MS One Care? Tell me more.

Its great, better spyware prevention, better firewall, tune-ups and AV in one.

I was very surprised when I found OneCare found the virus. I submitted the files to an online scanner and OneCare was one of the only apps to identify the file as a virus. Lucky for me I had a copy on the shelf, a freebie from a friend who works for Microsoft that I thought I would never use. I removed Zone Alarm, Spybot and Symantec AV and installed OneCare. It does all the jobs of the previous software but better and succeeded where Symantec failed.

Also its pretty cheap and you can have up to 3 PC's using the same version.

I have never looked back.

Microsoft OneCare


Antivirus protection
Antispyware
Better Firewall than basic Windows Firewall
Performance tune-ups
Data backup and restore

Holly....
Thanks

Did you receive this email or are you passing on an email warning?

99% of these are hoaxes and the above warning sounds very much like a hoax. Saying that its a .zip file so gets through your spam filters is wrong in the first place, spam filters in most cases read the email text to determine whether or not it’s SPAM, plus all good email AV software will scan the contents of any attachment and pick up which ever virus/Trojan is inside.

I am yet to see one of these emails actually being in the wild.


I use Kaspersky and it quarantined the same email on my computer.
People I know who use Norton and AVG have had the email come through with no questions asked.

If you're going to buy an antivirus, I'd recommend ESET NOD32.

Microsoft can't do anything right so I would never trust them with PC security and antivirus.

I had this e-mail. Just stop and think for a moment though - how would the customs have got hold of your e-mail address?

I have clam-av on my companies mail server, it sends me reports of found viruses. There is abit of a surge at the moment, alot of "Your parcel is at the customs office", "Your order N2728056" and so on. All containing variations of a Zbot trojan, just be careful when you receive an email with an attachment.

Just found this warning posted on another Forum I use.


Please be extremely careful especially if using internet mail such as Yahoo, Hotmail, AOL and so on.
This information arrived this morning direct from both Microsoft and Norton.
Please send it to everybody you know who has access to the Internet.
You may receive an apparently harmless email with a Power Point presentation
'Life is beautiful.'
If you receive it DO NOT OPEN THE FILE UNDER ANY CIRCUMSTANCES , and delete it immediately .
If you open this file, a message will appear on your screen saying: 'It is too late now, your life is no longer beautiful.'
Subsequently you will LOSE EVERYTHING IN YOUR PC and the person who sent it to you will gain access to your name, e-mail and password.
This is a new virus which started to circulate on Saturday afternoon.
AOL has already confirmed the severity, and the antivirus software's are not capable of destroying it.

The virus has been created by a hacker who calls himself 'life owner.'


PLEASE SEND A COPY OF THIS EMAIL TO ALL YOUR FRIENDS and ask them to delete
C.F

Hi friend,

Have you seen this saying it is a hoax?

http://www.hoax-slayer.com/life-is-beautiful-virus-hoax.html

.

Hi friend,

Have you seen this saying it is a hoax?

http://www.hoax-slayer.com/life-is-beautiful-virus-hoax.html

.

No I haven't - just seen it on a Fly-fishing forum :blush:

There has been a lot in the news about the Asprox Virus infecting Govt websites like the NHS and UK businesses.

http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article4381034.ece

Only half of virus checkers are detecting it. Do any of the more technical forummers have any advice ?

the virus email in the op does sound like a hoax

There has been a lot in the news about the Asprox Virus infecting Govt websites like the NHS and UK businesses.

http://technology.timesonline.co.uk/...cle4381034.ece

Only half of virus checkers are detecting it. Do any of the more technical forummers have any advice ?

The Asprox virus was first reported in 2007-06-08 15:09 So the Times report is a year late, surely they have it under control by now?

http://secunia.com/virus_information/38997/asprox/

.

The Asprox virus was first reported in 2007-06-08 15:09 So the Times report is a year late, surely they have it under control by now?

http://secunia.com/virus_information/38997/asprox/

.

Apparently in the last few months it has become 'an SQL injection vector for website attacks' - whatever that means.

http://www.scmagazineus.com/Asprox-botnet-malware-morphs/article/110169/

If you do a google news search on asprox you will see there has been a lot of concern about the virus recently from reputable newspapers like the Times and Guardian.

I've just had to sort a web site out that had been hit by this. Not one that I built I should say.

ASPRox is an SQL Injection attack that adds data into any text fields it can find in any SQL Server database.

The data it adds is a JavaScript block that could then be displayed on any web pages that display the text from that database field. It pulls back a .js file (originally a.js, then b/js and currently ngg.js) from any one of about 10,000 different web sites. The payload of the .js file I understand varies.

As I understand it ASPRox is not a virus itself, as that describes the attack on the web sites, although the .js payload could potentially load a virus or provide a link that you could click that loads a virus. The attack is most likely launched by a virus ridden PC, so there is a trojan virus element to it.

To sort the web site I had two main tasks. First review all the code and close the front door to prevent the SQL Injection - mostly through decent input validation.

Then I had to code a script to parse through the database looking for and cleaning out all the rogue script blocks. The site I worked on had 16,000+ fields that were infected, most with multiple script blocks as the site had been getting hit by this multiple times a day since May at least.

The site is still being hit, but the SQL Injection is no longer working, so not causing any harm.

It could have been worse - the injection just added to the database. Bad enough, but it could so easily have been a delete command that was injected.

Mod note: The thread has been moved and closed.

If you receive a 'Life is beautiful' email, please don't forward it and perpetuate the spam.

Mod Note: Multiple threads merged to create Virus Mega thread

Why merge it with a hoax thread tho?

Having received emails from UPS in the past and avoided the potential zip file risk, I was suspicious to receive today an email from unknown sender 'Minnie':

'Please find attached a statement of fees as requested, this will be posted today.
The accommodation is dealt with by another section and I have passed your request on to them today.
Kind regards.
Minnie'

I have no knowlege of this sender or any request of mine.

I did NOT open the attached zip file.

The sender's email domain is bluelakecamp.com, which appears to be associated with a website for a Christian Retreat Centre in Andalusia, Alabama USA.

Anyone know if this is a recognised scam format?

Yep, scam.

http://www.technibble.com/forums/showpost.php?p=17411&postcount=1

Anything like that where the kind of response they're looking for is for you to reply to them and say they've made a mistake is suspicious.

Looks like there's an Abbey National phishing email doing the rounds

if you get this and open it delete it without clicking on anything, there don't appear to be any tracking graphics or other malware in it so you should be ok opening it but I may have missed something so if you haven't opened it just delete it.

it's from "Alert@abbey.co.uk"
title "Abbey Bank Security Update For New Year"
content is an HTML page with the following text

Abbey Bank Account Holder,

We are running our early year security routing check on all Abbey National Bank account.
This Requires proper rectification on previous transactions on record update details edited and recent changes made.

To ensure a pre-modified security check,you are expexted to reveiw
All previous records, updates, and details editted in previous months.
Please click on the link below for immediate security check

some graphics and links come from the abbey national site so it looks authentic but the immediate security check link goes to a page at "myuchallenge.net" registered in Hong Kong and the return path of the mail goes to "mail.jasakonstruksi.net" which is in Indonesia somewhere

this seems to be adopting the blunderbus approach of sending it to everyone, I got it and I don't have an account with Abbey

As a general rule if you receive an email from a financial institution that is genuine they will not provide a link in the email for you to click on, they will tell you to go to their website and log in, also they won't send one to you if you don't have an account with them

As a general rule if you receive an email from a financial institution that is genuine they will not provide a link in the email for you to click on, they will tell you to go to their website and log in, also they won't send one to you if you don't have an account with them

Good general rules. One more - a genuine financial institution will use correct English grammar and spelling as well ;)

yet another one doing the rounds

the title may change mine was "Re:admin"
email address is spoofed so it's sent to your address apparently from your address
content is an HTML message with the text
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy.
If you do not wish to receive this MSN Featured Offers e-mail,
please click the "Unsubscribe" link below. This will not unsubscribe
you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers.
This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers'
content nor any of the goods or service
advertised. Prices and item availability subject to change without notice.

any links go to "thirdspirituality.com" or "speakintuition.com" and any graphics come from "intuitionwest.com"

it doesn't look capable of verifying your email address as the graphic names are too simple and there doesn't appear to be any other payload, however any graphics in the message may carry their own malware

a big giveaway is that I don't use MSN in any way shape or form and have never subscribed to their "Featured Offers" if indeed they have such a thing

if you get it delete it without opening it, if you've already opened it, delete it without clicking on any links, then I suggest you update your virus and spyware scanners and rescan your machine, just to be on the safe side this probably isn't necessary though

A Lloyds scam has appeared in my inbox

purports to be from "Lloyds Tsb Bank"<security@lloydstsb.co.uk>
return path matches the sender address
subject "Upgrade Your Account"

content is an HTML formatted document with the text
Customer Service: New Security Standard

Dear Lloyds Customers,

Advance Card. 11.9% APR Typical variable. Get 0% on purchases for 6 months. Find out more From our website. Introducing 2009 New Security Standard. We are glad to inform you, that our bank is upgrading its new
security standards. The new updated technologies
Will ensure the security of your payments through our bank.

We kindly ask you to switched to the new security standard
by clicking on the Upgrade button

<LINK>

Thank you for using Lloyds TSB
The Lloyds TSB Security Group
Happy New Year To Our customers.

please note the incorrect syntax and grammar

all graphics come from "www.lloydstsb.com"

the link takes you to "dzisiaj.info" in Poland

no apparent payload or images used for tracking, as usual if you get one delete it and it doesn't seem to matter much if you've opened it as long as you don't click on the link