I think I probably caught it before you did. I got an immediate warning
of spyware penetration, seemingly from Microsoft, and then some strange
goings on, unable to operate the computer that had the appearance of a
block possibly from Microsoft, so I don't think anything was passed out.
It was on a new Dell so what I did loose in the restore was relatively
minor, just aggravation.
Dave Hoy
WYANOKEE 6295
Camden, Maine
michael mcvey wrote:
Sory about that Dave had our admin warned us at an earlier time I
would have posted I hope you were able to save or backed up your PC.
Mike
------------------------------------------------------------------------
Date: Fri, 29 Aug 2008 08:47:57 -0400
From: [EMAIL PROTECTED]
To: [email protected]
Subject: Re: catalina27-talk: FW: Please DO NOT OPEN emails with
subject like: UPS Tracking Number ######
I got caught with this one, so watch out. I ended up doing a complete
restore. Kill it!
Dave Hoy
WYANOKEE #6295
Camden, Maine
michael mcvey wrote:
------------------------------------------------------------------------
Subject: FW: Please DO NOT OPEN emails with subject like: UPS
Tracking Number ######
Date: Thu, 28 Aug 2008 20:25:01 -0400
From: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
-----Original Message-----
From: PAR Messenger
Sent: Thu 8/28/2008 4:08 PM
To: PTC; PTI; PGSC; RRC
Cc: Roger Marcoux; [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>
Subject: Please DO NOT OPEN emails with subject like: UPS
Tracking Number ######
We apologize for another repeat of this message. However we have
recently had several users contaminate their PCs with the UPS
virus. Again please DO NOT OPEN any emails that appear to come
from United Parcel Service [UPS]. The email contains a trojan
style virus and may require a complete and painful rebuild of your
PC to eliminate. Mcafee details are below.
Up-to-date McAfee VirusScan users with DAT 5348 or higher and
minimum scan engine of 5100 are protected from this threat. To
check your VirusScan version, right click the 'V' shield in your
system tray (lower right hand corner of your display); left click
on 'About VirusScan Enterprise'. The Scan Engine Version and DAT
Version will be listed in the window. If you need any assistance
in updating your McAfee software please contact your local Help Desk.
The virus attachment will have been removed by our Exchange mail
servers before the message reaches your mailbox. But as always,
any e-mail attachments should be handled with caution.
Characteristics -
UPS has issued a warning about a new computer virus circulating as
an attachment to emails purporting to originate from the 'UPS
Packet Service.' The warning is authentic. The virus is real and
is a new variant of Spy-Agent.bw. It can connect to the following
website to communicate stolen data, log actions and receive
instructions:
* blatundalqik.ru
The subject line of the email message that contains the virus will
be in the form of UPS tracking code/number (such as UPS Tracking
Number 9686554756) or something similar.
The bogus Packet Service messages claim a parcel sent by the user
was undeliverable due to an incorrect address. The user is
instructed to open an attachment containing a copy of the invoice.
The attachment on the email message is usually a zipped file that
once opened will deploy braviax.exe and burito.exe on your system.
These two programs will run and continue to download other
dangerous programs to your computer. We have also noticed that the
programs disable antivirus programs that may be installed on the
user's computer. Properly updated antivirus programs prevent this
from happening.
Spy_Agent.bw is a trojan. Unlike viruses, trojans do not
self-replicate. They are spread manually, often under the premise
that they are beneficial or wanted. The most common installation
methods involve system or security exploitation, and unsuspecting
users manually executing unknown programs. Distribution channels
include email, malicious or hacked web pages, Internet Relay Chat
(IRC), peer-to-peer networks, etc.
As a general rule, users should always be wary of opening unknown
file attachments, and maintain up-to-date antivirus protection on
their computers at all times.
Thank you in advance for your cooperation.
This is the alert UPS is sending out about the virus. They have
also posted it on their web site:
Attention Virus Warning
We have become aware there is a fraudulent email being sent that
says it is coming from UPS and leads the reader to believe that a
UPS shipment could not be delivered. The reader is advised to open
an attachment reportedly containing a waybill for the shipment to
be picked up.
This e-mail attachment contains a virus. We recommend that you do
not open the attachment, but delete the email immediately.
UPS may send official notification messages on occasion, but they
rarely include attachments. If you receive a notification message
that includes an attachment and are in doubt about its
authenticity, please contact [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>.
Please note that UPS takes its customer relationships very
seriously, but cannot take responsibility for the unauthorized
actions of third parties.
Thank you for your attention.
------------------------------------------------------------------------
Talk to your Yahoo! Friends via Windows Live Messenger. Find Out
How
<http://www.windowslive.com/explore/messenger?ocid=TXT_TAGLM_WL_messenger_yahoo_082008>
------------------------------------------------------------------------
Get thousands of games on your PC, your mobile phone, and the web with
Windows®. Game with Windows
<http://clk.atdmt.com/MRT/go/108588800/direct/01/>
