WARNING UPS email virus....

Dr_Frank · ‎07-21-2008

Got an email from address aigc at brain-crash dot com reference a ups tracking number. It stated that they could not deliver a package I sent because the address was wrong. They asked me to open an attachment to view the invoice. I was immediately skeptical, as all other UPS emails come from a UPS address and have all the information right in the body of the message. the attachment was a zip file. I immediately checked online and found out that this message contains a virus that if opened will open your pc up to a Russian rootkit and replace system files. This is the website that gave me that information.... http://www.hoax-slayer.com/ups-malware.shtml. I hope this saves some of you the hassle....

Tech0utsider · ‎07-29-2008

Did Norton detect the rootkit?

And run a Full System Scan w/ Norton using the latest definitions, just in case.

And here is the Symantec report for Trojan/Jen.

http://www.symantec.com/security_response/writeup.jsp?docid=2008-071517-2718-99

Message Edited by Tech0utsider on 11-15-2008 11:53 PM

=\

Stu · ‎04-08-2008

Please try to safe the file, zip it and than send it to Symantec

Malware Submission

"All that we are is the result of what we have thought"

Floating_Red · ‎05-30-2008

As Tech suggested, please do a Full Sysytem Scan in Safe Mode with Updated Virus Definitions.

If Norton does not catch anything, you may want to install Malwarebytes' Anti-Malware. Please make sure you Update the Product before doing a Full Scan in Safe Mode (check all the boxes).

Malwarebytes' Anti-Malware: http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html.

Instructions to Start your Computer in Safe Mode: http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406?OpenDocument&src=sec_doc_n....

Tuesday, May 14, 2013: The Symantec THREATCON was Changed to Level 2: Elevated - Microsoft "Patch Tuesday" | Sunday, May 05, 2013: Microsoft Internet Explorer 8 Zero-Day Vulnerability (Update Released)

Tech0utsider · ‎07-29-2008

Yes, and if you still have the e-mail, please foward it to me.

What e-mail provider do you use (Yahoo, Hotmail, etc.)? Many use Symantec to scan their e-mail....

Please look for the letter in the upper right corner of your screen. It should be gold. Click on it and you will see my message containing my e-mail.

=\

Dr_Frank · ‎07-21-2008

No, Norton did not detect it, because I did not open the attachment. I think you have to open the attachment for it to work, right? I just marked it as SPAM and deleted it. I should have thought to submit it.

NY1986 · ‎06-27-2008

Having been super worried about infections and all, I have since come to feel very safe with Norton. So does the Norton layers of security stop this?

Tech0utsider · ‎07-29-2008

Yes.

=\

Stu · ‎04-08-2008

Dr_Frank wrote:
No, Norton did not detect it, because I did not open the attachment. I think you have to open the attachment for it to work, right? I just marked it as SPAM and deleted it. I should have thought to submit it.

It's ok to delete files you are not sure about. Although it wouldhave been easy to submit.

"All that we are is the result of what we have thought"