"emailer.class" "familie.class" "phonbook.class" "is.class" "myname.class" "phone.class"

This was being discussed in another thread, but I hope I'm not breaking protocol by making it it's own topic (newbie signed up as I cannot find much info on these). This is the first time I've slipped up and gotten hit (though I must say it was very cleverly done IMO) and am a bit freaked out.

I got hit with these six Trojans a couple of days ago. I had made a purchase on Amazon, and a couple of days later, in the same exact looking verification e-mail that I've gotten many times before, was a tracking link. I clicked on it, and it did go to the UPS site, yet the number was invalid. When I went to my Amazon account, it said that no tracking number would be given for this item (an audio cable).

Very disturbing, as I knew something was wrong, but how my purchase info was gotten and the same exact e-mail was duplicated boggles my mind. I ran immediately an updated NIS, with no results. Ran one again that evening, again came up clear.

But I then e-mailed a friend of mine (numerous e-mails with this person for a long period of time), and he called me that my e-mails were intercepted in his spam folder. Fortunately, I only use Earthlink's online web mail ....don't even have an e-mail app set up.

Sure enough, the NIS scan then did show these high alert six Trojans. Said it quarantined and deleted them, but I couldn't find hardly any info either. Norton said in the report less than 10 norton users have used these.

Found one other person via a Google search, and his Hotmail account was bomb mailing his contacts. Also found some person whose phone found the same Trojans on some website overseas I think.

Again, these six Trojans:

"emailer.class" "familie.class" "phonbook.class" "is.class" "myname.class" "phone.class"

Wish I knew more about them.

R