Re: Fwd: FW: Fw: Fw: virus alert

[Guest guest]

HOAX:

http://www.symantec.com/avcenter/venc/data/upgrade.internet.2.hoax.html

----- Original Message ----- > >

> >

> > > > > PLEASE, SEND THIS INFORMATION TO EVERY PERSON IN

> > > > > YOUR ADDRESS BOOK. IF YOU RECEIVE AN E-MAIL THAT

> > > > READS " UPGRADE INTERNET2 " DO NOT OPEN IT, AS IT

> > > > CONTAINS AN EXECUTABLE NAMED " PERRIN.EXE. " IT WILL

> > > > > ERASE ALL THE DATA IN YOUR HARD DRIVE AND IT WILL

> > > > STAY IN MEMORY. EVERY TIME THAT YOU UPLOAD ANY DATA,

> > > > > IT WILL BE AUTOMATICALLY ERASED AND YOU WILL NOT BE

> > > > > ABLE TO USE YOUR COMPUTER AGAIN.

[Guest guest]

Oh brother, here we go again...but unlike most of the virus warnings

going around, this one is not completely phony, nor is it completely

true.

On Mon, 27 Nov 2000 09:04:57 -0600 " ANGELA REYNOLDS "

writes:

> PLEASE, SEND THIS INFORMATION TO EVERY PERSON IN

> YOUR ADDRESS BOOK.

This is the first clue that it is bad information.

> IF YOU RECEIVE AN E-MAIL THAT

> READS " UPGRADE INTERNET2 " DO NOT OPEN IT, AS IT

> CONTAINS AN EXECUTABLE NAMED " PERRIN.EXE. " IT WILL

> ERASE ALL THE DATA IN YOUR HARD DRIVE AND IT WILL

> STAY IN MEMORY. EVERY TIME THAT YOU UPLOAD ANY DATA,

> IT WILL BE AUTOMATICALLY ERASED AND YOU WILL NOT BE

> ABLE TO USE YOUR COMPUTER AGAIN.

I have not heard of this particular executable. This may or may not be

true.

Of course you mac users don't have to worry...

> THIS INFORMATION WAS PUBLISHED YESTERDAY IN THE CNN

> WEB SITE. THIS IS A VERY DANGEROUS VIRUS.

I have been to the CNN website and can find no mention of it. Might you

be able to clue me into where it is? A specific URL would be nice, such

as http://www.cnn.com/?????

>TO THIS DATE, THERE IS NO KNOWN ANTIVIRUS PROGRAM FOR THIS

>PARTICULAR VIRUS.

I find that hard to believe.

> PLEASE, FORWARD THIS INFORMATION TO

>YOUR FRIENDS, SO THAT THEY WILL BE ON THE ALERT.

Consider me warned.

> ALSO CHECK THE LIST BELOW, SENT BY IBM, WITH THE NAMES OF

>SOME E-MAILS THAT, IF RECEIVED, SHOULD NOT BE OPENED

>AND MUST BE DELETED IMMEDIATELY, BECAUSE THEY CONTAIN

>ATTACHED VIRUSES. THIS WAY YOUR COMPUTER WILL BE

>SAFE.

Most E-Mail programs (in fact all that I have used) open the E-Mail

automatically. Opening the attachment is another story altogether, and

you should not open an attachment unless you know what it is and who it's

from.

Also, I have checked out the IBM website and I haven't found this list

mentioned there either. I sure would like the URL if you have it.

> THE TITLES ARE:

Here is the truth:

> 1) buddylst.exe

> 2) calcu18r.exe

> 3) deathpr.exe

> 4) einstein.exe

> 5) happ.exe

> 6) girls.exe

I have not heard of these in particular. Probably best to delete them

and do not open them.

> 7) happy99.exe

This is a type of a program called a Trojan. I keep it on my system to

demonstrate it for people, to show them how it looks, what it does, and

how to remove it.

It is called a Trojan because, like the Trojan horse, it comes as a

" gift " , but has an evil action. It WILL NOT erase your hard drive, cause

your monitor to explode, cause your telephone to catch on fire, etc.

What it WILL do is (unknown to you) it will replace your Windows Socket

file (an interface between Windows and the Internet) with one of its own,

and it will make a copy of happy99.exe, rename it, and using its own

socket file, will send a copy of itself to anyone you send E-Mail to.

Then they get it, see it's from you, open it, it infects their machine,

then all of their friends get it, etc...it's a gift that keeps on giving

(an unwelcome gift!) It is also simple to remove (but you have to go

into the windows folder, delete and rename files, so it's not something I

recomend opening unless you are computer literate).

> 8) japanese.exe

> 9) keypress.exe

> 10) kitty.exe

> 11) monday.exe

> 12) teletubb.exe

> 13) The Phantom Menace

I am also not familiar with these, but again I recomend not opening

anything that you're not sure of.

> 14) prettypark.exe

This one has been well publicised. This is a very nasty Trojan - DO NOT

OPEN IT!

> 15) UP-GRADE INTERNET2

> 16) perrin.exe

Discussed above

> 17) I love You

This is a Microsoft Word macro virus. A macro is a set of commands (a

script), and it requires Windows Scripting Host to be enabled for it to

do its dirty work. The same is true of .

> 18) CELCOM Screen Saver or CELSAVER.EXE

This one has been contriversial, some say it is dangerous, some say it is

just useless. I have never seen it myself, so I haven't had a chance to

try it. Just the same I recomend deleting it.

> 20) JOIN THE CREW O PENPALS

This is an urban legend that has been going around for years. the

warning E-mail goes something to the effect of " If you recieve an E-Mail

entitled " Join The Crew " , do not open it! " There have been a number of

variations of this letter. Keep a few things in mind:

E-Mail itself is not harmful. Opening attachments can be.

I have seen warnings that say a particular virus will damage both Macs

and PCs - this is not true! A Mac virus (which there are very few of

anyway) will do nothing to a PC, and a PC virus will do nothing to a Mac

- they are simply incompatable

> ONCE AGAIN, DO NOT OPEN THESE E-MAILS AND PASS THIS

> INFORMATION ON TO YOUR FRIENDS

Huggy Bear

Keep the information coming!

________________________________________________________________

GET INTERNET ACCESS FROM JUNO!

Juno offers FREE or PREMIUM Internet access for less!

Join Juno today! For your FREE software, visit:

http://dl.www.juno.com/get/tagj.