UPS virus

Toate mesajele

• 23 iulie 2008 16:28

  Moderator

   

   
  

  0

  Where did you hear about this virus? Please provide a link. I suspect that you received a hoax email.

  http://www.snopes.com/computer/virus/ups.asp

   

  If so, depending on what virus was in the payload, the answer could be yes or no, but it should.

  -steve

   

   
• 23 iulie 2008 16:43

   

   
  

  0

  Long story regarding my shipments with UPS, but I opened an email that I believed to be from UPS. It was not from UPS.

  I cannot tell if my computer is infected so I am running the Live OneCare product..  I do not believe this is a hoax.

   

   
• 23 iulie 2008 17:00

   

   
  

  0

  It's a hoax in the sense that it did not come from UPS, but rather from Russia.  Doing some internet research reveals that Microsoft can detect this as Trojan:Win32/Agent.EE, which is the same Trojan as Panda's detection of Trj/Agent.JEN, or Trend Micro's detection of TROJ_DLOADR.GG.

   
• 23 iulie 2008 17:03

  Moderator

   

   
  

  0

  Thanks, Dave. And AYB1, opening the email would not get your PC infected. Opening the supposed invoice that was attached to the email might get the PC infected, depending on the protections in place when you opened the payload- the attachment.

  -steve

   

   
• 23 iulie 2008 17:23

   

   
  

  0

  Thanks Dave:

   

  I will run Microsoft Live OneCare Virus scan.  Hope this removes the virus because I did try to open the attachment.

   

  Al

   

   
• 23 iulie 2008 17:30

   

   
  

  0

  You bet, but make sure your definitions are current because this was only added back on July 14, and if your really nervous, scan with the online scanners from Panda and Trend... you can't get much safer than that.

  http://housecall65.trendmicro.com/

  http://www.pandasecurity.com/activescan/index/

   
• 23 iulie 2008 22:30

   

   
  

  0
  Microsoft live one care found no virus after running several hours.

  Twenty minutes later a window popped up and asked me if I wanted to clean the found potential virus.

  Trojan Downloader:win32/agent.abc

  Virtool:win nt/Xantvi.a

   

  Took all day to find the problem.  Hopefully it is all working correctly.

   

  Thanks again,

   

  Al

   

   
• 24 iulie 2008 10:38

   

   
  

  0

  The new variant is hard to detect.

  There are just 5 AV detecting it and so far this is the only way to remove the UPS virus. Follow the given link and do as instructed to fix UPS virus.
  http://support.bicester-computers.com/showthread.php?t=18

   

   
• 24 iulie 2008 12:34

  Moderator

   

   
  

  0

  I just want to clarify, it is not the "UPS virus." The reference to UPS is simply because the malware is delivered via an email purported to be from UPS with an attachment. As noted in the information above, UPS never sends attachments in email for delivery notices via email.

  Furthermore, before anyone chases an infection from this or any other malware, please remember that this forum is for OneCare discussions, not general virus removal help.

  If you are using Windows Live OneCare and you have been infected, but OneCare did not detect or cannot remove the malware, please contact support to report this and for help with removal.

  How to reach support (FAQ) - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

   

  If  you are not using Windows Live OneCare, you are off topic for this forum. This is not a general forum for viruses, spyware, or Windows Help. For help with spyware issues, you may want to try the forums here: 

  http://aumha.net/ For help with virus removal, contact the maker of your Antivirus program.

  If you are in North America, you can call 866-727-2338 for help with virus and spyware infections. See http://www.microsoft.com/protect/support/default.mspx for details. For international information, see your local subsidiary Support site.

   

  -steve

   
• 24 iulie 2008 17:14

   

   
  

  0

  Live OneCare does not remove this virus.  It goes through the removal process.  But, the virus shows up on the next reboot.  The internet shows several other options for removal of this virus.  I really don't want to spend any more money on AV software since OneCare should be able to do it.  How long will it be before a solution is available?  Should I buy another program to fix this problem?

   
• 24 iulie 2008 17:27

  Moderator

   

   
  

  0

  There is no UPS Virus. There are several variants of the Trojan payload that you were tricked into opening in the scam email sent to you.

  I've merged your post into the thread where this has already been discussed.

  If you are using Windows Live OneCare and you have been infected, but OneCare did not detect or cannot remove the malware, please contact support to report this and for help with removal.

  How to reach support (FAQ) - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

   

  If you are in North America, you can call 866-727-2338 for help with virus and spyware infections. See http://www.microsoft.com/protect/support/default.mspx  for details.  For international information, see your local subsidiary Support site.

   

  -steve

   
• 25 iulie 2008 08:51

   

   
  

  0

   

  Hello all, I have had half a dozen machines hit by this virus on small office networks.  Does anyone know will this virus spread throughout the network from the PC that has been initially infected?  The only way I can see to get rid of the virus is to wipe and reload the machine although I have had success with a system restore on one PC but the other PC's cannot run a restore successfully as some PC's cant for other reasons.

   

  Any ideas would be appreciated...  I am more curious as to whether the virus will spread.  Thanks.

   

   

   
• 25 iulie 2008 12:32

  Moderator

   

   
  

  0

  The virus in contracted by the user opening the attachment in the email. Since the payload in the scam email is now a number of variants of the Trojan, I can't tell you if it can spread within the network in any other way.

  However, please note the following:

  If you are using Windows Live OneCare and you have been infected, but OneCare did not detect or cannot remove the malware, please contact support to report this and for help with removal.

  How to reach support (FAQ) - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

   

  If  you are not using Windows Live OneCare, you are off topic for this forum. This is not a general forum for viruses, spyware, or Windows Help. For help with spyware issues, you may want to try the forums here: 

  http://aumha.net/ For help with virus removal, contact the maker of your Antivirus program.

  If you are in North America, you can call 866-727-2338 for help with virus and spyware infections. See http://www.microsoft.com/protect/support/default.mspx for details. For international information, see your local subsidiary Support site.

   

  -steve
   
• 28 iulie 2008 18:03

   

   
  

  0

  Al,

   

  How did you find it?  I am having no luck so far.

   

  Thanks!

   

  Bob Moore

   

   
• 15 august 2008 15:50

   

   
  

  0

  I don't mean to be rude Stephen...but you are incorrect.  Many security providers are calling this the "ups virus" even though you are right, it's really a trojan.

   

  Try calling mcafee and asking them about the "UPS virus", it's real and it's been out since at least July 15th.

   
• 15 august 2008 15:58

  Moderator

   

   
  

  0

  You are not rude at all. :-) I *was* incorrect in my initial reply.

  -steve