Check this out, just got it from support@microsoft.com, lol! Subjest is screensaver. It must be a new virus cause Virus scanners on hotmail server didn't detect any virus, neither did Norton. Im downloaded it, but Im not opening it, lol!

That is weird........looks like its just extra info of the email though...not a virus........but I still wouldn't take any chances

ya dont open it.

Whatever happened to the good old "I Love You" viruses where you didn't have to guess if something was a virus?

they turned into "Hot pics of Anna" lol and Mellissa ..oh how i miss her lol

send it to me ill open it....its been almost 3weeks im ready for format anyway

lol yeah kindda weird the file size also....
(69k)

since it's pif file, I'm expecting to to untilize a system Dos command lie format, possible with correct Commandline switches to start formatting, but that wouldn't explain how it sent yu this e-mail from MS, have you tried opening it up with resource hacker, altho it only open win32 applications, if this pif file is really an win32 EXE file just renamed, you should be able to see something there.

Anyone can just use Ghost mail to forge the from header of an email and send it through any smtp server. Now that part there that says From: Home (81.....), there you can tell that it wasnt sent in by MS, if not it would have said so.

They used outlook express 6 to lol no outlook?

Opening it with a hex editor, I get the following pic. Looks like it's trying to call some system dll's espacially wsock32.dll, which "Contains the Windows Sockets API used by most internet and network applications to handle network connections". Definatly looks like some worm suspect.

Wierd that norton doesnt pick it up if it is indeed a worm....just download all the updates, if it still is not detected post on the norton forum (if they have one) about the file.

did u check it w/ a trojan scanner or is that not a possibility?

Norton has SARC, that's all I know as for the trojan scanner, I'd have to say that if norton can't pick this up then this is too new for any trojan scanner to pick up on.

theres a program called Trojan Remover ..down load it and see.

Could you please send me that "screensaver"? When you have the filesystem realtime protection on, the antivirus eliminates the application when it's about to being executed. Which means, you can have multiple trojans & viruses "asleep" on your hdd, but when you try to open one of them, it will be deleted, or access to the file denied (this way behaves Symantec & Norton).

Check here: http://www.flexbeta.net/main/comments.php?...catid=1&id=2722

That explains it, thanx Dave

http://www.theregister.com/content/56/30751.html take that!

Man this thing has spread extremely fast, I even got one on my flexbeta email account. and still hotmail servers aren't identifying this as a worm.

lol just received my first hotmail one...looking for it on other accounts...

i use spybots 1.2 and it works great to remove all the "junk" plus trojan remover and norton to clean the viruses.
*sigh* the things you have to do to protect your computer and data nowadays.

As usual Mac and Linux users are immune from infection.

email em back....hehe

Sounds like my GF, she's been wanting to have a baby!

sorry for blank post, i had to test uploading a picture

Its a worm heres the info.

A new worm that pretends to be an e-mail from Microsoft's technical support was quickly spreading on the Internet Monday, antivirus vendors said.

Dubbed Palyh, the mass-mailing worm can arrive as an e-mail from support@microsoft.com and comes with various subject lines, messages and file attachments.

When the file is executed, the worm uses the victim system's e-mail address book to spread, searches for HTML pages and text documents for other addresses, and also appears to spread via file shares, according to Message Labs, a provider of managed e-mail security services.

MessageLabs said it intercepted more than 35,000 copies of Palyh in 89 countries, with a majority reported in the U.K. The company expected the worm to hit the United States hard Monday as people came to work.

Due to an increased number of submissions, Symantec upgraded the worm from a category two to a category three rating, with five being the most serious. Symantec said it received reports of the worm from 221 consumers and six businesses.

Systems affected by Palyh include Windows 95, 98, NT, 2000, XP and ME, according to Symantec.

The worm has the ability to install spyware programs on infected systems, Kaspersky Labs said. The author of Palyh, however, included a temporary trigger in the worm so that its routines are active only until May 31, the company said.

I got it to.

Damn should have read more of the posts.LOOOOOOOOL

dude first, yes you should have read more of the posts, also you could have noticed its posted on the front page (www.flexbeta.net) under news
And, you also double posted, when you could have 1) Deleted your post with all the info, and or 2) Edited your last post and changed the info...

Thanks

I never got this e-mail, oh well

Do you want me to send to you from support@flexbeta.net??

WAAAA Shoot me I made a mistake Whoopy doo. Im not perfect like you.

ben be easy on him ... digger ur forgiven

Recived it today.

ben, ya dont need to worry about being mod

lol ya i got the place covered lol