Re: VIRUS ALERT

[Sam Suklis]

...Alas, Bob, it is another one of those hoaxes. (lost count of how many
I've taken for real before I started going to the Symantek page to check
first)

Go here to read about it:

http://www.symantec.com/avcenter/venc/data/life.is.beautiful.hoax.html

Regards, Sam Suklis
SS

> > > > >Subject: PLEASE READ > > >Dear all > > >Please be aware of this: >
> >This information arrived this morning, from Microsoft and Norton. Please
> > >send it to everybody you know who accesses the Internet. You may

receive > > >an email with a PowerPoint presentation called "Life is
beautiful.pps." > > >If you receive it DO NOT OPEN THE FILE UNDER ANY
CIRCUMSTANCES, and >delete > > >it immediately. If you open this file, a
message will appear on your > > screen > > >saying: "It is too late now,
your life is no longer beautiful", > > >subsequently you will LOSE
EVERYTHING IN YOUR PC and the person who sent > > it > > >to you will gain
access to your name, email and password. This is a new > > >virus which
started to circulate on Saturday 11 May, 2002. > > >WE NEED TO DO EVERYTHING
POSSIBLE TO STOP THIS VIRUS. AOL has already > > >confirmed its
dangerousness, and the antivirus Softs are not capable of > > >destroying
it. The virus has been created by a hacker who calls himself > > >"life
owner", and who aims to destroying PCs and who also fights >Microsoft > >

>in court! That's why it comes disguised > > >with extension pps. He fights

in court for the Windows-XP patent.

> >
> > This one could be genuine...Bob
> >
>
>
> [Non-text portions of this message have been removed]
>
>
>
>
> Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
>
>
>

[Chip Old]

It's a hoax. See:

http://www.F-Secure.com/hoaxes/lifepps.shtml
http://vil.mcafee.com/dispVirus.asp?virus_k=99307
http://securityresponse.symantec.com/avcenter/venc/data/life.is.beautiful.hoax.html

If you receive a "virus warning" by e-mail, PLEASE check it out on one of
the well-known antivirus Web sites before naively forwarding it to others.

On Sat, 1 Jun 2002, R.F.Butson wrote to MG TABC:

> ----- Original Message -----
> From: Christine
> To: Undisclosed-Recipient:@mail01.onetel.net.uk;
> Sent: Saturday, June 01, 2002 12:19 AM
> Subject: Fw: Virus Alert
>
> Subject: Re: Virus Alert
>
> please take notice of this
>
> >From: laura bird To: jane wheeler , Paul Wheeler , Leigh , Melanie ,
> >Lee Prendigast , Jamie , charlotte , Donna , Lasalle Fields , Alex
> >Fyffe , Emma-louise Bird , John Bird , sahra bird Subject: Virus Alert
> >Date: Thu, 30 May 2002 21:25:43 +0100 (BST)
> >
> > > > >Subject: PLEASE READ > > >Dear all > > >Please be aware of this:
> > > > >> > >This information arrived this morning, from Microsoft and
> > > > >Norton. Please > > >send it to everybody you know who accesses
> > > > >the Internet. You may receive > > >an email with a PowerPoint
> > > > >presentation called "Life is beautiful.pps." > > >If you receive
> > > > >it DO NOT OPEN THE FILE UNDER ANY CIRCUMSTANCES, and >delete > >
> > > > >>it immediately. If you open this file, a message will appear on
> > > > >your > > screen > > >saying: "It is too late now, your life is no
> > > > >longer beautiful", > > >subsequently you will LOSE EVERYTHING IN
> > > > >YOUR PC and the person who sent > > it > > >to you will gain
> > > > >access to your name, email and password. This is a new > > >virus
> > > > >which started to circulate on Saturday 11 May, 2002. > > >WE NEED
> > > > >TO DO EVERYTHING POSSIBLE TO STOP THIS VIRUS. AOL has already > >
> > > > >>confirmed its dangerousness, and the antivirus Softs are not
> > > > >capable of > > >destroying it. The virus has been created by a
> > > > >hacker who calls himself > > >"life owner", and who aims to
> > > > >destroying PCs and who also fights >Microsoft > > >in court!
> > > > >That's why it comes disguised > > >with extension pps. He fights
> > > > >in court for the Windows-XP patent.
> >
> > This one could be genuine...Bob

--
Chip Old (Francis E. Old) E-Mail: fold@bcpl.net
Manager, BCPL Network Services Phone: 410-887-6180
Manager, BCPL.NET Internet Services FAX: 410-887-2091
Baltimore County Public Library
320 York Road
Towson, MD 21204 USA

[Larry Pate]

Dear Friends,

Some of you may have received the same bizarre e-mail message that I
received (see below) from "Bentley Lodge Goulburn "
regarding the booking of a TC for some "Classic Experience" package. The
message probably would have been sent to you directly, as mine was, not
through mg-tabc@yahoogroups.com. If so, and if you find it contains an
attachment, DO NOT OPEN THE ATTACHMENT. The attachment to the message I
received contained a .scr file that was infected with a virus. I do not
know the sender, have never communicated with them, have never even heard of
this service they say they are offering, and my name isn't "Lesley," the
person the message was purportedly directed to. The business may be
legitimate; it may not be. However, the important point is that the message
may contain an executable or filtered attachment that, if opened, could
corrupt your computer and cause you to unknowingly infect others with the
virus. The sender may not even be aware of the virus, particularly if it is
one of the more nasty viruses, like KLEZ or MAGISTR. In any case, I wanted
to alert all of you to the potential problem since it is reasonable to have
come from someone associated with this list. I have pasted the message
below with full header information (without the attachment, of course) for
those who have more computer knowledge and savy than I have.

Best,

Larry


Return-Path:
Received: from mta04.mail.mel.aone.net.au ([203.2.192.84] verified)
by vel.net (CommuniGate Pro SMTP 4.0.6)
with ESMTP id 15001009 for larry@pate.org; Fri, 06 Jun 2003 00:50:16 -0700
Received: from [210.84.50.250] by mta04.mail.mel.aone.net.au with SMTP
id
;
Fri, 6 Jun 2003 17:49:32 +1000
From: "Bentley Lodge Goulburn"
Subject: Re: InterBed Booking Enquiry for Bentley Lodge
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------N0HBY0980CXR2M"
Message-Id:

Date: Fri, 6 Jun 2003 17:50:03 +1000

Hi Lesley

We have availability for that date. The MGTC is already booked for that
day, so we only have the Mercedex and the Lotus 7 available. Please advise
asap if you require either of these vehicles.

Check in for the "Classic Experience" package is 10:30 am Saturday, using
the vehicle that day, dinner, accommodation overnight and breakfast the
following morning. Check out is at 10:00 am Sunday.

Please advise your requirements.

Regards
liz Knight

----- Original Message -----
F

[ROSS TAYLOR]

'G'day
The Bently Lodge is a ligitimate business in Goulburn here in OZ. They run a
Lodge type set up where you can hire classic cars for runs around the
country. I also recieved the email but threw it in the bin
Regards Ross TC4284

>From: "Larry Pate"
>To:
>CC:
>Subject: [mg-tabc] VIRUS ALERT
>Date: Fri, 6 Jun 2003 16:31:55 -0700
>
>Dear Friends,
>
>Some of you may have received the same bizarre e-mail message that I
>received (see below) from "Bentley Lodge Goulburn "
>regarding the booking of a TC for some "Classic Experience" package. The
>message probably would have been sent to you directly, as mine was, not
>through mg-tabc@yahoogroups.com. If so, and if you find it contains an
>attachment, DO NOT OPEN THE ATTACHMENT. The attachment to the message I
>received contained a .scr file that was infected with a virus. I do not
>know the sender, have never communicated with them, have never even heard
>of
>this service they say they are offering, and my name isn't "Lesley," the
>person the message was purportedly directed to. The business may be
>legitimate; it may not be. However, the important point is that the
>message
>may contain an executable or filtered attachment that, if opened, could
>corrupt your computer and cause you to unknowingly infect others with the
>virus. The sender may not even be aware of the virus, particularly if it
>is
>one of the more nasty viruses, like KLEZ or MAGISTR. In any case, I wanted
>to alert all of you to the potential problem since it is reasonable to have
>come from someone associated with this list. I have pasted the message
>below with full header information (without the attachment, of course) for
>those who have more computer knowledge and savy than I have.
>
>Best,
>
>Larry
>
>
>Return-Path:
>Received: from mta04.mail.mel.aone.net.au ([203.2.192.84] verified)
> by vel.net (CommuniGate Pro SMTP 4.0.6)
> with ESMTP id 15001009 for larry@pate.org; Fri, 06 Jun 2003 00:50:16
>-0700
>Received: from [210.84.50.250] by mta04.mail.mel.aone.net.au with SMTP
> id
>;
> Fri, 6 Jun 2003 17:49:32 +1000
>From: "Bentley Lodge Goulburn"
>Subject: Re: InterBed Booking Enquiry for Bentley Lodge
>MIME-Version: 1.0
>Content-Type: multipart/mixed; boundary="----------N0HBY0980CXR2M"
>Message-Id:
>
>Date: Fri, 6 Jun 2003 17:50:03 +1000
>
>Hi Lesley
>
>We have availability for that date. The MGTC is already booked for that
>day, so we only have the Mercedex and the Lotus 7 available. Please advise
>asap if you require either of these vehicles.
>
>Check in for the "Classic Experience" package is 10:30 am Saturday, using
>the vehicle that day, dinner, accommodation overnight and breakfast the
>following morning. Check out is at 10:00 am Sunday.
>
>Please advise your requirements.
>
>Regards
>liz Knight
>----- Original Message -----
>F
>
>
>
>
>
>Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
>
>

_________________________________________________________________
Hotmail is now available on Australian mobile phones. Go to
http://ninemsn.com.au/mobilecentral/signup.asp

[ssuklis]

Larry:

I got it too.....twice today. You're right. Norton Antivirus says it's the
"Bug bear" virus. Nasty.


Best,

Sam

----- Original Message -----
From: "Larry Pate"
To:
Cc:
Sent: Friday, June 06, 2003 4:31 PM
Subject: [mg-tabc] VIRUS ALERT


> Dear Friends,
>
> Some of you may have received the same bizarre e-mail message that I
> received (see below) from "Bentley Lodge Goulburn "
> regarding the booking of a TC for some "Classic Experience" package. The
> message probably would have been sent to you directly, as mine was, not
> through mg-tabc@yahoogroups.com. If so, and if you find it contains an
> attachment, DO NOT OPEN THE ATTACHMENT. The attachment to the message I
> received contained a .scr file that was infected with a virus. I do not
> know the sender, have never communicated with them, have never even heard
of
> this service they say they are offering, and my name isn't "Lesley," the
> person the message was purportedly directed to. The business may be
> legitimate; it may not be. However, the important point is that the
message
> may contain an executable or filtered attachment that, if opened, could
> corrupt your computer and cause you to unknowingly infect others with the
> virus. The sender may not even be aware of the virus, particularly if it
is
> one of the more nasty viruses, like KLEZ or MAGISTR. In any case, I
wanted
> to alert all of you to the potential problem since it is reasonable to
have
> come from someone associated with this list. I have pasted the message
> below with full header information (without the attachment, of course) for
> those who have more computer knowledge and savy than I have.
>
> Best,
>
> Larry
>
>
> Return-Path:
> Received: from mta04.mail.mel.aone.net.au ([203.2.192.84] verified)
> by vel.net (CommuniGate Pro SMTP 4.0.6)
> with ESMTP id 15001009 for larry@pate.org; Fri, 06 Jun 2003
00:50:16 -0700
> Received: from [210.84.50.250] by mta04.mail.mel.aone.net.au with SMTP
> id
> ;
> Fri, 6 Jun 2003 17:49:32 +1000
> From: "Bentley Lodge Goulburn"
> Subject: Re: InterBed Booking Enquiry for Bentley Lodge
> MIME-Version: 1.0
> Content-Type: multipart/mixed; boundary="----------N0HBY0980CXR2M"
> Message-Id:
>
> Date: Fri, 6 Jun 2003 17:50:03 +1000
>
> Hi Lesley
>
> We have availability for that date. The MGTC is already booked for that
> day, so we only have the Mercedex and the Lotus 7 available. Please
advise
> asap if you require either of these vehicles.
>
> Check in for the "Classic Experience" package is 10:30 am Saturday, using
> the vehicle that day, dinner, accommodation overnight and breakfast the
> following morning. Check out is at 10:00 am Sunday.
>
> Please advise your requirements.
>
> Regards
> liz Knight
> ----- Original Message -----
> F
>
>
>
>
>
> Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
>
>

[Larry Pate]

To: Liz Knight, Bentley Lodge Goulburn, mg-tabc@yahoo.com list members

You may be unaware that I and several other people on the mg-tabc@yahoo.com
mailing list (and perhaps others too) inadvertently received a message you
sent today to "Lesley" as a result of a computer virus that has apparently
infected your system just in the last two days. Please see correspondence
below. One of the people on the list has identified the virus you sent as
the "Bug Bear" virus. I checked Symantec Security Response's web site and
learned that the new W32.Bugbear.B@mm worm was first discovered on 4 June
2003, just two days ago. Information on this virus is available at the
following site:

http://securityresponse.symantec.com/avcenter/venc/data/w32.bugbear.b@mm.htm
l


Symantec says the new W32.Bugbear.B@mm worm is:

"A variant of W32.Bugbear@mm.
A mass-mailing worm that also spreads through network shares.
Polymorphic and also infects a select list of executable files.
Possesses keystroke-logging and Backdoor capabilities.
Attempts to terminate the processes of various antivirus and firewall
programs."

"The worm uses the Incorrect MIME Header Can Cause IE to Execute E-mail
Attachment (see
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
bulletin/MS01-020.asp) vulnerability to cause unpatched systems to
auto-execute the worm when reading or previewing an infected message."

"Because the worm does not properly handle the network resource types, it
may flood shared printer resources, which causes them to print garbage or
disrupt their normal functionality."

"Symantec Security Response has created a tool
(http://securityresponse.symantec.com/avcenter/venc/data/w32.bugbear.b@mm.re
moval.tool.html) to remove W32.Bugbear.B@mm, which is the easiest way to
remove this threat."

Therefore,
PLEASE TURN OFF YOUR COMPUTER AND HAVE IT THOROUGHLY CHECKED BEFORE YOU SEND
ANY MORE MESSAGES. YOU COULD BE TRANSMITTING VERY PERSONAL AND PRIVATE
INFORMATION TO UNKNOWN SOURCES. YOU COULD ALSO BE SPREADING THE VIRUS TO
OTHERS IF THEY OPEN THE ATTACHMENT SENT AS A RESULT OF THE VIRUS.

Finally, on a personal note, I once had a computer that was infected with
the equally nasty MAGISTR virus and it was a nightmare for me when I learned
of the sensitive information that the virus was causing to be sent without
my knowledge to random names in my address book.

Good luck!


Larry Pate



-----Original Message-----
From: ssuklis [mailto:ssp15@attbi.com]
Sent: Friday, June 06, 2003 5:07 PM
To: mg-tabc@yahoogroups.com; Larry Pate
Cc: Richard.F.Lange@Boeing.com
Subject: Re: [mg-tabc] VIRUS ALERT

Larry:

I got it too.....twice today. You're right. Norton Antivirus says it's the
"Bug bear" virus. Nasty.

Best,

Sam


-----Original Message-----
From: Larry Pate [mailto:larry@pate.org]
Sent: Friday, June 06, 2003 4:32 PM
To: mg-tabc@yahoogroups.com
Cc: Richard.F.Lange@Boeing.com
Subject: [mg-tabc] VIRUS ALERT

Dear Friends,

Some of you may have received the same bizarre e-mail message that I
received (see below) from "Bentley Lodge Goulburn "
regarding the booking of a TC for some "Classic Experience" package. The
message probably would have been sent to you directly, as mine was, not
through mg-tabc@yahoogroups.com. If so, and if you find it contains an
attachment, DO NOT OPEN THE ATTACHMENT. The attachment to the message I
received contained a .scr file that was infected with a virus. I do not
know the sender, have never communicated with them, have never even heard of
this service they say they are offering, and my name isn't "Lesley," the
person the message was purportedly directed to. The business may be
legitimate; it may not be. However, the important point is that the message
may contain an executable or filtered attachment that, if opened, could
corrupt your computer and cause you to unknowingly infect others with the
virus. The sender may not even be aware of the virus, particularly if it is
one of the more nasty viruses, like KLEZ or MAGISTR. In any case, I wanted
to alert all of you to the potential problem since it is reasonable to have
come from someone associated with this list. I have pasted the message
below with full header information (without the attachment, of course) for
those who have more computer knowledge and savy than I have.

Best,

Larry


Return-Path:
Received: from mta04.mail.mel.aone.net.au ([203.2.192.84] verified)
by vel.net (CommuniGate Pro SMTP 4.0.6)
with ESMTP id 15001009 for larry@pate.org; Fri, 06 Jun 2003 00:50:16 -0700
Received: from [210.84.50.250] by mta04.mail.mel.aone.net.au with SMTP
id
;
Fri, 6 Jun 2003 17:49:32 +1000
From: "Bentley Lodge Goulburn"
Subject: Re: InterBed Booking Enquiry for Bentley Lodge
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------N0HBY0980CXR2M"
Message-Id:

Date: Fri, 6 Jun 2003 17:50:03 +1000

Hi Lesley

We have availability for that date. The MGTC is already booked for that
day, so we only have the Mercedex and the Lotus 7 available. Please advise
asap if you require either of these vehicles.

Check in for the "Classic Experience" package is 10:30 am Saturday, using
the vehicle that day, dinner, accommodation overnight and breakfast the
following morning. Check out is at 10:00 am Sunday.

Please advise your requirements.

Regards
liz Knight

----- Original Message -----
F

[Larry Pate]

Ross or others in OZ,

Help! Do any of you have a correct e-mail address for Liz Knight or Bentley
Lodge Goulburn. My reply to goscory@smh.com.au, the e-mail address given in
the original message, was returned as "Undeliverable: User Unknown." If you
do, please forward this correspondence directly to them. Thanks!

Apologies to those on this list who are unaffected, who didn't receive the
original message or the virus, who don't care, or who are irritated at the
bandwidth this correspondence is using. I hope you all know I am just
trying to be helpful by alerting everyone of a potential awful problem.
Thanks to all of you for your patience and understanding.

Larry


-----Original Message-----
From: Larry Pate [mailto:larry@pate.org]
Sent: Friday, June 06, 2003 5:59 PM
To: goscory@smh.com.au; Mg-Tabc@Yahoogroups.Com
Subject: FW: [mg-tabc] VIRUS ALERT


To: Liz Knight, Bentley Lodge Goulburn, mg-tabc@yahoo.com list members

You may be unaware that I and several other people on the mg-tabc@yahoo.com
mailing list (and perhaps others too) inadvertently received a message you
sent today to "Lesley" as a result of a computer virus that has apparently
infected your system just in the last two days. Please see correspondence
below. One of the people on the list has identified the virus you sent as
the "Bug Bear" virus. I checked Symantec Security Response's web site and
learned that the new W32.Bugbear.B@mm worm was first discovered on 4 June
2003, just two days ago. Information on this virus is available at the
following site:

http://securityresponse.symantec.com/avcenter/venc/data/w32.bugbear.b@mm.htm
l


Symantec says the new W32.Bugbear.B@mm worm is:

"A variant of W32.Bugbear@mm.
A mass-mailing worm that also spreads through network shares.
Polymorphic and also infects a select list of executable files.
Possesses keystroke-logging and Backdoor capabilities.
Attempts to terminate the processes of various antivirus and firewall
programs."

"The worm uses the Incorrect MIME Header Can Cause IE to Execute E-mail
Attachment (see
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
bulletin/MS01-020.asp) vulnerability to cause unpatched systems to
auto-execute the worm when reading or previewing an infected message."

"Because the worm does not properly handle the network resource types, it
may flood shared printer resources, which causes them to print garbage or
disrupt their normal functionality."

"Symantec Security Response has created a tool
(http://securityresponse.symantec.com/avcenter/venc/data/w32.bugbear.b@mm.re
moval.tool.html) to remove W32.Bugbear.B@mm, which is the easiest way to
remove this threat."

Therefore,
PLEASE TURN OFF YOUR COMPUTER AND HAVE IT THOROUGHLY CHECKED BEFORE YOU SEND
ANY MORE MESSAGES. YOU COULD BE TRANSMITTING VERY PERSONAL AND PRIVATE
INFORMATION TO UNKNOWN SOURCES. YOU COULD ALSO BE SPREADING THE VIRUS TO
OTHERS IF THEY OPEN THE ATTACHMENT SENT AS A RESULT OF THE VIRUS.

Finally, on a personal note, I once had a computer that was infected with
the equally nasty MAGISTR virus and it was a nightmare for me when I learned
of the sensitive information that the virus was causing to be sent without
my knowledge to random names in my address book.

Good luck!


Larry Pate



-----Original Message-----
From: ssuklis [mailto:ssp15@attbi.com]
Sent: Friday, June 06, 2003 5:07 PM
To: mg-tabc@yahoogroups.com; Larry Pate
Cc: Richard.F.Lange@Boeing.com
Subject: Re: [mg-tabc] VIRUS ALERT

Larry:

I got it too.....twice today. You're right. Norton Antivirus says it's the
"Bug bear" virus. Nasty.

Best,

Sam


-----Original Message-----
From: Larry Pate [mailto:larry@pate.org]
Sent: Friday, June 06, 2003 4:32 PM
To: mg-tabc@yahoogroups.com
Cc: Richard.F.Lange@Boeing.com
Subject: [mg-tabc] VIRUS ALERT

Dear Friends,

Some of you may have received the same bizarre e-mail message that I
received (see below) from "Bentley Lodge Goulburn "
regarding the booking of a TC for some "Classic Experience" package. The
message probably would have been sent to you directly, as mine was, not
through mg-tabc@yahoogroups.com. If so, and if you find it contains an
attachment, DO NOT OPEN THE ATTACHMENT. The attachment to the message I
received contained a .scr file that was infected with a virus. I do not
know the sender, have never communicated with them, have never even heard of
this service they say they are offering, and my name isn't "Lesley," the
person the message was purportedly directed to. The business may be
legitimate; it may not be. However, the important point is that the message
may contain an executable or filtered attachment that, if opened, could
corrupt your computer and cause you to unknowingly infect others with the
virus. The sender may not even be aware of the virus, particularly if it is
one of the more nasty viruses, like KLEZ or MAGISTR. In any case, I wanted
to alert all of you to the potential problem since it is reasonable to have
come from someone associated with this list. I have pasted the message
below with full header information (without the attachment, of course) for
those who have more computer knowledge and savy than I have.

Best,

Larry


Return-Path:
Received: from mta04.mail.mel.aone.net.au ([203.2.192.84] verified)
by vel.net (CommuniGate Pro SMTP 4.0.6)
with ESMTP id 15001009 for larry@pate.org; Fri, 06 Jun 2003 00:50:16 -0700
Received: from [210.84.50.250] by mta04.mail.mel.aone.net.au with SMTP
id
;
Fri, 6 Jun 2003 17:49:32 +1000
From: "Bentley Lodge Goulburn"
Subject: Re: InterBed Booking Enquiry for Bentley Lodge
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------N0HBY0980CXR2M"
Message-Id:

Date: Fri, 6 Jun 2003 17:50:03 +1000

Hi Lesley

We have availability for that date. The MGTC is already booked for that
day, so we only have the Mercedex and the Lotus 7 available. Please advise
asap if you require either of these vehicles.

Check in for the "Classic Experience" package is 10:30 am Saturday, using
the vehicle that day, dinner, accommodation overnight and breakfast the
following morning. Check out is at 10:00 am Sunday.

Please advise your requirements.

Regards
liz Knight

----- Original Message -----
F

[Larry Pate]

Hi Mark,

You're welcome. The sad thing about most of these viruses is that often the
person whose computer is affected won't even know the messages are being
sent! The way a "worm" works, as you may know, is to send out random
messages drawn from stored files within the computer. Very sensitive
information a person doesn't want a boss, colleague, wife, ex-wife, or
anyone to see can wind up sent to that person as an attachment. Very nasty.

Since this affects everyone on the MG-TABC list, I'll cc the list. For
anyone who want to know more about computer viruses and what to do if you
think you might be infected by one, see
http://securityresponse.symantec.com SAVE THIS WEB SITE ADDRESS! You may
need it.

Best,

Larry


-----Original Message-----
From: Mark McCombs [mailto:rudge@core.com]
Sent: Friday, June 06, 2003 6:24 PM
To: Larry Pate
Subject: Re: [mg-tabc] VIRUS ALERT

Thanks, Larry.
I am experiencing the same things via our company contact site. The messages
are very specifically related to the industry that we are in, and say
something to entice the opening of the attachment. Some even are "please see
attached purchase order". There are some twisted individuals out there with
alot of time on their hands to be targeting specific interests or
industries...
Regards
Mark TC8126

----- Original Message -----
From: "Larry Pate"
To:
Cc:
Sent: Friday, June 06, 2003 7:31 PM
Subject: [mg-tabc] VIRUS ALERT

> Dear Friends,
>
> Some of you may have received the same bizarre e-mail message that I
> received (see below) from "Bentley Lodge Goulburn "
> regarding the booking of a TC for some "Classic Experience" package. The
> message probably would have been sent to you directly, as mine was, not
> through mg-tabc@yahoogroups.com. If so, and if you find it contains an
> attachment, DO NOT OPEN THE ATTACHMENT. The attachment to the message I
> received contained a .scr file that was infected with a virus.