LAORLEAN-L Archives

Archiver > LAORLEAN > 2000-11 > 0973531459


From: "Jan Dunham" <>
Subject: Re: [LAORLEAN-L] Fw: Virus Info.-DOESN'T CONTAIN A VIRUS
Date: Mon, 6 Nov 2000 11:24:19 -0600
References: <001701c04811$822858a0$1b2a2141@cfl.rr.com>


Re: virus alerts - please see http://datafellows-sun-1.digisle.net/virus-info/hoax/

In 2000 there appeared a hoax message about Perrin.exe file that acts as a trojan. It was reportedly spread with 'Upgrade Internet2' message. So far we don't have a single report of this executable. Thus we consider this message a hoax. The original hoax message looks like that:

PLEASE, SEND THIS INFORMATION TO EVERY PERSON IN YOUR ADDRESS
BOOK.
IF YOU RECEIVE AN E-MAIL THAT READS "UPGRADE INTERNET2", DO NOT
OPEN IT, AS IT CONTAINS AN EXECUTABLE NAMED "PERRIN.EXE."
IT WILL ERASE ALL THE DATA IN YOUR HARD DRIVE AND WILL STAY IN
MEMORY. EVERY TIME THAT YOU UPLOAD ANY DATA, IT WILL BE
AUTOMATICALLY ERASED AND YOU WILL NOT BE ABLE TO USE YOUR
COMPUTER AGAIN.
THIS INFORMATION WAS PUBLISHED YESTERDAY IN THE CNN WEB SITE.
THIS IS A VERY DANGEROUS VIRUS. TO THIS DATE, THERE IS NO KNOWN
ANTIVIRUS PROGRAM FOR THIS PARTICULAR VIRUS.
PLEASE, FORWARD THIS INFORMATION TO YOUR FRIENDS, SO THAT THEY
WILL BE ON THE ALERT.

Later there appeared an addition to this hoax that lists a number of executable files that can be dangerous. The list includes Happy99, Pretty Park worms and Sonic worm-backdoor filenames. Other names were not used to spread viruses, trojans, worms and backdoors so far. As the addition to the above hoax mentions real malware we can't put it on our hoax pages.

Please ignore this and alike hoaxes and don't pass them on.


----- Original Message -----
From: "Merle Farrington" <>
To: <>
Sent: Monday, November 06, 2000 10:49 AM
Subject: [LAORLEAN-L] Fw: Virus Info.-DOESN'T CONTAIN A VIRUS


>
> ----- Original Message -----
> From: "Bob Farrington" <>
>
>
> > > > > Subject: Virus Info.-DOESN'T CONTAIN A VIRUS
> > > Importance: High
>
> > >
> > > PLEASE, SEND THIS INFORMATION TO EVERY PERSON IN YOUR ADDRESS
> BOOK.
> > > IF
> > > YOU
> > > > > RECEIVE AN E-MAIL THAT READS "UPGRADE INTERNET" DO NOT OPEN
> IT, AS
> > > IT
> > > > > CONTAINS AN EXECUTABLE NAMED "PERRIN.EXE." IT WILL ERASE ALL
> THE
> > > DATA IN
> > > > > YOUR HARD DRIVE AND IT WILL STAY IN MEMORY. EVERY TIME THAT
> YOU
> > > UPLOAD
> > > > > ANY DATA, IT WILL BE AUTOMATICALLY ERASED AND YOU WILL NOT BE
> ABLE
> > > TO
> > > USE
> > > > > YOUR COMPUTER AGAIN. THIS INFORMATION WAS PUBLISHED YESTERDAY
> IN THE
> > > CNN
> > > > WEB
> > > > > SITE. THIS IS A VERY DANGEROUS VIRUS. TO THIS DATE, THERE IS
> NO
> > > KNOWN
> > > > > ANTIVIRUS PROGRAM FOR THIS PARTICULAR VIRUS. PLEASE, FORWARD
> THIS
> > > > > INFORMATION TO YOUR FRIENDS, SO THAT THEY WILL BE ON THE
> ALERT.
> > > > > ALSO CHECK THE LIST BELOW, SENT BY IBM, WITH THE NAMES OF
> SOME
> > > E-MAILS
> > > > > THAT, IF RECEIVED, SHOULD NOT BE OPENED AND MUST BE DELETED
> > > IMMEDIATELY,
> > > > > BECAUSE THEY CONTAIN ATTACHED VIRUSES. THIS WAY YOUR COMPUTER
> WILL
> > > BE
> > > > SAFE.
> > > > > THE TITLES ARE:
> > > > > > > 1) buddylst.exe
> > > > > > > 2) calcu18r.exe
> > > > > > > 3) deathpr.exe
> > > > > > > 4) einstein.exe
> > > > > > > 5) happ.exe
> > > > > > > 6) girls.exe
> > > > > > > 7) happy99.exe
> > > > > > > 8) japanese.exe
> > > > > > > 9) keypress.exe
> > > > > > > 10) kitty.exe
> > > > > > > 11) monday.exe
> > > > > > > 12) teletubb.exe
> > > > > > > 13) The Phantom Menace
> > > > > > > 14) prettypark.exe
> > > > > > > 15) UP-GRADE INTERNET2
> > > > > > > 16) perrin.exe
> > > > > > > 17) I love You
> > > > > > > 18) CELCOM Screen Saver or CELSAVER.EXE
> > > > > > > 19) Win a Holiday (e-mail)
> > > > > > > 20) JOIN THE CREW O PENPALS
> > > > > ONCE AGAIN, DO NOT OPEN THESE E-MAILS.
> >
>
>

This thread: