Just thought i'd share this info ... since i've just been stuffed with this ******* thing!!!!!!!

Email subject: You have new postcard! id=eOxBTiUTud

There's an email going around claiming you have a digital postcard from 'honey' [in my case, other names are prob used too] and its waiting at POSTCARDS.COM
A link is supplied: http://postcards.com/cgi-bin/LinkSQL/postcards.cgi?Do=pickup&PickUpCode=##########
[#### = a bunch of letters as the code] - which takes you to //221.2.162.20:6180/006/

Here is where the fun starts - so far it has added two extra bars to IE with a bunch of crap on, changed my home page to the URL that gave me all this shi* to start with, added it as a trusted site [and some others too], installed a bunch of program exe files that all seem to wanna start when booting up, removed my active desktop and put some other piece of junk up .. and now i'm off to find what else it has done.

I planned on spending the next two hours before i need to go out to get some stuff done. Now i gotta **** about with this and try to undo what its done. I feel like a format C: is on the cards just so i know i got it all!!!

I'm not impressed!!!

Just thought i'd share this info ... since i've just been stuffed with this ******* thing!!!!!!!

Email subject: You have new postcard! id=eOxBTiUTud

There's an email going around claiming you have a digital postcard from 'honey' [in my case, other names are prob used too] and its waiting at POSTCARDS.COM
A link is supplied: http://postcards.com/cgi-bin/LinkSQL/postcards.cgi?Do=pickup&PickUpCode=##########
[#### = a bunch of letters as the code] - which takes you to //221.2.162.20:6180/006/

Here is where the fun starts - so far it has added two extra bars to IE with a bunch of crap on, changed my home page to the URL that gave me all this shi* to start with, added it as a trusted site [and some others too], installed a bunch of program exe files that all seem to wanna start when booting up, removed my active desktop and put some other piece of junk up .. and now i'm off to find what else it has done.

I planned on spending the next two hours before i need to go out to get some stuff done. Now i gotta **** about with this and try to undo what its done. I feel like a format C: is on the cards just so i know i got it all!!!

I'm not impressed!!!

OUCH!!

Don't you just want to introduce the person who wrote that code's face to a baseball bat. Not that I am a violent person or condone violence but that is just wrong what they do.

Anyways. I have had similar problems. I use AdAware, SpyBot S&D and HiJackThis.exe to remove the problems. HiJackThis has been very hand to figure out what all they changed. Just be careful because You have to select what to remove. There are a lot of forums that will help with what to remove.

Good luck
Tigg

You mean Honey isn't real? Sob. Really? Sniffle, I've been cherishing this link all weekend. Nurturing it, culturing it. I was going to get dressed up in my blue suit tonight after dinner, put on some cologne and hair brill, and go open the card over a glass of sherry and some Johnny Mathis... I was so looking forward to it and now it turns out she's nothing but a fake? Sob! Oh the horror! [runs away]

Corey Milner
Creative Director, Indigo Rose Software (http://www.indigorose.com)

There but for the grace of god... I had an email that nearly caught me out recently. Claimed to be a security alert from my credit card company warning me of an attempt to re-charge my account at a jewellery shop in Italy. Fortunately I only download headers and delete 80% immediately from the server without ever downloading the body but this one almost slipped in.

I have an SPIFirewall built into my router, AntiVirus, Spybot, Ad-Aware and Trojan Remover etc. but at the end of the day they're all no good if you get tricked by a cleverly worded email.

Up to now, I'm lucky but almosty every day at work I get people coming to me asking for advice on recovering from this sort of thing - it's not funny when it happens to you. The penalties for the culprits should be absolutely swingeing. They have ruined the 'Internet Experience' for millions of people.

All I can say Derek, is been there, done that. It sucks too, cause this kind of thing isn't supposed to happen to us. We're supposed to be the "Techie" guys/gals.

Anyhow, I posted this link a while ago, and I can't say enough good things about this utility, BHO Demon. It'll help you clean your machine up, and it's FREE.

http://www.indigorose.com/forums/showthread.php?t=8928&highlight=BHO+Demon

*sigh* I'm just about ready to buy a new hard drive for my sweetie's computer and do a clean install. THen, copy over all her important stuff. It's easier that trying to kill a nasty that I've already spent HOURS on. It's one of those self-restoring beasts that NOTHING seems to get rid of.

Yeah I do some computer fixin for friends and family and I almost always reinstall the OS rather than try to fight one of these nasty viruses. I ran accros one lately that was super resilient. I would remove all traces of the files and so on and every time the computer rebooted it would come back.

it's too bad that the creators of these viruses don't use their powers for good because some of them are obviously very smart people.

My 2 cents

Adam Kapilik

I had a battle with some stuff last week and had to re-install Windows too. It was also resilient. Win Comm and WinLock. I had to go into safe mode to eliminate the individual components, etc. A real pain, but don't look for anyone in this industry to do anything about it anytime soon, it doens't fit into any profit plan.

In my case I am 100% sure of the souce too, it came through IE from a web site, and it went right through Zone Alarm and Norton Anti-virus, plopped an .exe on my hard drive and ran it. All without a single alert! I have since cranked up my web security, no problems now.

BTW the site which did it was a song lyrics site, those things are getting crazy bad and are good to avoid. I had the almost same thing happen a month or so too on a PHP script archive site. It's crazy because I think in that case the site owner didn't even know, it came in through one of their pop-up ad windows...

I'm still heartbroken over this link, Honey and I would have made a sweet couple. Sweeeeet I tell you!

LOL. I thought [in this case] honey was someone i know. Her email address is honeybunny***@*** - so i just guessed it was her. WRONG guess.
Anyway, i'll pack her up and send her over to you anyway, Corey. I think you'd make a sweeeeet couple ;)
----

The web page i refered to originally on this was a php site.
The worst thing about this is, at one time, we could be pretty sure that any virus making its way around the world was thru email. There didnt seem to be such a thing as web pages that could just zap yur computer as you browsed. That was not so long ago. Now of course time has moved on a few months and here we have it! Can't even browse safely now. I see the greatest form of communication being thwarted by malicious code and all the @$$holes that write it.
Is there never an end to it? Whats next? Answering your mobile phone and a virus embeds itself in your ear!! Perhaps Ebola may one day make use of the wireless phone network [perish the thought]. :eek:

Hee. Honeybunny, eh? Good ol' Derek, working the room like Roger Moore on a full moon... :)

Yes I agree with you Derek, idiots are ruining this thing. Millions of great people and a handful of stupid idiots, and the whole thing is ruined. It's such a shame. Destructive cowards. It's one thing to be a technical genius who loves taking apart systems in an effort to help make them better. But this is something else. It's also one thing to confront people you have a beef with, face to face, but again this is something other than that. Cowardice really.

I bought a router today, hopefully it'll help. Right now I have everything above 135 completely locked out but I plan to tighten it up more as I go along. The funny thing about my situation is that Zone Alarm and Norton allowed the virus to install and run first *and then* alerted me on it. Gee thanks guys. :)