ATHEN PALADINS FORUMS (in remaking)

http://www.avertlabs.com/research/blog/ ... ave-virus/

(...) new threat commonly referred to as the “Here you have” virus due to the email subject line the worm uses during propagation. It looks like multiple variants may be spreading and may take some time to work through them all to paint a clearer picture. Here’s what we know thus far.

Infectious email messages may have the following properties:

• Subject: Here you have or Just For you
  Body:
  
  Hello:
  
  This is The Document I told you about,you can find it Here.
  http://www.sharedocuments.com/library/P ... 542010.pdf
  
  Please check it and reply as soon as possible.
  
  Cheers,
  
  or
  
  Hello:
  
  This is The Free Dowload Sex Movies,you can find it Here.
  http://www.sharemovies.com/library/SEX21.025542010.wmv
  
  Enjoy Your Time.
  
  Cheers,

The URL does not actually lead to a PDF document, but rather an executable in disguise, such as PDF_Document21_025542010_pdf.scr served from a different domain, such as members.multimania.co.uk this URL is no longer active and the email propagation vector is believed to be crippled at this time (though already infected hosts may continue to spread email messages).


More info at the URL posted at the top of this message.

Thx for the heads up Chris much appreciated