We are in Australia and were expecting a delivery from UPS. Yesterday, 10 Nov 2010 I received a delivery failure email via yahoo with an attachment. At the time the Norton checker in Yahoo did not detect anything.
Also our mcafee security centre version 10.5 with build 10.5.216. This has virus scan version 14.5 with the latest DAT file did not detect anything.
This is the email text: DHL Delivery Problem No97656
From: DHL Express Services <firstname.lastname@example.org>
The attachment is: DHL_mailing_label_id.N62410.zip
So thinking it was safe I detached the file and double click it. It created a folder with nothing in it and it hit me that it may be a fake email.
I full scanned again and security centre did not find anything. Today it updated the dat file and again I did a full scan I did not find anything. I am using Windoes Vista with all the recent patches. I don't know what damage double clicking this file did.
Did someone experience the same issue with McAfee security centre? Did I just loaded a virus, if so then can anyone help with removing this since Mcafee still did not detect anything.
I saved the email and when I go to yahoo and tried to download the same file again today, it has detected that this is a virus via Norton virus checker. It did not say which virus it is though.
Thanks for your feedback Ex_Brit. At the time the email looks legitimate and both Norton (in yahoo) and McAfee did not see the attachment as a problem. So I executed the zip file. I'm not sure what the infection or the damage this is causing. So far I could not tell any isssues on the computer.
Do you have any advice on the next steps? To either determine if there is an issue or how to remove the offending corruptions? Should I remove McAfee for another Virus scanner?
What was in the zip? If nothing appeared to happen then it was suspicious. As I said, legititmate email rejection notices do NOT arrive as zip attachments, they spell out the rejected message in the text.
I recommend you scan for malware with the free version of THIS tool, update it before running.
I downloaded the malwarebytes scanner as you suggested and ran it. It did not find any infections, I guess this is good news. This will teach me not to open those attachments.
Do you think I need to do more here, like use another malware scanner?
Thank you for your advice and suggestions Ex_Brit.
No Luke, I don't think that is necessary. But Peter, the interesting part is even I received a similar kind of email from dhl website but it was stripped by my McAfee [Enterprise Edition] and even I'm expecting a international delivery through courier...
I guess there may be some suspicious codes in the mails that’s been send out from dhl website