I had an Email returned undeliverable but it had a more than 600Kb attachment called Cartoons.pps on it that I didn't send. I have been told that it is a hoax. Is this true and how can I stop it or is it a real virus and how do I get rid of it? My AV can't find anything and I can't see anything obvious on HijackThis. My AV is Sophos and it has all the up to date ide files. Thanks again for any help. Sourdust

What e-mail client? IF it's one of the *cough* MS *cough* clients you might try scanning with the latest version of AVG free. Hope this helps. TJ

I have had a couple of those recently - sent via friends computer that had been hijacked by a trojan. It pretended to come from Microsoft but had his e-mail address in the return path. You can tell a lot by looking at the complete header if you E-mail client allows you to do it. I would delete it along with any other E-mails you get with unexpeted attachments. Stuart

Hi It is most likely to be a hoax as a virus. Sophos would have deleted it had it found a match. (you have the latest ide files) It could be harmless, but I would delete it just incase something harmful has been done to the .pps. Has the mail bounced from a valid email address? A person or new type of agent in an infected system has sent this attachment to you. Mail server programs do not add attachments to returned mail. (That's to say I haven't heard of any that do that) If... if the .pps was malicious in nature, I expect only full time Anti-virial software would have prevented any changes it would make to your system.

Thanks people. I have tried sending emails between different accounts I have and it seems to be ok. Sophos, Spybot and HijackThis can't find anything. I have Emailed all my contacts to warn them just in case and I deleted the suspect Email as soon as I saw it. It is a MS (cough spit) client TJ. Why would AVG find something that Sophos couldn't? Thanks again Sourdust

Are you set to show file extensions? If not do so. There is always a danger that a harmless looking .pps file (powerpoint presentation) is really a file named "xxxx.pps" with a hidden harmful extension such as .pic Anything said to be returned that you didn't send should be immediately binned. Do the same with anything appearing to have a double extension. Derek

your address was spoofed in the bad email. That means a virus or trojan plugged your email address as sender in a email. You are probably very innocent. Anybody who has your email addy in their address book could have a virus/trojan & could have sent this without their knowledge.