My company's email server just yanked a virus out of an email
directed to me. From the headers it appears to be coming from
a user id of "vinttr4", possibly vinttr4@geneseo.net. The virus
is actually a trojan or worm, so this person probably does not
know he/she is infected. If you're out there, please disconnect
your computer from the internet until you clobber this virus.
Folks, don't jump all over this person, as they are most likely
just another victim. It's a worm. That's how they work. Do scan
your own machines for this bugger. Never, EVER run a .exe you get
in email, even from somebody you know.
Simon
Virus info below:
>Received: from ns3.geneseo.net (localhost [127.0.0.1]) by mondes.com
>(8.9.1b+Sun/8.7.3) with ESMTP id
> OAA17208 for <simon@mondes.com>; Mon, 11 Dec 2000 14:57:53 -0800 (PST)
>Received: from vinttr4 ([216.175.31.164]) by ns3.geneseo.net (8.9.3/8.9.3)
>with SMTP id QAA34734 for
> <simon@mondes.com>; Mon, 11 Dec 2000 16:57:40 -0600 (CST)
>Date: Mon, 11 Dec 2000 16:57:40 -0600 (CST)
>Message-ID: <200012112257.QAA34734@ns3.geneseo.net>
>From: Hahaha <hahaha@sexyfun.net>
>Subject: Snowhite and the Seven Dwarfs - The REAL story!
>MIME-Version: 1.0
>Content-Type: multipart/mixed; boundary="--VE09QZKTU7WPMRCL2ZKH238XUBSTEZ"
>Content-Length: 1001
>Status:
>X-Mozilla-Status: 8001
>X-Mozilla-Status2: 00000000
>X-UIDL: 3946042900001b8d
>
>
>------------------ Virus Warning Message (on paloalto)
>
>Found virus TROJ_HYBRIS.B in file dwarf4you.exe
>The file dwarf4you.exe is moved to /var/iscan/virus/virUECDVaaPy.
|