[Dshield] Possible virus
neilr at ieee.org
Thu Jun 20 17:51:23 GMT 2002
At 08:40 AM 6/20/2002, you wrote:
>Errhhh, who's sending vcf's
>This was caught by John's Sanitizer just now.............
>REPORT: Trapped poisoned executable "MercyMail at mindspring.com.vcf"
>REPORT: Not a document, or already poisoned by filename. Not scanned for
>STATUS: Message quarantined in /var/spool/mail/quarantine, not delivered to
>Headers from message:
> > From list-admin at dshield.org Thu Jun 20 17:35:55 2002
> > Return-Path: <list-admin at dshield.org>
The original message was from Mercymail at mindspring.com, with the
subject line of "[Dshield] Questions from list newbie".
My Norton A/V (2002, definitions current as of this moment) doesn't
report the file as infected, and it contains the following plaintext:
---------- Begin Cut 'n Paste ----------
N:;MercyMail at mindspring.com
FN:MercyMail at mindspring.com
EMAIL;PREF;INTERNET:MercyMail at mindspring.com
---------- End Cut 'n Paste ----------
My guess is that the file/message is not actually infected, but that
your A/V program got nervous (which isn't a bad idea) when it saw the
Supreme Lord High Commander and Keeper of the Holy Potato
Random thought for the day:
WindowError:01D Unable to figure out our own code.
More information about the list