[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Fwd: Re. Virus transmitted from LOUISVILLE.STORTEK.COM
Thanks to David, I now know that it's not coming from me. You never can tell if
the corporate goons have all the right protections in place. I would suggest
just ignoring e-mails from me ;-)
I'll never send binary executable's through e-mail. Perl maybe...
Cheers,
Rob
When grilled further on (Fri, 26 Mar 2004 15:58:15 +0100),
David Troyer <dst@uni-muenster.de> confessed:
>
> Hi Rob,
>
> Just been reading your email to Oscar.
>
> Below is a copy of a message I sent to you today at
> creagrs@louisville.stortek.com, correctly or incorrectly. It contains the
> header of the mail in question, but I've deleted the insidious executable
> in the meantime. Both Norton and the virus detection at our university
> computing center found the W32.Beagle.gen virus in it, so Oscar was right
> in warning the tass members.
>
> Best,
>
> David
>
>
>
>
> ------- Forwarded message -------
> From: David Troyer <dst@uni-muenster.de>
> To: Robert Creager <creagrs@louisville.stortek.com>
> Subject: Re. Virus transmitted from LOUISVILLE.STORTEK.COM
> Date: Fri, 26 Mar 2004 14:04:20 +0100
>
> >
> > Robert,
> >
> > I received an email via tass from CreagRS@LOUISVILLE.STORTEK.COM with no
> > subject and no text, but with an executable file named lhmkkkeud.exe (9
> > KB) containing the W32.Beagle.gen virus.
> >
> > Since the bogus email is ostensibly from you at Storetek, you may want
> > to try to trace its origin, so here is the original header, for what
> > it's worth:
> >
> > ---- Begin of header ----
> >
> > Return-Path: <owner-tass@listserv.wwa.com>
> > Received: from zivlnx07.uni-muenster.de (ZIVLNX07.UNI-MUENSTER.DE
> > [128.176.188.154]) by batch16.uni-muenster.de (Postfix) with ESMTP id
> > CCBF99024 for <dst@uni-muenster.de>; Fri, 26 Mar 2004 12:58:36 +0100
> > (MEZ)
> > Received: from localhost (unknown [127.0.0.1]) by
> > zivlnx07.uni-muenster.de (Postfix) with ESMTP id 65CDF36786 for
> > <dst@uni-muenster.de>; Fri, 26 Mar 2004 12:58:37 +0100 (CET)
> > Received: from zivlnx07.uni-muenster.de ([127.0.0.1]) by localhost
> > (zivlnx07 [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 17888-07
> > for <dst@uni-muenster.de>; Fri, 26 Mar 2004 12:58:36 +0100 (CET)
> > Received: from dfw-listserv1.email.verio.net
> > (dfw-listserv1-ext.email.verio.net [129.250.36.34]) by
> > zivlnx07.uni-muenster.de (Postfix) with ESMTP id A1DAB36784 for
> > <dst@uni-muenster.de>; Fri, 26 Mar 2004 12:58:36 +0100 (CET)
> > Received: from majordom by dfw-listserv1.email.verio.net with local id
> > 1B6pxx-0000Cn-TO for tass-wwa.com-outgoing@majordomo.veriomail.com; Fri,
> > 26 Mar 2004 11:57:37 +0000
> > Received: from [129.250.36.58] (helo=dfw-smtpin6.email.verio.net) by
> > dfw-listserv1.email.verio.net with esmtp id 1B6pxu-0000CL-Jw for
> > tass@listserv.wwa.com; Fri, 26 Mar 2004 11:57:34 +0000
> > Received: from [195.80.104.154] (helo=REET) by
> > dfw-smtpin6.email.verio.net with smtp id 1B6pxt-0004uE-R3 for
> > tass@listserv.wwa.com; Fri, 26 Mar 2004 11:57:34 +0000
> > Date: Fri, 26 Mar 2004 13:59:06 +0200
> > To: tass@listserv.wwa.com
> > Subject:
> > From: CreagRS@LOUISVILLE.STORTEK.COM
> > Message-ID: <ujextsdholmkqxgowcf@LOUISVILLE.STORTEK.COM>
> > MIME-Version: 1.0
> > Content-Type: multipart/mixed; boundary="--------136717821210061"
> > Sender: owner-tass@listserv.wwa.com
> > Precedence: bulk
> > X-Virus-Scanned: by amavisd-new at uni-muenster.de
> > Status:
> >
> > ---- End of header ----
> >
> > Otherwise, just delete this message!
> >
> > Best,
> > David
> >
> >
> > David Troyer
> > dst@uni-muenster.de
> > Inst. for Arteriosclerosis Research
> > University of Münster
> >
> >
> >
> > ---------------------------
> >
> > On Fri, 26 Mar 2004 13:59:06 +0200, <CreagRS@LOUISVILLE.STORTEK.COM>
> > wrote:
> >
> >>
>
>
>
--
08:12:25 up 9:55, 1 user, load average: 4.05, 4.53, 4.42
Linux 2.4.21-0.14 #67 SMP Wed Mar 24 19:04:06 MST 2004
PGP signature