ScanMail for Microsoft Exchange has detected virus-infected attachment(s).
Sender = gswhong@seed.net.tw
Recipient(s) = cfp-outgoing@dept.english.upenn.edu
Subject = Re: Your password!
Scanning Time = 07/15/2002 19:22:52
Engine/Pattern = 6.150-1001/319
Action on virus found:
The attachment decrypt-password.exe contains WORM_FRETHEM.K virus. ScanMail has Moved it. The attachment was moved to C:\Program Files\Trend\Smex\Virus\decrypt-password3d33675c17d.exe_.
Warning to recipient. ScanMail has detected a virus.
If the disinfected virus is KLEZ then it is very likely that the identified SENDER address is incorrect. Please use the Message of the Day Archive link that follows for an explanation of how KLEZ spoofs the SENDER address:
http://www.uwsp.edu/it/news/modApr2902.htm
Also, this article does a good job of explaining how KLEZ works: Also this article does a good job of explaining: <http://antivirus.about.com/library/weekly/aa042502a.htm>
If in the "Action on virus found:" section states that the attachment was moved to "C:\Program Files\Trend\Smex\Virus", you do not need to worry as the virus was quarantined to the C: drive on the server, not your personal hard disk. If there is still an attachment in the original message, it is safe to open.
For up-to-date virus information: <http://www.uwsp.edu/it/exchange/VirusInformation-TrendMicro.htm>
This archive was generated by hypermail 2b29 : Wed Jul 31 2002 - 23:59:06 EDT