>From the support list for the virus software I use: These do look very suspicious. It appears as though they are malformed viruses -- specifically, the m e s s a g e . z i p file contains a file message.htm. The message.htm file appears to start with MIME headers, followed by a file "foo.exe" that appears to connect to the Internet, and HTML JavaScript code that includes a function "malware()". Although we can't confirm that it is a virus, it would appear that it is almost certainly either a virus or some other type of malware. John Tolmachoff MCSE CSSA Engineer/Consultant eServices For You www.eservicesforyou.com > -----Original Message----- > From: Mike Dufoe [mailto:dufoem@xxxxxxxxxxx] > Sent: Friday, August 01, 2003 10:55 AM > To: [ExchangeList] > Subject: [exchangelist] RE: OT URGENT: Possible virus attach in zip attachments. > > http://www.MSExchange.org/ > > John, do you have anymore info than this? > > > > -----Original Message----- > From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] > Sent: Friday, August 01, 2003 1:43 PM > To: [ExchangeList] > Subject: [exchangelist] OT URGENT: Possible virus attach in zip attachments. > Importance: High > > http://www.MSExchange.org/ > > WARNING, there is a rapidly spreading possible maleware virus spreading. > > The subject line is y o u r a c c o u n t without the spaces. > The attachment is m e s s a g e . z I p without the spaces. > > This is real. I have already caught many of these in the last ½ hour. > > > John Tolmachoff MCSE CSSA > Engineer/Consultant > eServices For You > www.eservicesforyou.com > > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist > Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp > Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > Leading Network Software Directory: http://www.serverfiles.com > No.1 ISA Server Resource Site: http://www.isaserver.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this MSExchange.org Discussion List as: > dufoem@xxxxxxxxxxx > To unsubscribe send a blank email to leave-exchangelist- > 1440469J@xxxxxxxxxxxxx > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist > Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp > Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > Leading Network Software Directory: http://www.serverfiles.com > No.1 ISA Server Resource Site: http://www.isaserver.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this MSExchange.org Discussion List as: > johnlist@xxxxxxxxxxxxxxxxxxx > To unsubscribe send a blank email to leave-exchangelist- > 1440469J@xxxxxxxxxxxxx