Woohooo, i got it this morning in the email :D Does anyone recognize this email address? I am guessing its someone that has me in their address book. :unhappy:


Return-path: <HEXADWEB@terra.es>
Envelope-to: marc@mchost.com
Delivery-date: Thu, 26 Jul 2001 09:45:24 -0700
Received: from mailhost.teleline.es ([195.235.113.141] helo=tsmtp8.mail.isp)
by atlantis.mchost.com with esmtp (Exim 3.22 #1)
id 15PoGJ-0002D7-00
for marc@mchost.com; Thu, 26 Jul 2001 09:45:23 -0700
Received: from ADSL ([213.98.172.40]) by tsmtp8.mail.isp
(Netscape Messaging Server 4.15 tsmtp8 Jun 21 2001 23:53:48)
with SMTP id GH3AGW00.P7Y for <marc@mchost.com>; Thu, 26 Jul
2001 18:43:44 +0200
From: "Hexad & Beep"<HEXADWEB@terra.es>
To: marc@mchost.com
Subject: prova
date: Thu, 26 Jul 2001 18:50:01 -0500
MIME-Version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
X-Mailer: Microsoft Outlook Express 5.50.4133.2400
Content-Type: multipart/mixed; boundary="----31B6AAA3_Outlook_Express_message_boundary"
Content-Disposition: Multipart message
Message-Id: <E15PoGJ-0002D7-00@atlantis.mchost.com>

Hi Marc,

From what I've heard, the virus also scans the temp Internet folder for email addresses in the files there... Same thing happened to me and I fired off an email to inform them about the virus as well as asking why they had my email address when I'd never heard of them..

In a word "Doh!"

SirCAM does indeed act in a very advanced fashion.

The email address in the header above is of spanish origin and is most likely the effect of someone who has used either a website that contains your email addy (and the files are still in cache on their system) or a mailing list archive etc.

I've received 16 emails today, all infected with the same virus, of which 15 came from the same source. The header for that particular user was actually quite perplexing, as it originates from a server at leeds.ac.uk and yet is routed through a server in mexico (.mx) very strange! The other one came from an estate agents in Leeds, whom I telephoned and informed.

This particular virus, from what I've learnt from McAfee's virus information library;
http://vil.mcafee.com/dispVirus.asp?virus_k=99141&
gives the impression that although the virus is non destructive, it is still dangerous in the way it operates.

One additional piece of information about it though, is that the Subject line of the email will almost certainly be the filename of the appended file.

Unlike many other viruses though you should be able to hit reply and the reply does go back to the person who you received it from.

Best of luck!

I got 3000 emails from vidotron.ca with this virus! Today I got over 500! I am going nuts. I am using my university email and there is no filtering option.

And even if you report it to abuse@videotron.ca they won't care. A national newspaper here wrote an article about them being the hacker's paradise. They don't mind their users scanning eveyone's ports...why would they mind if they send viruses :rolleyes: Sad but true.:angry:

I called them up and they said they have no idea who is in charge of their servers!!!

Originally posted by Ericd
And even if you report it to abuse@videotron.ca they won't care. A national newspaper here wrote an article about them being the hacker's paradise. They don't mind their users scanning eveyone's ports...why would they mind if they send viruses :rolleyes: Sad but true.:angry:

Might be a good host for unlimited ( :rolleyes: ) bandwidth ...since they don't care :D

Originally posted by kickster
I called them up and they said they have no idea who is in charge of their servers!!!

LOLOLOL! i think i want an account there! :D