RE: [DQSD-Users] how do I access document properties

[Krohne Gregory Contr AFRC/SCOS]

Title: Message

Kim Gräsman said there was a virus in one of my messages to this list yesterday. Turns out, the headers say it couldn't have come from me (it originated from a ComCast domain). I reported the originating IP address to ComCast as abuse. Looks like a virus is spoofing our "From" addresses and mailing to the list. The virus below may not have been from Monty. So, everybody update your virus definitions and rescan everything. Also, you might want to check the following registries entry manually. This new crop of virii (or, is it viruses?) try to kill your virus scanner process as a first step. Even if you are up to date, the virus might catch the scanner before the scanner catches the virus.   Keys:     HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run     HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Suspicious values:     "ssate.exe"="%System%\winsys.exe"     "Zone Labs Client Ex"="%windir%\svchost.exe -antivirus service"     "srate.exe"="%System%\irun4.exe"     "Service Host Driver"="%Windir%\svchost.exe"     "<random lowercase letters>" = "%System%\<the filename of the worm>"     "rate.exe"="%System%\i11r54n4.exe"     "ICQ Net" = "%Windir%\winlogon.exe -stealth"   From http://securityresponse.symantec.com/avcenter/vinfodb.html#threat_list   Regards, Gregory Krohne   -----Original Message----- From: Brian [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 17, 2004 10:40 PM To: [EMAIL PROTECTED] Subject: RE: [DQSD-Users] how do I access document properties Monty...       Your messages have the [EMAIL PROTECTED] virus attached to them.