On Mon, Jul 15, 2002 at 10:57:42AM -0500, Rich wrote: > > According to F-Secure Web site, this is a virus that exploits > > a flaw in Internet Explorer, and by extension mail readers > > that use it, such as Outlook. No surprise there! The only > > surprise to me is that 250k infected file which appeared > > in my c:/tmp. What kind of things does Mutt park there, > > and where could that big file have come from?? Surely Mutt > > would not have uncompressed anything without telling me...? > > There is a new variant of a virus called Frethem.K that sends a text > file and file called decrypt-password.exe. This virus exploits IE and > Outlooks function to be able to run the executable just when the message > is viewed. There should have been another attatchment with you mail. We > just started getting hit with it at my work this morning. You can check > out > http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_FRETHEM.K > to read more about it.
Maybe the 250k file in c:\tmp was the attachment? Does Mutt cache such things in the TMPDIR? Tom -- Dr. Thomas Baker [EMAIL PROTECTED] Institutszentrum Schloss Birlinghoven mobile +49-171-408-5784 Fraunhofer-Gesellschaft work +49-30-8109-9027 53754 Sankt Augustin, Germany fax +49-2241-144-1408
