Outlook virus via Hotmail while sleeping?

Zedric

NTFS Guru
Joined
12 Jan 2002
Messages
4,006
This morning I had this mail in my mailbox at Hotmail:

This message was created automatically by mail delivery software (Exim).

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

xxxxx@xxxxxxxxxxxxx.com
This message has been rejected because it has
a potentially executable attachment "application.pif"
This form of attachment has been used by
recent viruses or other malware.
If you meant to send this file then please
package it up as a zip file and resend it.

------ This is a copy of the message, including all the headers. ------

Return-path: <masterzedric@hotmail.com>
Received: from toronto-hse-pppXXXXXXX.sympatico.ca ([xxx.xxx.xxx.xxx] helo=XP1800)
by server1.01domain.net with esmtp (Exim 3.36 #1)
id xxxxxxxxxxxxx
for xxxxx@xxxxxxxxxxxxx.com; Fri, 06 Jun 2003 20:51:20 -0600
From: <masterzedric@hotmail.com>
To: <xxxxx@xxxxxxxxxxxxx.com>
Subject: Re: Screensaver
Date: Fri, 6 Jun 2003 22:51:19 --0400
Importance: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MSMail-Priority: Normal
X-Priority: 3 (Normal)
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="CSmtpMsgPart123X456_000_015B0B23"
Message-Id: <xxxxxxxxxxxxx@server1.01domain.net>

This is a multipart message in MIME format

--CSmtpMsgPart123X456_000_015B0B23
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

Please see the attached file.
--CSmtpMsgPart123X456_000_015B0B23
Content-Type: application/octet-stream;
name="application.pif"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="application.pif

<--- Attachment code appears here --->

This looks to me like a bounced virus. There are a few problems though.
1. I never got an infected letter to forward.
2. At the time of sending I was very much asleep (3-4am here).
3. I don't use Outlook nor MSN Explorer.

This looks like someone sent the email from toronto-hse-pppXXXXXXX.sympatico.ca (censored) which looks like a dial-up account in Canada. The sender was spoofed to make it look like I sent it.

Any thoughts on this? Should I take any action?
 
How did this end up in Hardware???
I meant to post it in Networking.

Some mod please move it. :)
 
I got a similar one from myself?? Like I send an email to myself with a virus screensaver attached. It had a subject line "Here's the screensaver you requested"?:confused:
 
well theres a couple of online virus scans that i dare say you know of, trend micro and nortons, always worth a shot as theres a new virus broke out in the wild this week. it does look like your pc has been sending somthing, but all viri will spoof the senders by using part addys from your addy book. if none of it makes sence and virus scans say ok, i wouldnt worry too much about it.
 
So I suppose I'll ignore it and be happy I don't use Outlook then. :)
 

Members online

Latest profile posts

Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
Any of the SP crew still out there?
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
hello peeps... is been some time since i last came here.
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.

Forum statistics

Threads
62,015
Messages
673,494
Members
5,621
Latest member
naeemsafi
Back