Looks like a standard W32/Bagle virus msg. These must just be a new varient that hadn't made it into the AV defs fast enough to be blocked. -Russell Cheryl A Akers wrote: > One of my faculty got this too. I asked him to send me the full > headers, as > it is obviously bogus and includes a zipped attachment that contains who > knows what. In the mean time, I've notified my users to not open the > attachment. > Cheryl Akers > Microbiology and Molecular Genetics > > Laurence Bates writes: > >> Anybody else seen this... >> >> >> _____ >> >> From: Matthew J. Koehler [mailto:[log in to unmask]] >> Sent: Wednesday, February 16, 2005 5:23 PM >> To: Laurence A Bates >> Subject: Looks a fool-ware attempt ... >> >> >> >> Lawrence, it looks someone is spoofing mail from computer support again. >> Thought you might want to be aware and warn less savvy users. >> >> Attached is the message I received. (I like the bad grammar in the >> instructions telling me to run the .bat file :) >> >> Dr. Matthew J. Koehler >> 509 Erickson Hall >> Learning Technology and Culture >> Michigan State University >> East Lansing, MI 48824 >> 517.353.7211 >> >> >> Begin forwarded message: >> >> >> >> From: "Mail Administrator" <[log in to unmask]> >> Date: February 16, 2005 5:16:55 PM EST >> To: [log in to unmask] >> Subject: Returned mail: Data format error >> >> Dear user [log in to unmask], >> >> We have received reports that your e-mail account was used to send a huge >> amount of spam messages during this week. >> Obviously, your computer had been compromised and now runs a trojan proxy >> server. >> >> Please follow the instruction in order to keep your computer safe. >> >> Have a nice day, >> msu.edu technical support team. >> >> >> > >