[ jEdit-users ] Re: Virus warning

[Kris K. <kr...@ma...>]

Or more importantly, don't use insecure email clients. If you really 
have to use Windows, there is a plethora of other mail clients 
available that are secure.

Kris

>Hey folks-
>
>Yesterday, I received a message containing a virus. I didn't examine the
>binary payload, but the message style was sort of like W32.BadTrans.B@MM
>("empty" body with just an IFRAME that embeds the attachment to try to
>get Outlook to execute it). It was also different in the following ways:
>
>1. long gibberish Subject instead of "Re:":
>
> 
>	=F3=FB^A^P\234^Oplankeykeydesktopthumbs=CD=F8=D6=B7keykey=D1=F9=C6=B7=D1=
=F9=C6=B7=CD=F8=D6=B7thumbsthumbsadressadress=CD=F8=D6=B7adressdesktop=CD=F8=
=D6=B7adress=CD=F8=D6=B7desktop=CD=F8=D6=B7=CD=F8=D6=B7=D1=F9=C6=B7desktopth=
umbsthumbsadress=D1=F9=C6=B7=D1=F9=C6=B7desktop=CD=F8=D6=B7desktop=D1=F9=C6=
=B7thumbs=CD=F8=D6=B7planthumbs
>
>2. "Slava Pestov <sl...@je...>" as the "From:" header(!). Normally,
>W32.BadTrans.B@MM sends itself out with a fake From address or the From
>address from the local SMTP settings. This either means that somebody
>beside Slava had "Slava Pestov <sl...@je...>" as their From address
>in their SMTP settings or that this is a new virus or variant.
>
>Watch out.