Re: Possible virus via httpd server

[Wei-min Lee <weimin.b.lee@xxxxxxxxx>]

https://translate.google.com/#auto/es/Dear%20reader%2C%0A%0AI%20am%20a%20project%20member%20at%20Apache%2C%20and%20I%20ask%20you%20to%20pay%20close%20attention.%20%20I%20want%20you%20to%20help%20you%20*stop*%20receiving%20emails%20from%20apache.org.%0A%0AI%20offered%20you%20help%20last%20month%2C%20you%20didn't%20follow%20up.%0A%0AI%20NEED%20you%20to%20FORWARD%20me%20one%20of%20these%20emails%20as%20an%20attachment.%20%20If%20I%20see%20the%20attachment%2C%20it%20will%20tell%20me%20how%20you%20are%20subscribed%20and%20where%20the%20email%20was%20directed.%20%20It%20was%20not%20directed%20to%20you%20and%20was%20not%20emailed%20to%20info%40idealgourmet.es%20because%20that%20email%20is%20not%20a%20subscriber.%0A%0AOtherwise%2C%20please%20tell%20me%20instead%20what%20email%20addresses%20forward%20to%20your%20info%20%40%20email%20account%3F%20%20I%20will%20hunt%20those%20down%20and%20remove%20them%20from%20the%20subscriber%20list.%0A%0ABut%20if%20you%20don't%20follow%20these%20instructions%20I%20simply%20cannot%20help%20you%20%3A(%20%20%0A%0AKindly%20yours%2C%0A%0AWilliam

On Wed, Jan 13, 2016 at 4:11 PM, William A Rowe Jr <wrowe@xxxxxxxxxxxxx> wrote:

Is there a kind soul fluent enough Spanish to write a note to this user and 

help them out of their perhaps-unsolicited subscription in their native tongue?

Two polite attempts to reach them have failed completely, so I'm simply 

going to filter this sender to /dev/null, sigh.

Speaking of Spanish, there is an offer for new translations of httpd that

we would love proof-reading help with, if you are interested.  Please join

up with docs@xxxxxxxxxxxxxxxx if you would like to help review translated

docs pages!

Cheers,

Bill

---------- Forwarded message ----------
From: William A Rowe Jr <wrowe@xxxxxxxxxxxxx>
Date: Wed, Jan 6, 2016 at 4:39 PM
Subject: Re: Possible virus via httpd server
To: IdealGourmet <info@xxxxxxxxxxxxxxx>

Dear reader,

I am a project member at Apache, and I ask you to pay close attention.  I want you to help you *stop* receiving emails from apache.org.

I offered you help last month, you didn't follow up.

I NEED you to FORWARD me one of these emails *as an attachment*.  If I see the attachment, it will tell me *how* you are subscribed and *where* the email was directed.  It was not directed to you and was not emailed to info@xxxxxxxxxxxxxxx because that email is not a subscriber.

Otherwise, please tell me instead what email addresses forward to your info@ email account?  I will hunt those down and remove them from the subscriber list.

But if you don't follow these instructions I simply cannot help you :(  

If it would help, I can pass this on to a speaker of Espanol for easier communications?

Kindly yours,

Bill

On Mon, Jan 4, 2016 at 2:44 PM, IdealGourmet <info@xxxxxxxxxxxxxxx> wrote:

Stop to send emails in this adress!!!!!!!!!!!!!!!! You make an
error!!!!!!!!!!!!!!!

-----Mensaje original-----
De: Michael D. Berger [mailto:m.d.berger@xxxxxxxx]
Enviado el: lundi 4 janvier 2016 21:42
Para: users@xxxxxxxxxxxxxxxx; frazier377@xxxxxxxxxxxxx
Asunto: RE: Possible virus via httpd server

I tried the submission you suggest.  It said it is an executable file,
suitable for my Linux box.  I don't think I am about to run it.  Note that
my ESET NOD32 virus software finds nothing wrong with it.

Thanks,
Mike.
--
Michael D. Berger
m.d.berger@xxxxxxxx
http://www.rosemike.net/


> -----Original Message-----
> From: Kent Frazier [mailto:frazier377@xxxxxxxxxxxxx]
> Sent: Monday, January 04, 2016 13:57
> To: users@xxxxxxxxxxxxxxxx
> Subject: Re: Possible virus via httpd server
>
>
> You might try submitting the file at
> https://www.virustotal.com and see what it detects.
>
> On 1/4/16 8:18 AM, Michael D. Berger wrote:
> > Examining with Lemmy (A Windows version of VI), it looks
> like a binary file.
> > Size is 181.4 KB.
> > I am considering my favorite virus remover: DBAN, but it would take
> > several days work to recover from that.
> >
> > Mike.
> > --
> > Michael D. Berger
> > m.d.berger@xxxxxxxx
> > http://www.rosemike.net/
> >
> >
> >> -----Original Message-----
> >> From: Daniel Beardsmore [mailto:daniel@xxxxxxxxxxxxxxxxxxx]
> >> Sent: Monday, January 04, 2016 05:03
> >> To: users@xxxxxxxxxxxxxxxx
> >> Subject: RE: Possible virus via httpd server
> >>
> >> Well, what do you see if you examine the file in a text editor?
> >>
> >>> -----Original Message-----
> >>> From: Michael D. Berger [mailto:m.d.berger@xxxxxxxx]
> >>> Sent: 04 January 2016 05:03
> >>> To: Apache-Users
> >>> Subject: Possible virus via httpd server
> >>>
> >>> Using my WinXP Firefox client to access my previously
> working httpd
> >>> 2.4 server on Fedora 23 gets a file named 1OfvyQ5L instead of my
> >>> index.html .  Do you think I have a virus on my Linux box?  I did
> >>> notice that my iptables is not as tight as it should be.
> >>>
> >>> --
> >>> Michael D. Berger
> >>> m.d.berger@xxxxxxxx
> >>> http://www.rosemike.net/
> >>>
> >>>
> >>>
> >>>
> >>
> ---------------------------------------------------------------------
> >>
> >>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

--

~Wei-min Lee~