[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [APML] Virus with APML subject recieved...SOLVED?!
Hello Guys...!
I'm very sorry, but I guess that I'm that someone from norway...!
The nextgentel. no is my ISP and BYTEHEAVEN is my computer name..!
I had no idea that this virus was going on. Neither did i have a antivirus
software installed.
But last night i installed norton, and suddenly got to know it.
It was the bugbear virus as well as a trojan called Hooker (!)
It was a real hazzle to get my system clean, but i made i with the help from
the link http://security.symantec.com
My system is now clean, so I hope I didnt infect anyone else...
Guess I must sharpen up on my computer security...!
I hope for no hard feelings...!
Best regards,
Joachim Plocinski
Astrophotography and (new) computer security enthusiast
----- Original Message -----
From: "Jeff Crilly" <jlcphoto@myrealbox.com>
To: "Discussion of Film Astrophotography" <astro-photo@seds.org>
Sent: Wednesday, July 02, 2003 5:06 AM
Subject: Re: [APML] Virus with APML subject recieved...
> Hmm...
>
> Another minor note that folks should maybe look out for...
>
> It seems this message possibly originated from someone on "nextgentel.com"
> in norway. The mail.broadpark.no seems legit. Dunno for sure, but
> possibly someone in norway is infected?
>
> Also, keep in mind that this virus sends using an SMTP client
> built into it.. ie. you wont see these messages in your "sent" folder
> if the virus sends it.
>
> (Also, fwiw, the headers note 17:10 UTC as the time this was sent.
> My event log says my computer was turned on at 11am local time,
> which is 18:00 UTC. I'm pretty sure my computer was when this
> was propagating.)
>
> An easy way to see if you are infected is to check if you have oddly
> named programs in your start menu.
>
> More info here including a link to a removal tool...
>
http://securityresponse.symantec.com/avcenter/venc/data/w32.bugbear.b@mm.htm
l
>
>
>
> > Return-Path: <jlcphoto@wi.rr.com>
> > Received: from mtiwmhc14 ([127.0.0.1]) by mtiwmhc14.worldnet.att.net
> > (InterMail vM.5.01.05.12 201-253-122-126-112-20020820) with
ESMTP
> > id
<20030701171050.JIUL25972.mtiwmhc14.worldnet.att.net@mtiwmhc14>
> > for <astropix@worldnet.att.net>; Tue, 1 Jul 2003 17:10:50
+0000
> > Received: from mtiwmhc14.worldnet.att.net ([127.0.0.1])
> > by mtiwmhc14.worldnet.att.net
> > (InterMail vM.5.01.05.12 201-253-122-126-112-20020820) with
ESMTP
> > id
> >
<20030701170755.JAGN25972.mtiwmhc14.worldnet.att.net@mtiwmhc14.worldnet.att.
net>
> > for <astropix@worldnet.att.net>; Tue, 1 Jul 2003 17:07:55
+0000
> > Received: from mail.broadpark.no ([217.13.4.2])
> > by mtiwmhc14.worldnet.att.net (mtiwmhc14) with ESMTP
> > id <2003070117075411400q8g2fe>; Tue, 1 Jul 2003 17:07:54 +0000
> > Received: from byteheaven (68.80-202-100.nextgentel.com [80.202.100.68])
> > by mail.broadpark.no (Postfix) with SMTP
> > id 349EB786D8; Tue, 1 Jul 2003 19:07:47 +0200 (MEST)
> > From: "Jeff Crilly" <jlcphoto@wi.rr.com>
> > Subject: Re: [APML] Question re efficient use of film vs Quality
> > Message-Id: <20030701170747.349EB786D8@mail.broadpark.no>
> > Date: Tue, 1 Jul 2003 19:07:47 +0200 (MEST)
> > To: undisclosed-recipients:;
> > Mime-Version: 1.0
> > Content-Type: multipart/mixed;
>
> _______________________________________________
> Astro-Photo mailing list
> Astro-Photo@seds.org
> http://seds.org/mailman/listinfo/astro-photo
>
_______________________________________________
Astro-Photo mailing list
Astro-Photo@seds.org
http://seds.org/mailman/listinfo/astro-photo