[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [APML] Virus with APML subject recieved...SOLVED?!

To: "Discussion of Film Astrophotography" <astro-photo@seds.org>
Subject: Re: [APML] Virus with APML subject recieved...SOLVED?!
From: "westergren" <westergren@netzero.net>
Date: Wed, 2 Jul 2003 13:01:10 -0700
List-Archive: <http://seds.org/mailman/private/astro-photo>
List-Help: <mailto:astro-photo-request@seds.org?subject=help>
List-Id: Discussion of Film Astrophotography <astro-photo.seds.org>
List-Post: <mailto:astro-photo@seds.org>
List-Subscribe: <http://seds.org/mailman/listinfo/astro-photo>,<mailto:astro-photo-request@seds.org?subject=subscribe>
List-Unsubscribe: <http://seds.org/mailman/listinfo/astro-photo>,<mailto:astro-photo-request@seds.org?subject=unsubscribe>
References: <200307011729.h61HTvhw028030@seds.lpl.arizona.edu><02b201c34046$fdd35600$9702220a@PORTAJEFF><002c01c340d0$b8ab86d0$0200000a@byteheaven>
Reply-To: Discussion of Film Astrophotography <astro-photo@seds.org>
Sender: astro-photo-bounces@seds.org

Joachim,

Thanks for your note.  I'm really glad you got your system cleaned up.  It
helps us all by stopping this kind of virus from spreading.  You may not be
the only one from APML who had their computer infected, so it is important
that we all use antivirus software and keep it up to date.

Safe E-Mail
Don

> Hello Guys...!
>
> I'm very sorry, but I guess that I'm that someone from norway...!
> The nextgentel. no is my ISP and BYTEHEAVEN is my computer name..!
> I had no idea that this virus was going on. Neither did i have a antivirus
> software installed.
> But last night i installed norton, and suddenly got to know it.
> It was the bugbear virus as well as a trojan called Hooker (!)
> It was a real hazzle to get my system clean, but i made i with the help
from
> the link http://security.symantec.com
> My system is now clean, so I hope I didnt infect anyone else...
> Guess I must sharpen up on my computer security...!
>
> I hope for no hard feelings...!
>
> Best regards,
> Joachim Plocinski
> Astrophotography and (new) computer security enthusiast
>
> ----- Original Message -----
> From: "Jeff Crilly" <jlcphoto@myrealbox.com>
> To: "Discussion of Film Astrophotography" <astro-photo@seds.org>
> Sent: Wednesday, July 02, 2003 5:06 AM
> Subject: Re: [APML] Virus with APML subject recieved...
>
>
> > Hmm...
> >
> > Another minor note that folks should maybe look out for...
> >
> > It seems this message possibly originated from someone on
"nextgentel.com"
> > in norway.  The mail.broadpark.no seems legit.  Dunno for sure, but
> > possibly someone in norway is infected?
> >
> > Also, keep in mind that this virus sends using an SMTP client
> > built into it.. ie. you wont see these messages in your "sent" folder
> > if the virus sends it.
> >
> > (Also, fwiw, the headers note 17:10 UTC as the time this was sent.
> > My event log says my computer was turned on at 11am local time,
> > which is 18:00 UTC.  I'm pretty sure my computer was when this
> > was propagating.)
> >
> > An easy way to see if you are infected is to check if you have oddly
> > named programs in your start menu.
> >
> > More info here including a link to a removal tool...
> >
>
http://securityresponse.symantec.com/avcenter/venc/data/w32.bugbear.b@mm.htm
> l
> >
> >
> >
> > > Return-Path: <jlcphoto@wi.rr.com>
> > > Received: from mtiwmhc14 ([127.0.0.1]) by mtiwmhc14.worldnet.att.net
> > >           (InterMail vM.5.01.05.12 201-253-122-126-112-20020820) with
> ESMTP
> > >           id
> <20030701171050.JIUL25972.mtiwmhc14.worldnet.att.net@mtiwmhc14>
> > >           for <astropix@worldnet.att.net>; Tue, 1 Jul 2003 17:10:50
> +0000
> > > Received: from mtiwmhc14.worldnet.att.net ([127.0.0.1])
> > >           by mtiwmhc14.worldnet.att.net
> > >           (InterMail vM.5.01.05.12 201-253-122-126-112-20020820) with
> ESMTP
> > >           id
> > >
>
<20030701170755.JAGN25972.mtiwmhc14.worldnet.att.net@mtiwmhc14.worldnet.att.
> net>
> > >           for <astropix@worldnet.att.net>; Tue, 1 Jul 2003 17:07:55
> +0000
> > > Received: from mail.broadpark.no ([217.13.4.2])
> > >           by mtiwmhc14.worldnet.att.net (mtiwmhc14) with ESMTP
> > >           id <2003070117075411400q8g2fe>; Tue, 1 Jul 2003 17:07:54
+0000
> > > Received: from byteheaven (68.80-202-100.nextgentel.com
[80.202.100.68])
> > > by mail.broadpark.no (Postfix) with SMTP
> > > id 349EB786D8; Tue,  1 Jul 2003 19:07:47 +0200 (MEST)
> > > From: "Jeff Crilly" <jlcphoto@wi.rr.com>
> > > Subject:  Re: [APML] Question re efficient use of film vs Quality
> > > Message-Id: <20030701170747.349EB786D8@mail.broadpark.no>
> > > Date: Tue,  1 Jul 2003 19:07:47 +0200 (MEST)
> > > To: undisclosed-recipients:;
> > > Mime-Version: 1.0
> > > Content-Type: multipart/mixed;
> >
> > _______________________________________________
> > Astro-Photo mailing list
> > Astro-Photo@seds.org
> > http://seds.org/mailman/listinfo/astro-photo
> >
>
>
> _______________________________________________
> Astro-Photo mailing list
> Astro-Photo@seds.org
> http://seds.org/mailman/listinfo/astro-photo
>
>


_______________________________________________
Astro-Photo mailing list
Astro-Photo@seds.org
http://seds.org/mailman/listinfo/astro-photo

References:
- [APML] Virus with APML subject recieved...
  - From: astropix@att.net
- Re: [APML] Virus with APML subject recieved...
  - From: "Jeff Crilly" <jlcphoto@myrealbox.com>
- Re: [APML] Virus with APML subject recieved...SOLVED?!
  - From: "Joachim Plocinski" <joachimp@broadpark.no>

Prev by Author: [APML] New Browser Good for Astro Photos
Next by Author: Re: [APML] NGC7000 - Still Trying
Prev by thread: Re: [APML] Virus with APML subject recieved...SOLVED?!
Next by thread: Re: [APML] Virus with APML subject recieved...
Index(es):
- Author
- Thread