Olympus-OM
[Top] [All Lists]
<prev [Date] next> <prev [Thread] next>

Re: [OM] George's (classicVW) computerapparently infectedwith avirus

from Piers Hemy
Subject: Re: [OM] George's (classicVW) computerapparently infectedwith avirus
From: "Piers Hemy" <piers@xxxxxxxx>
Date: Tue, 13 Jul 2010 09:49:46 +0100 
Indeed yes, Chuck, someone has an infection of some sort, and it looks
likely that is George. Whether or not it is a virus is hard to say - but
what is being distributed as a result of the infection appears not to be a
virus, just a rogue email. But I would guess that propagation of the
infection is achieved by visiting the website linked to in the rogue emails.
The site has not been blacklisted by the checker I looked at
(www.urlvoid.com) but the whois data suggest that an individual in Moscow
owns the site. Who knows what his plans might be?

Piers

-----Original Message-----
From: Chuck Norcutt [mailto:chucknorcutt@xxxxxxxxxxxxxxxx] 
Sent: 13 July 2010 01:55
To: Olympus Camera Discussion
Subject: Re: [OM] George's (classicVW) computerapparently infectedwith
avirus

Thanks.  But is there not some infected machine somewhere on some list
member's machine that is providing the source of the addresses?  Or is the
swiping of the addresses remote in time and place from the current mailings?
I go bonkers trying to read the headers.

Chuck Norcutt


Piers Hemy wrote:
> I agree with you, Chuck, the email itself looks harmless, there is 
> simply a link to another website, which would explain why various AV 
> products do not pick it up.
> 
> But it's a bit more subtle than you described, as I did not receive 
> anything from George. Apparently "I" sent the message to someone with 
> an email service run by Tigertech, who duly rejected it for Spam 
> content, and returned it to the list bounce address (which is at 
> thomasclausen.net).  It looks like several others were also returned, 
> as I received an advisory to the effect that several bounces had been
received.
> 
> Inspecting the headers of the one message retirned to me, I see everal 
> addresses beginning with "O", including a few old list addresses, and 
> Moose (olymoose).  I assume that Moose had exchanged email with George 
> at some stage in the past, as have I.
> 
>>From the perspective of the recipients, it appears to be no more than 
>>a
> further spam source, which so far seems to be trivial in volume 
> compared to all the other stuff that I get (which is a fraction of 
> what I could get if I didn't have a few lines of defence).
> 
> Piers
> 
> -----Original Message-----
> From: Chuck Norcutt [mailto:chucknorcutt@xxxxxxxxxxxxxxxx]
> Sent: 12 July 2010 20:06
> To: Olympus Camera Discussion
> Subject: Re: [OM] George's (classicVW) computerapparently infectedwith 
> avirus
> 
> If it's the same thing as I saw (it was on the list) there was no harm 
> in opening the email.  I think the harm might come from clicking on 
> the link in the mail.
> 
> Chuck Norcutt
> 
> 
> Jim Nichols wrote:
>> Chuck,
>> Right now, it is isolated to the Norton AntiSpam folder.  I am a 
>> little bit afraid to try to examine it, for fear of infecting my 
>> computer.  What, specifically, should I look for?
>> Jim Nichols
>> Tullahoma, TN USA
>> ----- Original Message -----
>> From: "Chuck Norcutt" <chucknorcutt@xxxxxxxxxxxxxxxx>
>> To: "Olympus Camera Discussion" <olympus@xxxxxxxxxxxxxxxxx>
>> Sent: Monday, July 12, 2010 12:52 PM
>> Subject: Re: [OM] George's (classicVW) computer apparently 
>> infectedwith avirus
>>
>>
>>> George (and the others) may be very interested to hear that.  He has 
>>> been using a new machine with supposedly a new copy of Norton AV 
>>> which did not pick up the infection.  On my advice he also tried a 
>>> copy of Avast! which didn't pick anything up either.  He'd probably 
>>> be appreciative of your version numbers (code and data)
>>>
>>> Chuck Norcutt
>>>
>>>
>>> Jim Nichols wrote:
>>>> I just checked, and found it in my Norton AntiSpam Folder, as well.  
>>>> It was dated July 10.
>>>>
>>>> Jim Nichols
>>>> Tullahoma, TN USA
>>>> ----- Original Message -----
>>>> From: "Charles Geilfuss" <charles.geilfuss@xxxxxxxxx>
>>>> To: "Olympus Camera Discussion" <olympus@xxxxxxxxxxxxxxxxx>
>>>> Sent: Monday, July 12, 2010 12:19 PM
>>>> Subject: Re: [OM] George's (classicVW) computer apparently infected 
>>>> with avirus
>>>>
>>>>
>>>>> I just noticed that I have received the same e-mail from ClassicVW 
>>>>> at my hospital address that I used to use for the OM List.
>>>>>
>>>>> Charlie
>>>>>
>>>>> On Mon, Jul 12, 2010 at 11:13 AM, Charles Geilfuss < 
>>>>> charles.geilfuss@xxxxxxxxx> wrote:
>>>>>
>>>>>>   John,
>>>>>>          Would you be willing to let them know so we can correct 
>>>>>> the situation? Thanks.
>>>>>>
>>>>>> Charlie
>>>>>>
>>>>>>
>>>>>> On Mon, Jul 12, 2010 at 10:04 AM, John Hermanson
>>>>>> <omtech1@xxxxxxxxxxx>wrote:
>>>>>>
>>>>>>> I've gotten that link with the return addresses of 2 other list 
>>>>>>> members besides George.
>>>>>>> ___________________________________
>>>>>>> John Hermanson  |   CPS, Inc.
>>>>>>> 21 South Ln., Huntington NY 11743
>>>>>>> 631-424-2121  |  www.zuiko.com
>>>>>>> Olympus OM Service since 1977
>>>>>>> Gallery: www.zuiko.com/album/index.html
>>>>>>>
>>>>>>>
>>>>>>> Chuck Norcutt wrote:
>>>>>>>> Based on the last (no subject) email from ClassicVW it would 
>>>>>>>> appear his machine is infected with a virus.  Don't click on 
>>>>>>>> the included link.
>>>>>>>>
>>>>>>>> Chuck Norcutt
>>>>>>> --
>>>>>>> ________________________________________________________________
>>>>>>> _
>>>>>>> Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
>>>>>>> Archives: 
>>>>>>> http://lists.thomasclausen.net/mailman/private/olympus/
>>>>>>> Themed Olympus Photo Exhibition: http://www.tope.nl/
>>>>>>>
>>>>>>>
>>>>> --
>>>>> _________________________________________________________________
>>>>> Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
>>>>> Archives: http://lists.thomasclausen.net/mailman/private/olympus/
>>>>> Themed Olympus Photo Exhibition: http://www.tope.nl/
>>>>>
>>>>>
>>> --
>>> _________________________________________________________________
>>> Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
>>> Archives: http://lists.thomasclausen.net/mailman/private/olympus/
>>> Themed Olympus Photo Exhibition: http://www.tope.nl/
>>>
>>>
>>
--
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/

-- 
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [OM] Missing digest, Piers Hemy
Next by Date:  Re: [OM] George's (classicVW) computerapparently infectedwith avirus, Chuck Norcutt
Previous by Thread:  Re: [OM] George's (classicVW) computerapparently infectedwith avirus, Chuck Norcutt
Next by Thread:  Re: [OM] George's (classicVW) computerapparently infectedwith avirus, Chuck Norcutt
Indexes:  [Date] [Thread] [Top] [All Lists]
Sponsored by Tako
Impressum | Datenschutz