Olympus-OM
[Top] [All Lists]
<prev [Date] next> <prev [Thread] next>

Re: [OM] George's (classicVW) computerapparently infectedwith avirus

from John Hermanson
Subject: Re: [OM] George's (classicVW) computerapparently infectedwith avirus
From: John Hermanson <omtech1@xxxxxxxxxxx>
Date: Wed, 14 Jul 2010 08:43:19 -0400 
Here's a free anti spyware tool that has turned up things other programs 
have missed:

http://www.superantispyware.com/
___________________________________
John Hermanson  |   CPS, Inc.
21 South Ln., Huntington NY 11743
631-424-2121  |  www.zuiko.com
Olympus OM Service since 1977
Gallery: www.zuiko.com/album/index.html


Piers Hemy wrote:
> I think anti-spam is an optional extra-cost feature in Norton's array of
> products, so it isn't necessarily a question of which version is in use.
> 
> Piers 
> 
> -----Original Message-----
> From: Chuck Norcutt [mailto:chucknorcutt@xxxxxxxxxxxxxxxx] 
> Sent: 13 July 2010 13:43
> To: Olympus Camera Discussion
> Subject: Re: [OM] George's (classicVW) computerapparently infectedwith
> avirus
> 
> But it apparently didn't identify it for George who is also running Norton.
> That's why I posed the question about Norton versions.
> 
> Chuck Norcutt
> 
> 
> Piers Hemy wrote:
>> In Jim's words "Right now, it is isolated to the Norton AntiSpam 
>> folder", so it would seem that Norton identified it correctly! Have to 
>> give Norton the nod when it does something (anything?) right.
>>
>> Piers
>>
>> -----Original Message-----
>> From: Chuck Norcutt [mailto:chucknorcutt@xxxxxxxxxxxxxxxx]
>> Sent: 13 July 2010 12:09
>> To: Olympus Camera Discussion
>> Subject: Re: [OM] George's (classicVW) computerapparently infectedwith 
>> avirus
>>
>> I didn't think about it right away but, since I agree that the email 
>> itself does not contain a virue, I'm wondering what criterion was used 
>> by Jim's copy of Norton to consign the incoming mail to the virus vault.
>>
>> Chuck Norcutt
>>
>>
>> Piers Hemy wrote:
>>> Indeed yes, Chuck, someone has an infection of some sort, and it 
>>> looks likely that is George. Whether or not it is a virus is hard to 
>>> say - but what is being distributed as a result of the infection 
>>> appears not to be a virus, just a rogue email. But I would guess that 
>>> propagation of the infection is achieved by visiting the website 
>>> linked to in the
>> rogue emails.
>>> The site has not been blacklisted by the checker I looked at
>>> (www.urlvoid.com) but the whois data suggest that an individual in 
>>> Moscow owns the site. Who knows what his plans might be?
>>>
>>> Piers
>>>
>>> -----Original Message-----
>>> From: Chuck Norcutt [mailto:chucknorcutt@xxxxxxxxxxxxxxxx]
>>> Sent: 13 July 2010 01:55
>>> To: Olympus Camera Discussion
>>> Subject: Re: [OM] George's (classicVW) computerapparently 
>>> infectedwith avirus
>>>
>>> Thanks.  But is there not some infected machine somewhere on some 
>>> list member's machine that is providing the source of the addresses?  
>>> Or is the swiping of the addresses remote in time and place from the 
>>> current
>> mailings?
>>> I go bonkers trying to read the headers.
>>>
>>> Chuck Norcutt
>>>
>>>
>>> Piers Hemy wrote:
>>>> I agree with you, Chuck, the email itself looks harmless, there is 
>>>> simply a link to another website, which would explain why various AV 
>>>> products do not pick it up.
>>>>
>>>> But it's a bit more subtle than you described, as I did not receive 
>>>> anything from George. Apparently "I" sent the message to someone 
>>>> with an email service run by Tigertech, who duly rejected it for 
>>>> Spam content, and returned it to the list bounce address (which is 
>>>> at thomasclausen.net).  It looks like several others were also 
>>>> returned, as I received an advisory to the effect that several 
>>>> bounces had been
>>> received.
>>>> Inspecting the headers of the one message retirned to me, I see 
>>>> everal addresses beginning with "O", including a few old list 
>>>> addresses, and Moose (olymoose).  I assume that Moose had exchanged 
>>>> email with George at some stage in the past, as have I.
>>>>
>>>> >From the perspective of the recipients, it appears to be no more
>>>>> than
>>>>> a
>>>> further spam source, which so far seems to be trivial in volume 
>>>> compared to all the other stuff that I get (which is a fraction of 
>>>> what I could get if I didn't have a few lines of defence).
>>>>
>>>> Piers
>>>>
>>>> -----Original Message-----
>>>> From: Chuck Norcutt [mailto:chucknorcutt@xxxxxxxxxxxxxxxx]
>>>> Sent: 12 July 2010 20:06
>>>> To: Olympus Camera Discussion
>>>> Subject: Re: [OM] George's (classicVW) computerapparently 
>>>> infectedwith avirus
>>>>
>>>> If it's the same thing as I saw (it was on the list) there was no 
>>>> harm in opening the email.  I think the harm might come from 
>>>> clicking on the link in the mail.
>>>>
>>>> Chuck Norcutt
>>>>
>>>>
>>>> Jim Nichols wrote:
>>>>> Chuck,
>>>>> Right now, it is isolated to the Norton AntiSpam folder.  I am a 
>>>>> little bit afraid to try to examine it, for fear of infecting my 
>>>>> computer.  What, specifically, should I look for?
>>>>> Jim Nichols
>>>>> Tullahoma, TN USA
>>>>> ----- Original Message -----
>>>>> From: "Chuck Norcutt" <chucknorcutt@xxxxxxxxxxxxxxxx>
>>>>> To: "Olympus Camera Discussion" <olympus@xxxxxxxxxxxxxxxxx>
>>>>> Sent: Monday, July 12, 2010 12:52 PM
>>>>> Subject: Re: [OM] George's (classicVW) computer apparently 
>>>>> infectedwith avirus
>>>>>
>>>>>
>>>>>> George (and the others) may be very interested to hear that.  He 
>>>>>> has been using a new machine with supposedly a new copy of Norton 
>>>>>> AV which did not pick up the infection.  On my advice he also 
>>>>>> tried a copy of Avast! which didn't pick anything up either.  He'd 
>>>>>> probably be appreciative of your version numbers (code and data)
>>>>>>
>>>>>> Chuck Norcutt
>>>>>>
>>>>>>
>>>>>> Jim Nichols wrote:
>>>>>>> I just checked, and found it in my Norton AntiSpam Folder, as well.  
>>>>>>> It was dated July 10.
>>>>>>>
>>>>>>> Jim Nichols
>>>>>>> Tullahoma, TN USA
>>>>>>> ----- Original Message -----
>>>>>>> From: "Charles Geilfuss" <charles.geilfuss@xxxxxxxxx>
>>>>>>> To: "Olympus Camera Discussion" <olympus@xxxxxxxxxxxxxxxxx>
>>>>>>> Sent: Monday, July 12, 2010 12:19 PM
>>>>>>> Subject: Re: [OM] George's (classicVW) computer apparently 
>>>>>>> infected with avirus
>>>>>>>
>>>>>>>
>>>>>>>> I just noticed that I have received the same e-mail from 
>>>>>>>> ClassicVW at my hospital address that I used to use for the OM List.
>>>>>>>>
>>>>>>>> Charlie
>>>>>>>>
>>>>>>>> On Mon, Jul 12, 2010 at 11:13 AM, Charles Geilfuss < 
>>>>>>>> charles.geilfuss@xxxxxxxxx> wrote:
>>>>>>>>
>>>>>>>>>   John,
>>>>>>>>>          Would you be willing to let them know so we can 
>>>>>>>>> correct the situation? Thanks.
>>>>>>>>>
>>>>>>>>> Charlie
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Mon, Jul 12, 2010 at 10:04 AM, John Hermanson
>>>>>>>>> <omtech1@xxxxxxxxxxx>wrote:
>>>>>>>>>
>>>>>>>>>> I've gotten that link with the return addresses of 2 other 
>>>>>>>>>> list members besides George.
>>>>>>>>>> ___________________________________
>>>>>>>>>> John Hermanson  |   CPS, Inc.
>>>>>>>>>> 21 South Ln., Huntington NY 11743
>>>>>>>>>> 631-424-2121  |  www.zuiko.com Olympus OM Service since 1977
>>>>>>>>>> Gallery: www.zuiko.com/album/index.html
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Chuck Norcutt wrote:
>>>>>>>>>>> Based on the last (no subject) email from ClassicVW it would 
>>>>>>>>>>> appear his machine is infected with a virus.  Don't click on 
>>>>>>>>>>> the included link.
>>>>>>>>>>>
>>>>>>>>>>> Chuck Norcutt
>>>>>>>>>> --
>>>>>>>>>> _______________________________________________________________
>>>>>>>>>> _
>>>>>>>>>> _
>>>>>>>>>> Options: 
>>>>>>>>>> http://lists.thomasclausen.net/mailman/listinfo/olympus
>>>>>>>>>> Archives: 
>>>>>>>>>> http://lists.thomasclausen.net/mailman/private/olympus/
>>>>>>>>>> Themed Olympus Photo Exhibition: http://www.tope.nl/
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>> --
>>>>>>>> _________________________________________________________________
>>>>>>>> Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
>>>>>>>> Archives: http://lists.thomasclausen.net/mailman/private/olympus/
>>>>>>>> Themed Olympus Photo Exhibition: http://www.tope.nl/
>>>>>>>>
>>>>>>>>
>>>>>> --
>>>>>> _________________________________________________________________
>>>>>> Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
>>>>>> Archives: http://lists.thomasclausen.net/mailman/private/olympus/
>>>>>> Themed Olympus Photo Exhibition: http://www.tope.nl/
>>>>>>
>>>>>>
>>> --
>>> _________________________________________________________________
>>> Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
>>> Archives: http://lists.thomasclausen.net/mailman/private/olympus/
>>> Themed Olympus Photo Exhibition: http://www.tope.nl/
>>>
>> --
>> _________________________________________________________________
>> Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
>> Archives: http://lists.thomasclausen.net/mailman/private/olympus/
>> Themed Olympus Photo Exhibition: http://www.tope.nl/
>>
-- 
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [OM] Another 3T going cheap........so far, John Hermanson
Next by Date:  Re: [OM] TOPE 43 shooting season announcement (last of the TOPEs?), Willie Wonka
Previous by Thread:  Re: [OM] George's (classicVW) computerapparently infectedwith avirus, Chuck Norcutt
Next by Thread:  Re: [OM] George's (classicVW) computerapparently infectedwith avirus, Jim Nichols
Indexes:  [Date] [Thread] [Top] [All Lists]
Sponsored by Tako
Impressum | Datenschutz