Olympus-OM
[Top] [All Lists]
<prev [Date] next> <prev [Thread] next>

Re: [OM] George's (classicVW) computerapparently infectedwith avirus

from Piers Hemy
Subject: Re: [OM] George's (classicVW) computerapparently infectedwith avirus
From: "Piers Hemy" <piers@xxxxxxxx>
Date: Tue, 13 Jul 2010 15:24:48 +0100 
I think anti-spam is an optional extra-cost feature in Norton's array of
products, so it isn't necessarily a question of which version is in use.

Piers 

-----Original Message-----
From: Chuck Norcutt [mailto:chucknorcutt@xxxxxxxxxxxxxxxx] 
Sent: 13 July 2010 13:43
To: Olympus Camera Discussion
Subject: Re: [OM] George's (classicVW) computerapparently infectedwith
avirus

But it apparently didn't identify it for George who is also running Norton.
That's why I posed the question about Norton versions.

Chuck Norcutt


Piers Hemy wrote:
> In Jim's words "Right now, it is isolated to the Norton AntiSpam 
> folder", so it would seem that Norton identified it correctly! Have to 
> give Norton the nod when it does something (anything?) right.
> 
> Piers
> 
> -----Original Message-----
> From: Chuck Norcutt [mailto:chucknorcutt@xxxxxxxxxxxxxxxx]
> Sent: 13 July 2010 12:09
> To: Olympus Camera Discussion
> Subject: Re: [OM] George's (classicVW) computerapparently infectedwith 
> avirus
> 
> I didn't think about it right away but, since I agree that the email 
> itself does not contain a virue, I'm wondering what criterion was used 
> by Jim's copy of Norton to consign the incoming mail to the virus vault.
> 
> Chuck Norcutt
> 
> 
> Piers Hemy wrote:
>> Indeed yes, Chuck, someone has an infection of some sort, and it 
>> looks likely that is George. Whether or not it is a virus is hard to 
>> say - but what is being distributed as a result of the infection 
>> appears not to be a virus, just a rogue email. But I would guess that 
>> propagation of the infection is achieved by visiting the website 
>> linked to in the
> rogue emails.
>> The site has not been blacklisted by the checker I looked at
>> (www.urlvoid.com) but the whois data suggest that an individual in 
>> Moscow owns the site. Who knows what his plans might be?
>>
>> Piers
>>
>> -----Original Message-----
>> From: Chuck Norcutt [mailto:chucknorcutt@xxxxxxxxxxxxxxxx]
>> Sent: 13 July 2010 01:55
>> To: Olympus Camera Discussion
>> Subject: Re: [OM] George's (classicVW) computerapparently 
>> infectedwith avirus
>>
>> Thanks.  But is there not some infected machine somewhere on some 
>> list member's machine that is providing the source of the addresses?  
>> Or is the swiping of the addresses remote in time and place from the 
>> current
> mailings?
>> I go bonkers trying to read the headers.
>>
>> Chuck Norcutt
>>
>>
>> Piers Hemy wrote:
>>> I agree with you, Chuck, the email itself looks harmless, there is 
>>> simply a link to another website, which would explain why various AV 
>>> products do not pick it up.
>>>
>>> But it's a bit more subtle than you described, as I did not receive 
>>> anything from George. Apparently "I" sent the message to someone 
>>> with an email service run by Tigertech, who duly rejected it for 
>>> Spam content, and returned it to the list bounce address (which is 
>>> at thomasclausen.net).  It looks like several others were also 
>>> returned, as I received an advisory to the effect that several 
>>> bounces had been
>> received.
>>> Inspecting the headers of the one message retirned to me, I see 
>>> everal addresses beginning with "O", including a few old list 
>>> addresses, and Moose (olymoose).  I assume that Moose had exchanged 
>>> email with George at some stage in the past, as have I.
>>>
>>> >From the perspective of the recipients, it appears to be no more
>>>> than
>>>> a
>>> further spam source, which so far seems to be trivial in volume 
>>> compared to all the other stuff that I get (which is a fraction of 
>>> what I could get if I didn't have a few lines of defence).
>>>
>>> Piers
>>>
>>> -----Original Message-----
>>> From: Chuck Norcutt [mailto:chucknorcutt@xxxxxxxxxxxxxxxx]
>>> Sent: 12 July 2010 20:06
>>> To: Olympus Camera Discussion
>>> Subject: Re: [OM] George's (classicVW) computerapparently 
>>> infectedwith avirus
>>>
>>> If it's the same thing as I saw (it was on the list) there was no 
>>> harm in opening the email.  I think the harm might come from 
>>> clicking on the link in the mail.
>>>
>>> Chuck Norcutt
>>>
>>>
>>> Jim Nichols wrote:
>>>> Chuck,
>>>> Right now, it is isolated to the Norton AntiSpam folder.  I am a 
>>>> little bit afraid to try to examine it, for fear of infecting my 
>>>> computer.  What, specifically, should I look for?
>>>> Jim Nichols
>>>> Tullahoma, TN USA
>>>> ----- Original Message -----
>>>> From: "Chuck Norcutt" <chucknorcutt@xxxxxxxxxxxxxxxx>
>>>> To: "Olympus Camera Discussion" <olympus@xxxxxxxxxxxxxxxxx>
>>>> Sent: Monday, July 12, 2010 12:52 PM
>>>> Subject: Re: [OM] George's (classicVW) computer apparently 
>>>> infectedwith avirus
>>>>
>>>>
>>>>> George (and the others) may be very interested to hear that.  He 
>>>>> has been using a new machine with supposedly a new copy of Norton 
>>>>> AV which did not pick up the infection.  On my advice he also 
>>>>> tried a copy of Avast! which didn't pick anything up either.  He'd 
>>>>> probably be appreciative of your version numbers (code and data)
>>>>>
>>>>> Chuck Norcutt
>>>>>
>>>>>
>>>>> Jim Nichols wrote:
>>>>>> I just checked, and found it in my Norton AntiSpam Folder, as well.  
>>>>>> It was dated July 10.
>>>>>>
>>>>>> Jim Nichols
>>>>>> Tullahoma, TN USA
>>>>>> ----- Original Message -----
>>>>>> From: "Charles Geilfuss" <charles.geilfuss@xxxxxxxxx>
>>>>>> To: "Olympus Camera Discussion" <olympus@xxxxxxxxxxxxxxxxx>
>>>>>> Sent: Monday, July 12, 2010 12:19 PM
>>>>>> Subject: Re: [OM] George's (classicVW) computer apparently 
>>>>>> infected with avirus
>>>>>>
>>>>>>
>>>>>>> I just noticed that I have received the same e-mail from 
>>>>>>> ClassicVW at my hospital address that I used to use for the OM List.
>>>>>>>
>>>>>>> Charlie
>>>>>>>
>>>>>>> On Mon, Jul 12, 2010 at 11:13 AM, Charles Geilfuss < 
>>>>>>> charles.geilfuss@xxxxxxxxx> wrote:
>>>>>>>
>>>>>>>>   John,
>>>>>>>>          Would you be willing to let them know so we can 
>>>>>>>> correct the situation? Thanks.
>>>>>>>>
>>>>>>>> Charlie
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mon, Jul 12, 2010 at 10:04 AM, John Hermanson
>>>>>>>> <omtech1@xxxxxxxxxxx>wrote:
>>>>>>>>
>>>>>>>>> I've gotten that link with the return addresses of 2 other 
>>>>>>>>> list members besides George.
>>>>>>>>> ___________________________________
>>>>>>>>> John Hermanson  |   CPS, Inc.
>>>>>>>>> 21 South Ln., Huntington NY 11743
>>>>>>>>> 631-424-2121  |  www.zuiko.com Olympus OM Service since 1977
>>>>>>>>> Gallery: www.zuiko.com/album/index.html
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Chuck Norcutt wrote:
>>>>>>>>>> Based on the last (no subject) email from ClassicVW it would 
>>>>>>>>>> appear his machine is infected with a virus.  Don't click on 
>>>>>>>>>> the included link.
>>>>>>>>>>
>>>>>>>>>> Chuck Norcutt
>>>>>>>>> --
>>>>>>>>> _______________________________________________________________
>>>>>>>>> _
>>>>>>>>> _
>>>>>>>>> Options: 
>>>>>>>>> http://lists.thomasclausen.net/mailman/listinfo/olympus
>>>>>>>>> Archives: 
>>>>>>>>> http://lists.thomasclausen.net/mailman/private/olympus/
>>>>>>>>> Themed Olympus Photo Exhibition: http://www.tope.nl/
>>>>>>>>>
>>>>>>>>>
>>>>>>> --
>>>>>>> _________________________________________________________________
>>>>>>> Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
>>>>>>> Archives: http://lists.thomasclausen.net/mailman/private/olympus/
>>>>>>> Themed Olympus Photo Exhibition: http://www.tope.nl/
>>>>>>>
>>>>>>>
>>>>> --
>>>>> _________________________________________________________________
>>>>> Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
>>>>> Archives: http://lists.thomasclausen.net/mailman/private/olympus/
>>>>> Themed Olympus Photo Exhibition: http://www.tope.nl/
>>>>>
>>>>>
>> --
>> _________________________________________________________________
>> Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
>> Archives: http://lists.thomasclausen.net/mailman/private/olympus/
>> Themed Olympus Photo Exhibition: http://www.tope.nl/
>>
> --
> _________________________________________________________________
> Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
> Archives: http://lists.thomasclausen.net/mailman/private/olympus/
> Themed Olympus Photo Exhibition: http://www.tope.nl/
> 
-- 
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/

-- 
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [OM] ( OM ) TOPE and its future, Walters, Martin
Next by Date:  Re: [OM] TOPE 43 shooting season announcement (last of the TOPEs?), Michael Collins
Previous by Thread:  Re: [OM] George's (classicVW) computerapparently infectedwith avirus, Chuck Norcutt
Next by Thread:  Re: [OM] George's (classicVW) computerapparently infectedwith avirus, Chuck Norcutt
Indexes:  [Date] [Thread] [Top] [All Lists]
Sponsored by Tako
Impressum | Datenschutz