Loading ...
Sorry, an error occurred while loading the content.

Re: Honey [virus]

Expand Messages
  • Alejandro L√≥pez-Valencia
    ... From: Aschwin Marsman - aYniK Software Solutions To: Vim Development Sent: Sunday, August 04, 2002 12:39 AM
    Message 1 of 3 , Aug 4, 2002
    • 0 Attachment
      ----- Original Message -----
      From: "Aschwin Marsman - aYniK Software Solutions" <a.marsman@...>
      To: "Vim Development" <vim-dev@...>
      Sent: Sunday, August 04, 2002 12:39 AM
      Subject: Re: Honey [virus]


      > On Sat, 3 Aug 2002, guckes wrote:
      >
      > This looks like a virus to me, can it be removed from the archive?
      > (I don't have a virus scanner on Linux, so I can't tell which virus ;-) )

      Nope, the safest bet is to delete the whole thing, unless you are a virus
      collector.

      MacAffee Antivirus proxy (between my ISP MTA and the wild, wild west)
      deleted the virus attachement and replaced it with the following:

      """
      File attachment: the.exe

      The file attached to this email was removed because it was infected with the
      W32.Klez.H@mm virus.
      """

      and with another attachement with the name "bobthebuilder[2].htm". Surfing
      the web with the kids? :) Far better than Sesame Street, btw. :)

      BTW, considering the message ID:
      20020804010405.RXYU5628.out001.verizon.net@Bbay I'd suspect that
      foobar.math.fu-berlin.de ([160.45.45.151]) has been compromised, probably by
      having installed the OpeSHH 3.4p1 trojaned copy (see openssh's web site for
      the details)? Because I wonder if, (1) has Sven Guckes moved to the US and
      using Verizon as ISP? (2) Does Sven Guckes use a Microsoft OS and e-mail
      client susceptible to an attack with a W32.Klez variant? (I do and therefore
      keep my own antivirus email proxy current in case my ISP's isn't), (3) Does
      foobar.math.fu-berlin.de allow third-party relaying?.
    Your message has been successfully submitted and would be delivered to recipients shortly.