On Saturday 31 July 2004 07:35 pm, Ronald KA4INM Youvan wrote:
>
> > Dear user ka4inm@tampabay.rr.com,
> >
> > We have found that your e-mail account was used to send a huge amount of
> > nsolicited e-mail messages during this week.
> > We suspect that your computer had been infected by a recent virus and
> > now runs a trojaned proxy server.
> >
> > Please follow instruction in order to keep your computer safe.
> >
> > Best regards,
> > tampabay.rr.com user support team.
> >
> >
> > file attachment: ka4inm@tampabay.rr.com.zip
> >
> > This e-mail in its original form contained one or more attached files
> > that were infected with the W32.Mydoom.M@mm virus or worm. They have
> > been removed.
>
> Sirs:
>
> I don't think this is possible, and I don't think your advise can help
> me, I have NO Micro$oft products in my home, I operate LINUX exclusively, I
> have since 1997! Also I do not use zip, I use bzip2.
>
> I suggest you look over your log files more carefully for the actual
> sender. I KEEP my internet connection DEAD except when downloading mail,
> browsing (not very much) and while downloading from the news groups, at all
> other times the connection is severed. I am very concerned with MY
> security.
>
> Ron ryouvan@tampabay.rr.com
This message was sent to you by a worm. This has been going on for about a
week now. Tampa Bay RR didn't send this to you... the worm did. I have seen
plenty of these the past week.
It looks like the attachment the worm sends did get stripped off though.
Have a look here:
http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.m%40mm.html
- Rob
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 13:35:51 EDT