[Pythonmac-SIG] Somebody probably has a virus, please check!
Lance E Sloan
lsloan at umich.edu
Tue Jun 3 10:44:04 EDT 2003
--On Monday, June 2, 2003 11:43 -0700 Kevin Altis <altis at semi-retired.com>
wrote:
> This is getting pretty bad, so I'll make a few suggestions on the
> assumption that this is a result of an Outlook user on Windows. As Jack
> mentioned, they might not be an Outlook user actually on this list or
> even using Outlook, but there is a high probability they are.
I've been looking at some of the bounce messages that include the headers
of the original message. Looks like these messages have been sent from:
66.94.36.16 - To COLEHAAN.HR "at" COLEHAAN.COM
66.83.133.118 - To billr "at" smart.net
131.231.220.151 - To billr "at" smart.net
24.200.14.91 - To dmg "at" research.att.com
203.125.27.152 - To sales "at" rarreg.com
203.125.27.152 - To sales "at" tfmik.ru
66.66.49.19 - To aruss "at" oucsace.cs.ohiou.edu
203.87.28.190 - To support "at" prosoft.dk
66.119.218.75 - To naradamoon "at" libero.it
144.138.82.239 - To davidwa "at" caa.org.au
203.125.110.223 - To jessecarter "at" nasdaq.com
These are from all over the place. Several are in Singapore. I assume
these are all infected Windoze machines. Should somebody at python.org
contact these ISPs and tell them that they need to alert their customers
that they've got viruses?
The viruses mentioned in some of the messages are:
Win32.HLLM.Reteras.3
W32.Klez.H at mm
W32/Sobig.dam
W32/Sobig.eml
W32.Sobig.C at mm
--
Lance E Sloan
U-M WATS: Web Applications, Technologies, and Solutions
Full-service web and database design, development, and hosting.
http://websvcs.itd.umich.edu/ - "Putting U on the Web"
More information about the Pythonmac-SIG
mailing list