Re[2]: TB! V1.53bis - virus report
Hi Marck, On Wednesday, June 20, 2001 02:46:15 [ +0100 GMT], you wrote the following in regards to 'TB! V1.53bis - virus report': JR 18:50:42,C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bat157.tmp,PE_Magistr.A,Unable JR to clean. Infected file was quarantined.,Administrator,Real-time Scan JR Any guidance? Marck 1) You're safe. Thank you. -- Jan Rifkinson Ridgefield, CT USA TB! V1.53d/W2K_SP2/PGP Key ID: 0x3F14A060 ICQ 41116329 -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED]
Re: TB! V1.53bis - virus report
Hi Jan, On Thu, 21 Jun 2001 09:37:47 -0400GMT (21/06/2001, 21:37 +0800GMT), Jan Rifkinson wrote: Thomas In order to stop this error message from occurring and the PC-Cillin Thomas warning to pop up, you need to delete the message direclty on the Thomas server. You can do it with TB's own message despatcher [...] JR I remember there was a way to do this within TB! but I've forgotten JR how. Can you help me with instructions, please. TIA Account / Despatch Mail on Server / All Messages. Untick receive and tick delete for the offending message, and then proceed. -- Cheers, Thomas. Moderator der deutschen The Bat! Beginner Liste. Anmeldung unter: [EMAIL PROTECTED] Message reply created with The Bat! 1.53d under Chinese Windows 98 4.10 Build 1998 on a Pentium II/350 MHz. -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED]
TB! V1.53bis - virus report
Hello TBUDListers. The following was logged by PC-Cillin Anti-Virus program on my machine: Detected Virus List Time,Infected File Name,Virus Name,Action on Virus,User Name,Scan Type 19:59:26,C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bat17F.tmp,PE_Magistr.A,Unable to clean. Infected file was quarantined.,Administrator,Real-time Scan 19:20:41,C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bat165.tmp,PE_Magistr.A,Unable to clean. Infected file was quarantined.,Administrator,Real-time Scan 19:10:40,C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bat161.tmp,PE_Magistr.A,Unable to clean. Infected file was quarantined.,Administrator,Real-time Scan 19:00:42,C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bat15C.tmp,PE_Magistr.A,Unable to clean. Infected file was quarantined.,Administrator,Real-time Scan 18:50:42,C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bat157.tmp,PE_Magistr.A,Unable to clean. Infected file was quarantined.,Administrator,Real-time Scan Any guidance? TIA -- Jan Rifkinson Ridgefield, CT USA TB! V1.53bis/W2K_SP2/PGP Key ID: 0x3F14A060 ICQ 41116329 -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : [EMAIL PROTECTED]
Re: TB! V1.53bis - virus report
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Jan, On 21 June 2001 at 20:04:44 -0400 (which was 01:04 where I live) Jan Rifkinson wrote to [EMAIL PROTECTED] and made these points: JR The following was logged by PC-Cillin Anti-Virus program on my JR machine: JR 18:50:42,C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bat157.tmp,PE_Magistr.A,Unable to clean. Infected file was quarantined.,Administrator,Real-time Scan JR Any guidance? 1) You're safe. This virus has to be executed to infect you. Saving it to disk won't hurt. 2) You may be in a loop. You have been sent the virus. TB is receiving the infected file. 3) As TB writes the infection into a temporary file, PC-Cillin is locking the file out. 4) This may force TB to try and get the message again and fail to complete the download each time. 5) You are safe, even if PC-Cillin didn't lock the file because TB won't run it automatically and you've had the heads up not to run any attachments. - -- Cheers -- .\\arck D. Pearlstone -- List moderator and fellow end user ~~~ \ BrainStorm - free thinking - www: http://www.brainstormsw.com / \ PGP Key ID: 0x929DCDA0 | www: http://www.silverstones.com / v1.53/iKey1000( 55238-48F0B) on Windows NT 5.0.2195 Service Pack 1 -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (MingW32) Comment: GPG Sealed for freshness iD8DBQE7MVHnOeQkq5KdzaARAn46AJ0cvS/jCISeu/pUUFryPrrvhfIuFACeN3vo 06a4MWfrnjtaUi2bUx4UXzA= =OBq6 -END PGP SIGNATURE- -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : [EMAIL PROTECTED]
Re: TB! V1.53bis - virus report
Hi Marck, On Thu, 21 Jun 2001 02:46:15 +0100GMT (21/06/2001, 09:46 +0800GMT), Marck D Pearlstone wrote: JR The following was logged by PC-Cillin Anti-Virus program on my JR machine: JR 18:50:42,C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bat157.tmp,PE_Magistr.A,Unable to clean. Infected file was quarantined.,Administrator,Real-time Scan I had exactly the same today (again). MDP 1) You're safe. This virus has to be executed to infect you. Saving it MDPto disk won't hurt. PC-Cillin won't allow to save it. ;-) MDP 2) You may be in a loop. You have been sent the virus. TB is receiving MDPthe infected file. No, it is not a loop. If you have automatic check every xxx minutes set, then you will get this message each time TB tries to download the infected message. In my case, every 5 minutes. MDP 4) This may force TB to try and get the message again and fail to MDPcomplete the download each time. Exactly. In order to stop this error message from occurring and the PC-Cillin warning to pop up, you need to delete the message direclty on the server. You can do it with TB's own message despatcher (untick receive, but tick delete), or pine, or the web interface if your provider offers one. The problem is that neither PC-Cillin nor TB tell you which account this infected file is on, and you have to check your account logs for this error message: !21/06/2001, 10:37:31: FETCH - [Inbox] could not store message (file name - C:\WINDOWS\TEMP\bat5122.TMP) You still don't know which email it is, so if there are many on the server, you will have to go looking. Of course, you could also disable PC-Cillin and download the infected file. As long as you don't run it, you are safe. -- Cheers, Thomas. Moderator der deutschen The Bat! Beginner Liste. Anmeldung unter: [EMAIL PROTECTED] Message reply created with The Bat! 1.53d under Chinese Windows 98 4.10 Build 1998 on a Pentium II/350 MHz. -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED]