Re: beat this seems like spam to me
Hello Dragan others on this TB! list following this thread, I wrote this yesterday but didn't log back on to send it. Judging from the comments that came in later, the file containing the virus evidently did NOT come in via TBUDL. IAC, the name of the file is the critical concern here. Monday, July 02, 2001, you stated, apparently regarding a file that was sent to TBUDL with a message by Mark Brown w/ the subject: beat this: HM Maybe I'm overdoing here but anyway: HM My PC Cillin repported a virus in the Attach folder of my TB directory. The HM virus was quaranteed and upon sending it to the PC Clillin's analyzing team HM I've got this ( including the file which fixes everything if the virus was HM maybe was already executed etc ) : Thanks for telling the rest of us. It would help to mention the NAME of the file. The virus info you included is very interesting, but the fundamental issue is whether the file containing it came through or not. If it was sent in a message posted by Mark Brown with the above subject, JoAnne Virant stated: JV whatever you sent was removed by the bat demon in relation to that. So once again: *What is the name of the file*? I show no attachment with that post. Douglas HM HM Dear Customer, HM Thank you for contacting the Virus Doctor @ Trend Micro. We HM received your e-mail with attachment. HM The file you send us has been detected as PE_Magistr.A by our HM Trend InterScan. HM PE_MAGSITR.A is a per-process, memory-resident, polymorphic HM virus that is similar to TROJ_MTX.A -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
Re[2]: beat this seems like spam to me
Hello Listers. On Monday, July 02, 2001 11:18:46 [ +0800 GMT], Thomas F wrote the following in regards to 'beat this seems like spam to me': Thomas Yeah, the little problem with the PC-Cillin / TB combination is that Thomas you never know which mail exactly cotnained the virus. You don't even Thomas know which account was effected. I use this combination had occassion to have a virus quaranteed. Until I dumped all the new read files in my folders PC-cillin continued to quarantine it but I didn't know the name of the file. So what do you do if you get a PC-cillin quarantine msg? -- Jan Rifkinson Ridgefield, CT USA TB! V1.53d/W2K_SP2/PGP Key ID: 0x3F14A060 ICQ 41116329 -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
OT: Virus-catching by PC-Cillin (was: beat this seems like spam to me)
Hello Jan, On Tue, 3 Jul 2001 09:37:30 -0400 GMT (03/07/2001, 21:37 +0800 GMT), Jan Rifkinson wrote: JR So what do you do if you get a PC-cillin quarantine msg? If the PC-Cillin window pops up while I check mail, I check the account logs for the below error message, which I psoted on this list as an example, with message-ID [EMAIL PROTECTED]: !21/06/2001, 10:37:31: FETCH - [Inbox] could not store message (file name - C:\WINDOWS\TEMP\bat5122.TMP) I then use the despatcher to delete the message from the server. If the virus is already in the message base (because PC-Cillin didn't run when the message was downloaded or whatever), I have posted a step-by-step instruction how to identify the message (out of thousands) with message-ID [EMAIL PROTECTED] yesterday. f'up2TBOT -- Cheers, Thomas. Moderator der deutschen The Bat! Beginner Liste. Planet: A body of Earth surrounded by sky. Message reply created with The Bat! 1.53d under Chinese Windows 98 4.10 Build 1998 using an Intel Celeron 366Mhz, 128MB RAM -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
Re[2]: beat this seems like spam to me
Hello Douglas, 3. julij 2001, 15:16:16, you wrote: Thanks for telling the rest of us. It would help to mention the NAME of the file. The virus info you included is very interesting, but the fundamental issue is whether the file containing it came through or not. Magistr has a bad habit to use the name of infected file... I received it as cfgwiz32.exe (ISDN configuration wizard), telnet.exe and as sysmon.exe. And anyway, we already know that the file didn't come through. -- Jernej Simoncic, [EMAIL PROTECTED] http://www2.arnes.si/~sopjsimo/ ICQ: 26266467 [The Bat! v1.53d on Windows 98 4.10.1998] -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
beat this seems like spam to me
RHello Thomas, Tuesday, July 03, 2001, 5:18:46 AM, you wrote: TF Yeah, the little problem with the PC-Cillin / TB combination is that TF you never know which mail exactly cotnained the virus. You don't even TF know which account was effected. OK, but if I store the attachments in the message bodies ? Right now they're separated in the Account Properties. If I put them together I'll be able to tell which message contained the virus. Right ? Wrong ? Thanks. -- Kind regards, Homesick Mac http://www.homesickmac.com -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
Re[2]: beat this seems like spam to me
Hello Douglas, Tuesday, July 03, 2001, 3:16:16 PM, you wrote: DH So once again: *What is the name of the file*? I show no attachment DH with that post. DH Douglas Yepps, the file was SLFSRVSW.EXE. Here's the complete virus log: Detected Virus List Time,Infected File Name,Virus Name,Action On Virus,User Name,Scan Type 23:13:51,D:\ANTIVIRUS\PC-CILLIN\QUARANTINE\E021.TMP,PE_Magistr.A,Unable to clean,Mac,Quarantine Scan 23:13:42,D:\ANTIVIRUS\PC-CILLIN\QUARANTINE\9211.TMP,TROJ_HYBRIS.M,Unable to clean,Mac,Quarantine Scan 22:12:29,D:\ANTIVIRUS\PC-CILLIN\QUARANTINE\SLFSRVSW.EXE,PE_Magistr.A,Unable to clean or quarantine infected file.,Mac,Real-time Scan 22:11:59,D:\ANTIVIRUS\PC-CILLIN\QUARANTINE\SLFSRVSW.EXE,PE_Magistr.A,Unable to clean or quarantine infected file.,Mac,Real-time Scan 19:51:36,D:\ANTIVIRUS\PC-CILLIN\QUARANTINE\SLFSRVSW.EXE,PE_Magistr.A,Unable to clean or quarantine infected file.,Mac,Real-time Scan -- Kind regards, Homesick Mac http://www.homesickmac.com -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
Re: beat this seems like spam to me
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 4 Jul 2001 01:23:13 +0200, Homesick graced us with these comments: ... TF Yeah, the little problem with the PC-Cillin / TB combination is that TF you never know which mail exactly cotnained the virus. You don't even TF know which account was effected. I personally use DrWeb and have the same problem in that Dr Web will detect the virus but will not be able to tell me exactly which message it's associated with. It will only tell me which message base is involved. I then search for the attachment. Of course, if you have the attachments stored separately, Dr Web will locate the virus. It will again not be able to tell you which message it came from. HM OK, but if I store the attachments in the message bodies ? Same problem. HM Right now they're separated in the Account Properties. If I put them HM together I'll be able to tell which message contained the virus. Right HM ? Wrong ? AFAIK and you still will not be able to tell. Wouldn't the anti-virus program have to be optimised to handle TB message bases in order to locate and extract just the virus from the message base file? Otherwise it will delete the entire message base when you ask that the infected file be deleted. The only way I can see you knowing exactly which message is infected is when the message is scanned upon receipt or you manually scan attachments. - -- ©Allie C. Martin List Moderator (and fellow registered end-user) Using The Bat! (v1.53d) [OS: Windows 2000 (Service Pack 2)] - 'Oxymoron: Science Fiction.' __ -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (MingW32) Comment: Get my Public Key here - http://pgpkey.ac-martin.com iEYEARECAAYFAjtCV5kACgkQV8nrYCsHF+KXDACg4/kv3TcrIIa2K/wo/L5m9fCw 1mMAoL8av4GsRTIlmhu0c4j3QDNQRj8m =Zu6q -END PGP SIGNATURE- -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
Re[2]: beat this seems like spam to me
Hello Allie, Wednesday, July 04, 2001, 1:39:04 AM, you wrote: ACM The only way I can see you knowing exactly which message is infected is ACM when the message is scanned upon receipt or you manually scan attachments. Right. The only thing I'll have to do is to tell my PC Cillin _not_ to automaticaly quarantine the uncleanable infected files. In the options it says: Action on uncleanable files: Quarantine - Delete - Pass - Rename Here I could maybe chose Pass and later scan the whole TB directory. It might work. -- Kind regards, Homesick Mac http://www.homesickmac.com -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
Re: beat this seems like spam to me
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 4 Jul 2001 01:56:15 +0200, Homesick thoughtfully wrote the following: ... HMThe only thing I'll have to do is to tell my PC Cillin _not_ to automaticaly HMquarantine the uncleanable infected files. In the options it says: HMAction on uncleanable files: HMQuarantine - Delete - Pass - Rename Hmmm. Makes me wonder if this option could be the reason behind some users mysteriously missing a whole folder of messages, the base files disappearing without a trace. - -- ©Allie C. Martin List Moderator (and fellow registered end-user) Using The Bat! (v1.53d) [OS: Windows 2000 (Service Pack 2)] - 'Procrastination: The art of keeping up with yesterday.' __ -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (MingW32) Comment: Get my Public Key here - http://pgpkey.ac-martin.com iEYEARECAAYFAjtCdfUACgkQV8nrYCsHF+LhMgCfbQ030u8BRaAV1YVIlUz9uGDF U+IAniQgRKmQH1PCSBlJj2sUzIW6FNfD =KvVD -END PGP SIGNATURE- -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
Re: beat this seems like spam to me
Hi Mac, On Wed, 4 Jul 2001 01:56:15 +0200GMT (04/07/2001, 07:56 +0800GMT), Homesick Mac wrote: HMQuarantine - Delete - Pass - Rename HMHere I could maybe chose Pass and later scan the whole TB directory. It HMmight work. ironic mode You can also turn of PC-Cillin altogether. It would have the same effect. /ironic mode -- Cheers, Thomas. Moderator der deutschen The Bat! Beginner Liste. Anmeldung unter: [EMAIL PROTECTED] Message reply created with The Bat! 1.53d under Chinese Windows 98 4.10 Build 1998 on a Pentium II/350 MHz. -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
Re: beat this seems like spam to me
Hi Allie, On Tue, 3 Jul 2001 18:39:04 -0500GMT (04/07/2001, 07:39 +0800GMT), A Curtis Martin wrote: ACM Wouldn't the anti-virus program have to be optimised to handle TB message ACM bases in order to locate and extract just the virus from the message base ACM file? Otherwise it will delete the entire message base when you ask that ACM the infected file be deleted. Correct. For any AV-program, the whole message base is one file. In order to identify the message with the attachment in its body, you have export all messages, which makes them seperate *.msg files. And then scan these individual files. ACM The only way I can see you knowing exactly which message is infected is ACM when the message is scanned upon receipt No, because the error message will identify the file bat1276.tmp as the infected one. Yes, this is the message, but you don't know right away which one it is. -- Cheers, Thomas. Moderator der deutschen The Bat! Beginner Liste. Anmeldung unter: [EMAIL PROTECTED] Message reply created with The Bat! 1.53d under Chinese Windows 98 4.10 Build 1998 on a Pentium II/350 MHz. -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
Re: beat this seems like spam to me
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 4 Jul 2001 10:25:27 +0800, Thomas graced us with these comments: ... ACM Wouldn't the anti-virus program have to be optimised to handle TB message ACM bases in order to locate and extract just the virus from the message base ACM file? Otherwise it will delete the entire message base when you ask that ACM the infected file be deleted. TF Correct. For any AV-program, the whole message base is one file. In TF order to identify the message with the attachment in its body, you TF have export all messages, which makes them seperate *.msg files. And TF then scan these individual files. Ok then. This isn't surprising. ACM The only way I can see you knowing exactly which message is infected is ACM when the message is scanned upon receipt TF No, because the error message will identify the file bat1276.tmp as TF the infected one. Yes, this is the message, but you don't know right TF away which one it is. So what do you do in that situation? Manually inspect all your recently downloaded mail? - -- ©Allie C. Martin List Moderator (and fellow registered end-user) Using The Bat! (v1.53d) [OS: Windows 2000 (Service Pack 2)] - '(A)bort, (R)etry, (G)et a beer?' __ -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (MingW32) Comment: Get my Public Key here - http://pgpkey.ac-martin.com iEYEARECAAYFAjtCgiUACgkQV8nrYCsHF+KhtQCgoIOp5tnwaJiBax6FT2U8q/5n vaIAn29vLzg+ZqM6NQSFymFpsf5KqdQd =e3ZM -END PGP SIGNATURE- -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
Re: beat this seems like spam to me
Hi Allie, On Tue, 3 Jul 2001 21:40:35 -0500GMT (04/07/2001, 10:40 +0800GMT), A Curtis Martin wrote: TF No, because the error message will identify the file bat1276.tmp as TF the infected one. Yes, this is the message, but you don't know right TF away which one it is. ACM So what do you do in that situation? Manually inspect all your recently ACM downloaded mail? No, I check the account logs for the error message couldn't rigfht to inbox or something. See my mail of last night. Then I go into that account with the mail despatcher, and have not had a problem identifying the offending message by sight. -- Cheers, Thomas. Moderator der deutschen The Bat! Beginner Liste. Anmeldung unter: [EMAIL PROTECTED] Message reply created with The Bat! 1.53d under Chinese Windows 98 4.10 Build 1998 on a Pentium II/350 MHz. -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
Re: beat this seems like spam to me
Hello Mark (or is it Paul?), Thursday, June 28, 2001, 3:20:18 PM, you wrote: MB Hello BatList, MB -- MB Have Great Day, Mark Brown MB °¨¨°º©[ WWW.MARKBROWN.COM ]©º°¨¨° MB Using The Bat! 1.52f MB Windows NT 4.0 Build 1381 MB Service Pack 4 Was this an attempt to submit a Virus/trojan AND spam? -- Best regards, Preston _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
Re[2]: beat this seems like spam to me
Hello Preston, Monday, July 02, 2001, 3:21:30 PM, you wrote: P Hello Mark (or is it Paul?), P Thursday, June 28, 2001, 3:20:18 PM, you wrote: MB Hello BatList, MB -- MB Have Great Day, Mark Brown MB °¨¨°º©[ WWW.MARKBROWN.COM ]©º°¨¨° MB Using The Bat! 1.52f MB Windows NT 4.0 Build 1381 MB Service Pack 4 P Was this an attempt to submit a Virus/trojan AND spam? Maybe I'm overdoing here but anyway: My PC Cillin repported a virus in the Attach folder of my TB directory. The virus was quaranteed and upon sending it to the PC Clillin's analyzing team I've got this ( including the file which fixes everything if the virus was maybe was already executed etc ) : Dear Customer, Thank you for contacting the Virus Doctor @ Trend Micro. We received your e-mail with attachment. The file you send us has been detected as PE_Magistr.A by our Trend InterScan. PE_MAGSITR.A is a per-process, memory-resident, polymorphic virus that is similar to TROJ_MTX.A. It uses complex routines and anti-debugging techniques, which make it very difficult to analyze. It has both a virus component and a Trojan component that infect the local system as well as all files with .EXE and .SCR extensions. Upon execution, this Trojan infects Windows System files and then sends infected files via MS Outlook/Outlook Express/Netscape Navigator to all addresses listed in the infected user's Windows and Outlook Express address book. Its destructive payload trashes the primary hard disk drive controller, overwrites CMOS RAM, and erases flash memory (BIOS). Due to its polymorphic nature the email that this Trojan comes with does not have a static subject line, message body, or attachment filename. To be able to clean all detected files, please run the attached tool. Before running the tool, read the readme.txt first for instructions. Below is the hyperlink which describes PE_MAGISTR.A. http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=PE_MAGISTR.A To get rid of a Trojan, simply delete the program. Please update your pattern file and scan engine regularly to keep you safe from virus attack. Download the latest pattern at this site: http://www.antivirus.com/download/pattern.asp Download the latest scan engine at this site: http://www.antivirus.com/download/engines If you have any other inquiries, please feel free to contact us. Thank you and have a nice day! Sincerely, Emmy Lou D. Dy Virus Watch Team, AntiVirus Group TrendLabs, Trend Micro, Inc. URL: http://www.antivirus.com/ Additional Resources = Weekly Virus Report: http://www.antivirus.com/Trendsetter/virus_report/default.htm Virus Encyclopedia: http://www.antivirus.com/vinfo/virusencyclo/default.asp Solution Bank: http://solutionbank.antivirus.com/solutions/solutionSearch.asp HouseCall (free scanner): http://www.trend.com/free_tools/default.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: None To: US PCC Doctor Subject: Virus Submission from PCC6 User. PCEW-0019-9479-8502-2362 serial number [Registration] First_Name=Dragan Ruzic [EMAIL PROTECTED] PCC601=111064 [EMAIL PROTECTED] [UPDATE] ;--- Title TITLE=PC-cillin v6.072 ;--- Program 1(Main, I/O monitor, else...) PROGRAM=16 PROGRAM_SIZE= ;--- Engine(VSAPI32.VxD) ENGINE=19 ENGINE_SIZE=284518 ;--- Filter32.VxD FILTER=18 FILTER_SIZE=29471 ;--- VBSCAN VBSCAN=10 VBSCAN_SIZE= ;--- Pattern PATTERN=907 PATTERN_SIZE=853808 ;--- Readme RELEASE=7 RELEASE_SIZE= -- -- Kind regards, Homesick Mac http://www.homesickmac.com Homesick Mac mailto:[EMAIL PROTECTED] -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
Re: beat this seems like spam to me
Hello Listers, On Mon, 2 Jul 2001, at 16:15:14 [GMT +0200] (which was 16:15 where I live) Homesick wrote: HM My PC Cillin repported a virus in the Attach folder of my TB HM directory. So you *did* receive an attachment?? I got this line at the end of the message: [ attachment or non text part has been remove by MDaemon ] Im not quite sure if it was *my* MDaemon who remove the attachment (great) or it was the dutaint one (better) -- Chema Berian mailto:[EMAIL PROTECTED] Spanish GDUTB Moderator Suscriptions: mailto:[EMAIL PROTECTED] Using The Bat! 1.53bis on Windows NT 5.0 Build 2195 Service Pack 2 TB Tip of the Moment: You can use separate templates for new, reply and forward messages in the folders you have created - check out Folder | Properties dialogue. PGP keys available: mailto:[EMAIL PROTECTED]?Subject=SendMyPGPkeys -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
Re[2]: beat this seems like spam to me
Hello Chema, Monday, July 02, 2001, 11:15:31 PM, you wrote: CB Hello Listers, CB On Mon, 2 Jul 2001, at 16:15:14 [GMT +0200] (which was 16:15 where I CB live) Homesick wrote: HM My PC Cillin repported a virus in the Attach folder of my TB HM directory. CB So you *did* receive an attachment?? I guess I did :-) CB I got this line at the end of the message: CB [ attachment or non text part has been remove by MDaemon ] Here's how it happened. When I closed TB and thought about turning off the PC, the little window by PC Cillin was up there on my desktop saying Virus found listing the path to the TB directory, and into the Attach folder. Now, what I don't know is if the virus maybe came with some other message, I get quite enough spam and it doesn't have to be TBUDL I've got it from, eah ? -- Kind regards, Homesick Mac http://www.homesickmac.com -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
Re: beat this seems like spam to me
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Chema, On 02 July 2001 at 23:15:31 +0200 (which was 22:15 where I live) Chema Berian wrote to Homesick Mac and made these points: CB [ attachment or non text part has been remove by MDaemon ] CB Im not quite sure if it was *my* MDaemon who remove the attachment CB (great) or it was the dutaint one (better) TBUDL removes attachments with the above disclaimer. TBBETA and TBTECH don't. - -- Cheers -- .\\arck D. Pearlstone -- List moderator and fellow end user ~~~ \ BrainStorm - free thinking - www: http://www.brainstormsw.com / \ PGP Key ID: 0x929DCDA0 | www: http://www.silverstones.com / SB! v1.53d/iKey1000 55238-48F0B on Windows NT 5.0.2195 Service Pack 1 -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (MingW32) Comment: GPG Sealed for freshness iD8DBQE7QPCaOeQkq5KdzaARAt+LAKDrFKrkpABqFcsDtV84pb59Gh3YqACgqev0 0+BbrABtB/yY+068JN2EgOY= =5wyU -END PGP SIGNATURE- -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org
Re: beat this seems like spam to me
Hi Mac, On Mon, 2 Jul 2001 23:44:55 +0200GMT (03/07/2001, 05:44 +0800GMT), Homesick Mac wrote: HM Here's how it happened. When I closed TB and thought about turning off the HM PC, the little window by PC Cillin was up there on my desktop saying HM Virus found listing the path to the TB directory, and into the Attach HM folder. Yeah, the little problem with the PC-Cillin / TB combination is that you never know which mail exactly cotnained the virus. You don't even know which account was effected. HM Now, what I don't know is if the virus maybe came with some other message, I HM get quite enough spam and it doesn't have to be TBUDL I've got it from, HM eah ? Right. I didn't get the virus notification, so I don't think it was the posting here that caused the alarm on your machine. -- Cheers, Thomas. Moderator der deutschen The Bat! Beginner Liste. Anmeldung unter: [EMAIL PROTECTED] Message reply created with The Bat! 1.53d under Chinese Windows 98 4.10 Build 1998 on a Pentium II/350 MHz. -- __ Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Unsubscribe: mailto:[EMAIL PROTECTED] You are subscribed as : archive@jab.org