worm, anyone?
Peter Murray
pete@partnercomm.com
Tue Nov 16 10:40:06 EST 2004
It would appear that someone on the Boston Radio Interest list has a
worm on his machine. I have started irregularly receiving emails
directly from "Igochuckigo@maine.rr.com" (and I can't imagine it's him -
never!) with a malicious payload attached.
If you happen to be a Verizon Online (DSL or dialup) customer, you just
may be the source: pool-70-17-146-40.wma.east.verizon.net was the
originating DNS name for the IP address (70.17.146.40).
The payload is attempting to further spread W32/Bagle.az@MM (known under
a few other names as well). Information on detection and cleanup is
available at any of these sites:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_BAGLE.AU
http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.aw@mm.html
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=129511
-Peter
Peter Murray (N3IXY)
Vienna, VA
More information about the Boston-Radio-Interest
mailing list