Re: [OT] Virus W32/Swen@MM spreading...
Thomas -Balu- Walter wrote:
Okay guys, this is fairly offtopic, but I keep getting _massive_ amounts
of email to my debian-lists address debian@b-a-l-u.de which makes me
believe, that many subscribers here are infected with W32/Swen@MM:
AOL.
Please do this especially if your IP is on the following list:
12.220.112.201
12.221.196.249
24.165.179.214
24.220.0.34
62.147.41.28
62.212.118.46
62.251.0.13
62.47.127.46
63.17.141.143
66.157.254.74
66.68.5.232
67.22.137.192
67.35.120.215
68.106.136.13
68.110.13.181
68.13.98.191
68.5.98.152
68.53.7.239
68.7.60.15
80.56.29.166
81.193.105.245
81.74.14.242
166.82.94.53
194.230.154.90
195.22.163.146
195.242.19.113
200.68.102.9
200.80.137.177
206.116.134.104
209.248.239.146
212.216.176.221
212.216.176.222
213.190.44.30
213.93.220.107
217.136.92.101
218.217.115.152
219.76.116.130
This list is based on the IP of the original sending computer (as recorded by
the mailhost which received the email initially, which I believe is accurate,
correct me if I'm wrong). There may be mistakes in here -- this list was
generated semi-manually.
http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.html
http://vil.nai.com/vil/content/v_100662.htm
Please get your machines offline and scan them with a recent
Virus-Scanner. I'd suggest to boot to Linux and remove all Windows
partitions anyway, but some of you still seem to need/use it ;)
Balu
--
find / -user your -name base |xargs chown us:us
Reply to: