This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
Re: SPAM - Re: How did I get it?
I'd like to thank all who responded to my query. The cygwin1.dll was indeed
used maliciously. I dumped my McAfee and purchased Norton System Works 2003.
It took me a total of 3 days get my infected machine back up and running.
Most of the difficultly came from the fact that the "worm" and its
associated programs remapped a lot of the registry.
Norton identified 3 worms with the main culprit being Backdoor.SubSeven22.
Two of the exe's being used were wlhsnrbw.exe and avill.exe.
Again - many thanks!
Jack Rose
----- Original Message -----
From: Michael Schaap
To: Jack Rose
Cc: cygwin@cygwin.com
Sent: Saturday, December 14, 2002 7:19 AM
Subject: SPAM - Re: How did I get it?
On 14-Dec-2002 10:11, Max Bowsher wrote:
> Jack Rose <jrose22@columbus.rr.com> wrote:
>
>
>>Could some tell me how the CYGWIN1.DLL ended up on my computer. It
>>seems to have just appeared at 3:09am yesterday and I know I wasn't
>>working at that time.
>>
>>Could this have been uploaded to my machine for malicious purposes?
>>If so, what else should I be looking for, besides a better firewall
>>and virus detector?
>>
>>Any information would be appreciated...
>
>
> Well, someone (apparently not you) installed Cygwin, or a program which
uses
> a cut down Cygwin install to function.
>
And this could indeed be a virus or worm. There is at least one that
includes cygwin1.dll:
http://vil.mcafee.com/dispVirus.asp?virus_k=99529
I'd certainly check your PC carefully for viruses, if I were you.
- Michael
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/