From: Can BAYTAN M.D. (Physiology) (cbaytan@meds.ktu.edu.tr)
Date: Tue 22 May 2001 - 05:31:03 EEST
Selamlar,
Amavis ve uvscan'i install ettikten sonra scan'in gorebildigi virusleri
yakalamaya basladik, simdi bilkent listesine gelen bir maildede virus
bulununca postmaster'a gelen virus alarminin listedeki arkadaslar tarafindan
gorulmesininin yararli olacagini sandigim icin sizlerede forward ediyorum.
2 haftalik bir kullanimdan sonra windoze dunyasinin virus kaynadigini
gozumle gordum, ogretim elemanlarini korumak amaci olmasa neredeyse sadistce
birakin yasasinlar mikroplarla diyesim geliyor ama diyemiyorum.
Iyi calismalar herkese
Can Baytan M.D. http://meds.ktu.edu.tr/cbaytan/cbaytan.html
Karadeniz (Blacksea) Technical University
Medical School, Dept. of Physiology--Trabzon/TR
Fax:+90(462)377-5498 cbaytan@yahoo.com (BX15TGE)
---------- Forwarded message ----------
Date: Mon, 21 May 2001 21:39:49 +0300
From: postmaster@meds.ktu.edu.tr
To: virusalert@meds.ktu.edu.tr
Subject: FOUND VIRUS IN MAIL from linux@listweb.bilkent.edu.tr to linux
The attached mail has been found to contain a virus
Originally /usr/sbin/scanmails -f linux@listweb.bilkent.edu.tr -Y -a -d linux
The mail has been stored as /var/virusmails/root/virus-20010521-2944
xxxxxxxxxxxxxxxxxxMon May 21 21:39:45 EEST 2001xxxxxxxxxxxxxxxxxxxxxxx
scanmails (0.2.1) called -f linux@listweb.bilkent.edu.tr -Y -a -d linux
FROM: linux@listweb.bilkent.edu.tr
TO: linux
maxlevel: 0
Unziping self extracting CDCACHE.EXE
Contents of /var/tmp/scanmails2944/unpacked
/var/tmp/scanmails2944/unpacked:
total 112
drwxr-xr-x 3 root root 4096 May 21 21:39 .
drwx------ 3 root root 4096 May 21 21:39 ..
-rw-r--r-- 1 root root 15 May 21 21:39 1-mm.srh5Gj
-rw-r--r-- 1 root root 91136 May 21 21:39 CDCACHE.EXE
drwxr-xr-x 2 root root 4096 May 21 21:39 SFX
-rw------- 1 root root 0 May 21 21:39 mm.srh5Gj
/var/tmp/scanmails2944/unpacked/SFX:
total 8
drwxr-xr-x 2 root root 4096 May 21 21:39 .
drwxr-xr-x 3 root root 4096 May 21 21:39 ..
Scanning /var/tmp/scanmails2944/unpacked/*
Scanning file /var/tmp/scanmails2944/unpacked/mm.srh5Gj
/var/tmp/scanmails2944/unpacked/mm.srh5Gj
File too small to have a known virus.
Scanning file /var/tmp/scanmails2944/unpacked/1-mm.srh5Gj
Scanning file /var/tmp/scanmails2944/unpacked/CDCACHE.EXE
/var/tmp/scanmails2944/unpacked/CDCACHE.EXE
Found the W32/Magistr@MM virus !!!
Summary report on /var/tmp/scanmails2944/unpacked/*
File(s)
Total files: ........... 3
Clean: ................. 2
Possibly Infected: ..... 1
Thank you for choosing to evaluate VirusScan from Network Associates.
This version of the software is for Evaluation Purposes Only and may be
used for up to 30 days to determine if it meets your requirements. To
license the software, or to obtain assistance during the evaluation
process, please call (408) 988-3832. If you choose not to license the
software, you need to remove it from your system. All use of this
software is conditioned upon compliance with the license terms set forth
in the README.TXT file.
H+BEDV AntiVir scanstatus0 is: 0
Mcafee scanstatus1 is: 0
Dr. Solomon (old) scanstatus2 is: 0
Dr. Solomon (new) scanstatus3 is: 0
Sophos Sweep scanstatus4 is: 0
NAI Virus Scan 4.x scanstatus5 is: 13
KasperskyLab AVP scanstatus6 is: 0
KasperskyLab AVPDaemonClient scantatus7 is: 0
F-Secure Antivirus scanstatus8 is: 0
Trend Micro FileScanner scanstatus9 is: 0
CyberSoft vfind scanstatus10 is: 0
CAI InoculateIT (inocucmd) scanstatus11 is: 0
Virus FOUND Sent notification to virusalert
-----------------------------------------------------------------------
Liste üyeliğiniz ile ilgili her türlü işlem için
http://liste.linux.org.tr adresindeki web arayüzünü kullanabilirsiniz.
Listeden çıkmak için: 'linux-request@linux.org.tr' adresine,
"Konu" kısmında "unsubscribe" yazan bir e-posta gönderiniz.
-----------------------------------------------------------------------