From owner-freebsd-security  Tue Oct 30  9: 1:21 2001
Delivered-To: freebsd-security@freebsd.org
Received: from cheer.mahoroba.org (flets-f0022.kamome.or.jp [211.8.127.22])
	by hub.freebsd.org (Postfix) with ESMTP id 6323E37B401
	for <freebsd-security@freebsd.org>; Tue, 30 Oct 2001 09:01:17 -0800 (PST)
Received: (from root@localhost)
	by cheer.mahoroba.org (8.12.1/8.12.1) id f9UH1FjD042235;
	Wed, 31 Oct 2001 02:01:15 +0900 (JST)
	(envelope-from ume@mahoroba.org)
Received: from peace.mahoroba.org (IDENT:25VJGuguTHOiWmt3Z26KkUm3kPYehVKEUGxmZOtu6McEwdKj2a9K/CnxKjuG7YGb@peace.mahoroba.org [IPv6:3ffe:505:2:0:200:f8ff:fe05:3eae])
	(user=ume mech=CRAM-MD5 bits=0)
	by cheer.mahoroba.org (8.12.1/8.12.1/av) with ESMTP/inet6 id f9UH1BGR045142;
	Wed, 31 Oct 2001 02:01:14 +0900 (JST)
	(envelope-from ume@mahoroba.org)
Date: Wed, 31 Oct 2001 02:01:07 +0900 (JST)
Message-Id: <20011031.020107.74732121.ume@mahoroba.org>
To: mike@sentex.net
Cc: freebsd-security@freebsd.org
Subject: Re: probable virus
From: Hajimu UMEMOTO <ume@mahoroba.org>
In-Reply-To: <5.1.0.14.0.20011030115023.03544ec0@marble.sentex.ca>
References: <20011030165053.8CFBA37B405@hub.freebsd.org>
	<5.1.0.14.0.20011030115023.03544ec0@marble.sentex.ca>
X-PGP-Public-Key: http://www.imasy.org/~ume/publickey.asc
X-PGP-Fingerprint: 6B 0C 53 FC 5D D0 37 91  05 D0 B3 EF 36 9B 6A BC
X-URL: http://www.imasy.org/~ume/
X-Operating-System: FreeBSD 5.0-CURRENT
X-Mailer: xcite1.38> Mew version 2.1rc2 on Emacs 21.1 / Mule 5.0
 =?iso-2022-jp?B?KBskQjgtTFobKEIp?=
X-Weather: =?iso-2022-jp?B?GyRCOiNGfCROP0BGYEBuOCkkT0ZeOGVAMiRHJDkbKEI=?=
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: by AMaViS perl-11
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

>>>>> On Tue, 30 Oct 2001 11:51:34 -0500
>>>>> Mike Tancsa <mike@sentex.net> said:


mike> This looks virusish... Anyone know which one it is ?  The current nai dat 
mike> file does not seem to catch it.

Sophos caught it.
Here is the output of the scanner:

>>> Virus 'W32/Klez' found in file /var/log/amavis/amavis-12567923/parts/msg-16493-2.exe

--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume@mahoroba.org  ume@bisd.hitachi.co.jp  ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message