Date: Tue, 30 Oct 2001 12:02:22 -0500 From: Mike Tancsa <mike@sentex.net> To: Hajimu UMEMOTO <ume@mahoroba.org> Cc: freebsd-security@freebsd.org Subject: Re: probable virus Message-ID: <5.1.0.14.0.20011030115848.0350bec0@marble.sentex.ca> In-Reply-To: <20011031.020107.74732121.ume@mahoroba.org> References: <5.1.0.14.0.20011030115023.03544ec0@marble.sentex.ca> <20011030165053.8CFBA37B405@hub.freebsd.org> <5.1.0.14.0.20011030115023.03544ec0@marble.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks! I had a look at NAI's site and it seems they know about it and its in their daily dat file updates. Has anyone used this in conjunction with the FreeBSD scanner ? We have been using the weekly updates only in the past. Apart from the UPPERCASE only names inside the .zip file, at http://download.nai.com/products/mcafee-avert/daily_dats/DAILYDAT.ZIP ---Mike At 02:01 AM 10/31/01 +0900, Hajimu UMEMOTO wrote: > >>>>> On Tue, 30 Oct 2001 11:51:34 -0500 > >>>>> Mike Tancsa <mike@sentex.net> said: > > >mike> This looks virusish... Anyone know which one it is ? The current >nai dat >mike> file does not seem to catch it. > >Sophos caught it. >Here is the output of the scanner: > > >>> Virus 'W32/Klez' found in file > /var/log/amavis/amavis-12567923/parts/msg-16493-2.exe > >-- >Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan >ume@mahoroba.org ume@bisd.hitachi.co.jp ume@{,jp.}FreeBSD.org >http://www.imasy.org/~ume/ > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20011030115848.0350bec0>