|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical [Fwd: FOUND VIRUS IN MAIL from <[email protected]>]
Fair Warning.... -----Forwarded Message----- From: [email protected] To: [email protected] Subject: FOUND VIRUS IN MAIL from <[email protected]> Date: 17 Jun 2002 22:48:16 -0500 A virus was found in an email from: <[email protected]> The message was addressed to: -> <[email protected]> The message has been quarantined as: /var/virusmails/virus-20020617-224816-21028 Here is the output of the scanner: Scanning /var/amavis/amavis-milter-4Oa4l925/parts/* Scanning file /var/amavis/amavis-milter-4Oa4l925/parts/msg-21028-1.txt Scanning file /var/amavis/amavis-milter-4Oa4l925/parts/msg-21028-2.html Scanning file /var/amavis/amavis-milter-4Oa4l925/parts/msg-21028-3.exe /var/amavis/amavis-milter-4Oa4l925/parts/msg-21028-3.exe Found the DDoS-Slack trojan !!! Summary report on /var/amavis/amavis-milter-4Oa4l925/parts/* File(s) Total files: ........... 3 Clean: ................. 2 Possibly Infected: ..... 1 Here are the headers: ------------------------- BEGIN HEADERS ----------------------------- Received: by trapdoor.merit.edu (Postfix) id 0FA7F9124E; Mon, 17 Jun 2002 23:46:02 -0400 (EDT) Delivered-To: [email protected] Received: by trapdoor.merit.edu (Postfix, from userid 56) id B621F9124F; Mon, 17 Jun 2002 23:46:01 -0400 (EDT) Delivered-To: [email protected] Received: from segue.merit.edu (segue.merit.edu [198.108.1.41]) by trapdoor.merit.edu (Postfix) with ESMTP id A61099124E for <[email protected]>; Mon, 17 Jun 2002 23:45:58 -0400 (EDT) Received: by segue.merit.edu (Postfix) id 8CCEA5DE57; Mon, 17 Jun 2002 23:45:58 -0400 (EDT) Delivered-To: [email protected] Received: from web21109.mail.yahoo.com (web21109.mail.yahoo.com [216.136.227.111]) by segue.merit.edu (Postfix) with SMTP id D92105DE52 for <[email protected]>; Mon, 17 Jun 2002 23:45:57 -0400 (EDT) Message-ID: <[email protected]> Received: from [68.36.89.121] by web21109.mail.yahoo.com via HTTP; Mon, 17 Jun 2002 20:45:56 PDT Date: Mon, 17 Jun 2002 20:45:56 -0700 (PDT) From: jim bruer <[email protected]> Subject: ConfigMaker Beta To: [email protected] MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="0-340633384-1024371956=:50295" Sender: [email protected] Precedence: bulk Errors-To: [email protected] X-Loop: nanog -------------------------- END HEADERS ------------------------------ -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 972-414-9812 E-Mail: l[email protected] US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749
|