[dba-Tech] New trouble - zip virus?

Shamil Salakhetdinov shamil at users.mns.ru
Mon Jun 6 02:09:52 CDT 2005 

Yes, Jim,

This is Mytob:

Scan type:  Manual Scan
Event:  Virus Found!
Virus name: W32.Mytob.DF at mm
File:  F:\Viruses\instructions.zip>>instruct...
Location:  Quarantine
Computer:  ****
User:  ****
Action taken:  Clean failed : Quarantine succeeded :
Date found: Mon Jun 06 11:06:13 2005

NAV has new update now, which recognizes this virus.

Thank you,
Shamil

----- Original Message ----- 
From: "JMoss" <jim.moss at jlmoss.net>
To: "'Discussion of Hardware and Software issues'"
<dba-tech at databaseadvisors.com>
Sent: Saturday, June 04, 2005 11:29 AM
Subject: RE: [dba-Tech] New trouble - zip virus?


> Shamil,
>
> It's the worm, MYTOB or a variant, and Trend released their first
definition
> on May 30. See the definition from Trend Micro at
>
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MYTOB.B
> M
> You can probably clean it using Trend's free tool at
> http://housecall.trendmicro.com/
>
> Jim
>
> -----Original Message-----
> From: dba-tech-bounces at databaseadvisors.com
> [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Shamil
> Salakhetdinov
> Sent: Saturday, June 04, 2005 1:51 AM
> To: !dba-Tech
> Subject: [dba-Tech] New trouble - zip virus?
>
> Hi All,
>
> Now I've got something suspicious like a virus attachment but my NAV
doesn't
> recognize it as a virus - here is its e-mail header:
>
> >From service at smsconsulting.spb.ru  Sat Jun  4 01:20:42 2005
> Received: from smsconsulting.spb.ru ([67.151.53.66])
>   by batman.mns.ru with esmtp; Sat, 04 Jun 2005 01:20:39 +0400
>   id 000149A4.42A0C9A7.000044CA
> From: service at smsconsulting.spb.ru
> To: shamil at smsconsulting.spb.ru
> Subject: *WARNING* Your Email Account Will Be Closed
> Date: Fri, 3 Jun 2005 14:17:50 -0700
> MIME-Version: 1.0
> Content-Type: multipart/mixed;
>  boundary="----=_NextPart_000_0009_D44961E9.957809EC"
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-Spam-Status: Yes, hits=8.3 tagged_above=3.0 required=8.0 tests=BAYES_80,
> MISSING_MIMEOLE, NO_REAL_NAME, PRIORITY_NO_NAME, UPPERCASE_25_50
> X-Spam-Level: ********
> X-Spam-Flag: YES
>
> WHOIS search didn't give any information on IP address: 67.151.53.66 I
used
> this search Web site: http://www.ripe.net/whois
>
> Could you please advise what's the best way to track the source of this
> suspicious message?
>
> Thank you,
> Shamil
>
> _______________________________________________
> dba-Tech mailing list
> dba-Tech at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/dba-tech
> Website: http://www.databaseadvisors.com
>
>
> _______________________________________________
> dba-Tech mailing list
> dba-Tech at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/dba-tech
> Website: http://www.databaseadvisors.com

More information about the dba-Tech mailing list