Full Disclosure mailing list archives
Re: Automat? Was (Re: new virus: )
From: disclosure () exotope com
Date: Fri, 19 Sep 2003 12:43:49 -0400 (EDT)
Following up my own post:
--------------------------------------------------------------
There is no virus known to us by this name. However, Norton Anti-Virus
uses names like W97M.Automat. to name viruses which have been detected
automatically.
VARIANT: Automat.K
--------------------------------------------------------------
So it looks new.
...Eric
On Fri, 19 Sep 2003 disclosure () exotope com wrote:
Check out Usenet or Google groups, lots of autospam postings about this to news.admin.net-abuse.sightings. One says: hqbkyk.exe was infected with the malicious virus Worm.Automat.AHB and has been deleted because the file cannot be cleaned. ...Eric On Fri, 19 Sep 2003, Ron Clark wrote:---------- Forwarded message ---------- Date: Fri, 19 Sep 2003 18:22:00 +0300 From: Eero Volotinen <security () jlug org> To: Ron Clark <ron () pi-mail Armstrong EDU> Subject: Re: [Full-disclosure] new virus: Yes, it's swan virus. -- Eero If you meant swen, this doesn't look like swen. Nothing mentioning micro$oft The test of the email is :Hi. I'm sorry to have to inform you that I wasn't able to deliver your message to the following addresses: Undelivered message to rlfblncx () bigfoot netwith an audio attachment ----- Original Message ----- From: "Ron Clark" <ron () pi-mail Armstrong EDU> To: <full-disclosure () netsys com> Sent: Friday, September 19, 2003 5:38 PM Subject: [Full-disclosure] new virus:Has anyone seen an email going around with subject bug message containing a supposed audio attachment that is really an exe named ckcwr.exe. Is this a possible new virus? I have recieved numerous cpoies of this email since last night. Ron Clark System Administrator Armstrong Atlantic State University _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: new virus: (fwd) Ron Clark (Sep 19)
- <Possible follow-ups>
- Re: new virus: (fwd) Ron Clark (Sep 19)
- Automat? Was (Re: new virus: ) disclosure (Sep 19)
- Re: Automat? Was (Re: new virus: ) disclosure (Sep 19)
- Re: Automat? Was (Re: new virus: ) B.K. DeLong (Sep 19)
- Re: Automat? Was (Re: new virus: ) Nick FitzGerald (Sep 20)
- Automat? Was (Re: new virus: ) disclosure (Sep 19)
- Re: new virus: (fwd) Exibar (Sep 19)
- Re: new virus: (fwd) morning_wood (Sep 20)
- SV: new virus: (fwd) Peter Kruse (Sep 20)
- RE: new virus: (fwd) Steve Wray (Sep 20)
- Re: SV: new virus: (fwd) Rocco Stanzione (Sep 20)
- Re: new virus: (fwd) Paul Schmehl (Sep 20)