[ILUG] Can u help me please

mohammed Waheed waheed at ditlabs.com
Thu Sep 28 08:05:38 IST 2006 

Hi  im facing problem with worm.somefoolp viruses pls can u help me how to
clear that pls 

 

 

wo viruses (Exploit.HTML.IFrame, Worm.SomeFool.P) were found.

 

A banned name (message.scr) was found.

 

Scanner detecting a virus: Clam Antivirus - clamscan

 

The mail originated from: <20glen at glenclack.com>

 

According to the 'Received:' trace, the message originated at:

   ditnet.co.ae (ner-b15552.alshamil.net.ae [83.110.145.218])          

 

The message WAS NOT delivered to:

<bmenon at dit.net>:

   550 5.7.1 Message content rejected, id=13512-06 - VIRUS:
Exploit.HTML.IFrame, Worm.SomeFool.P

 

Virus scanner output:

   LibClamAV Warning:
********************************************************

   LibClamAV Warning: ***  This version of the ClamAV engine is outdated.
***

   LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/faq.html
***

   LibClamAV Warning:
********************************************************

   LibClamAV Warning:
********************************************************

   LibClamAV Warning: ***  This version of the ClamAV engine is outdated.
***

   LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/faq.html
***

   LibClamAV Warning:
********************************************************

   /var/amavis/tmp/amavis-20060928T091113-13512/parts/part-00001: Empty file

   /var/amavis/tmp/amavis-20060928T091113-13512/parts/part-00002:
Exploit.HTML.IFrame FOUND

   /var/amavis/tmp/amavis-20060928T091113-13512/parts/part-00003:
Worm.SomeFool.P FOUND

 

The message has been quarantined as:

   /var/virusmails/virus-20060928-091914-13512-06

 

------------------------- BEGIN HEADERS -----------------------------

Return-Path: <20glen at glenclack.com>

Received: from ditnet.co.ae (ner-b15552.alshamil.net.ae [83.110.145.218])

            by mail.dit.net (Postfix) with ESMTP id 112535EE27

            for <bmenon at ditnet.co.ae>; Thu, 28 Sep 2006 09:18:36 +0400 (GST)

From: 20glen at glenclack.com

To: bmenon at ditnet.co.ae

Subject: Mail Delivery (failure bmenon at ditnet.co.ae)

Date: Fri, 2 Jan 2004 22:57:19 +0400

MIME-Version: 1.0

Content-Type: multipart/related;

            type="multipart/alternative";

            boundary="----=_NextPart_000_001B_01C0CA80.6B015D10"

X-Priority: 3

X-MSMail-Priority: Normal

Message-Id: <20060928051836.112535EE27 at mail.dit.net>

-------------------------- END HEADERS ------------------------------

More information about the ILUG mailing list