Thursday, June 05, 2008

[Nepenthes] GOT CHA!

Living in protected LAN.. I thought I am pretty safe.. not so! I rarely checked my nepenthes /var/lib until today.. after I upgraded my Ubuntu Gutsy to Hordy... wooow...

root@nuvox:/var/lib/nepenthes/binaries# ls -l
total 192
-rw-r--r-- 1 nepenthes nepenthes 51664 2008-06-04 14:03 3d39a29913a2fe54009d491b89b01ab4
-rw-r--r-- 1 nepenthes nepenthes 41936 2008-06-03 11:04 8e072862754ef6e80831d2fd50376b43
-rw-r--r-- 1 nepenthes nepenthes 41928 2008-06-02 16:38 ba106399aad8b515319f52fac4794a73
-rw-r--r-- 1 nepenthes nepenthes 51664 2008-06-02 16:00 c2f699282a7a16ecf554cfbaa2724204



Lemme check...!

Doesn't seems that it is clean as expected

root@nuvox:/var/lib/nepenthes/binaries# clamscan *
3d39a29913a2fe54009d491b89b01ab4: W32.Virut.ca FOUND
8e072862754ef6e80831d2fd50376b43: Trojan.DsBot-15 FOUND
ba106399aad8b515319f52fac4794a73: OK
c2f699282a7a16ecf554cfbaa2724204: W32.Virut.ci FOUND

----------- SCAN SUMMARY -----------
Known viruses: 306262
Engine version: 0.92.1
Scanned directories: 0
Scanned files: 4
Infected files: 3
Data scanned: 0.17 MB
Time: 9.410 sec (0 m 9 s)

No comments: