Modify.bat (Alleged Virus)

romans, mark romans at starstream.net
Fri Oct 12 03:49:12 GMT 2001 

This message is an automatically generated reply.  This system is designed
to analyze and process virus submissions into the Symantec AntiVirus
Research Center (SARC) and cannot accept correspondence or inquiries.
Please contact your Technical Support representative if more detailed
information about your submission is required.  Do not reply to this
message.

Below is a status update on your virus submission:

Date: Thu Oct 11 20:20:09 PDT 2001
Mark Romans

Dear Mark Romans
We have analyzed your submission.  The following is a report of our
findings for each file you have submitted:

filename: E:\DL\modify.bat
machine:
result: does not appear to contain malicious code

Our automated system has performed an extensive analysis on the file(s)
that you have submitted and found no evidence of malicious code. If you
have additional evidence to suggest that a malicious program still resides
in the file that was submitted to us, please contact Symantec Technical
Support for assistance.


Developer notes:
E:\DL\modify.bat does not appear to contain malicious code.


Should you have any questions about your submission, please contact
technical support at the appropriate number listed below and give them
the tracking number in the subject of this message.

-----------------------------------------------------------------------
This message was generated by SARC automation.

For USA:
For electronic support options, Symantec provides On-Line Services at
http://www.symantec.com/techsupp.
Knowledge Base, FAQ's, Support Genie, and Ask a Tech are all free
services. "Chat Now!" does have charges associated with the service. Virus
information and definitions are available at
http://www.symantec.com/avcenter/index.html.

Symantec worldwide technical support numbers
--------------------------------------------
UK            (+44)  0171 616 5813
FRANCE        (+33)  1 64 53 80 63
GERMANY       (+49)  069 6641 0353
HOLLAND       (+31)  071 408 3952
SOUTH AFRICA  (+27)  11784 9856
SWEDEN        (+46)  8 735 5024
ITALY         (+39)  0 542 28062
SWITZERLAND   (+41)  12 12 1847
BELGIUM       (+32)  27 131 701
NORWAY        (+47)  23 05 33 30
DENMARK       (+45)  35 44 57 20
SPAIN         (+34)  9 1662 5255
AUSTRIA       (+43)  150 137 5023
AUSTRALIA     (+61)  2 8879 1000
HONG KONG     (+852) 2528 6206
KOREA         (+82)  2 3420 8650
MALAYSIA      (+60)  3 704 9273
NEW ZEALAND          0800 442 795
SINGAPORE     (+65)  239 2099
TAIWAN        (+886) 2 2739 6068

----- Original Message -----
From: "Programmer" <nwester at eidnet.org>
To: <diy_efi at diy-efi.org>
Sent: Thursday, October 11, 2001 3:09 PM
Subject: Re: strange message


> I got this apology from Dale...I emailed him directly and
> he's very sorry.
>
> >>It is a new virus W32/Magistr Vandal. I got it
> but my virus scanner didn't catch it. I'm
> getting that fixed this afternoon. Don't run
> the executables attached!!!<<
>
> Lyndon.
>
>
>
> ----- Original Message -----
> From: "Franc Buxton" <fab at dcs.warwick.ac.uk>
> To: <diy_efi at diy-efi.org>
> Sent: Thursday, October 11, 2001 5:07 AM
> Subject: Re: strange message
>
>
> > William Howell wrote:
> > >
> > > Did anyone get a message like this?
> > >
> > > Begin message -------------------
> > >
> > > I assume no responsibility for any damages caused
> > >
> > >           as a result of using this package.
> > >
> > >           The Future
> > >
> > >           The  SIM68  simulator  package  will continue to grow and
> evolve,
> > >
> > >           gaining the  ability   to  emulate  more  of  the  true
> internal
> > >
> > >           functions  of  the Motorola 68HC11 mirco-controller.
> > >
> > > End message ----------------------
> > >
> > > I have no idea who sent it.  It's from a Dale Ulan at
> dulan at telusplanet.net.
> > >
> > > It has an attachment: modify.bat.
> > >
> >
> > I got it too. I looked at the attachment on my Linux box. It's not
> > a DOS batch file, it's a program of some sort, probably a virus or
trojan.
> > Throw it away. It probably has nothing to do with the advertised sender,
> > either.
> >
> > Regards,
> > Franc.
> > --
> >       W------W       fab at dcs.warwick.ac.uk
> >     WW---  ---WW
> >    W(-(+)^^(+)-)W    fab at StunnedBuffalo.com
> >    (|     L    |)
> >     \   /WW\   /     http://www.StunnedBuffalo.com
> >       X\____/X
> >        XXXXXX        tel.: +44 (0)705 060 4322
> >         XXXX         Non sum libertus, sed numerus.
>
> --------------------------------------------------------------------------
> --
> > To unsubscribe from diy_efi, send "unsubscribe diy_efi" (without the
> quotes)
> > in the body of a message (not the subject) to
majordomo at lists.diy-efi.org
> >
> >
>
> --------------------------------------------------------------------------
--
> To unsubscribe from diy_efi, send "unsubscribe diy_efi" (without the
quotes)
> in the body of a message (not the subject) to majordomo at lists.diy-efi.org
>
>

----------------------------------------------------------------------------
To unsubscribe from diy_efi, send "unsubscribe diy_efi" (without the quotes)
in the body of a message (not the subject) to majordomo at lists.diy-efi.org

More information about the Diy_efi mailing list