Mailinglist Archive: opensuse-security (485 mails)

< Previous Next >
Re: [suse-security] k3b
  • From: suse@xxxxxx
  • Date: Mon, 8 Mar 2004 11:59:20 -0500
  • Message-id: <20040308115920.voogtgkk8owokk0k@xxxxxx>
Quoting Murat Akca <murat.akca@xxxxxxxxxxx>:
>
> I think I found the problem,all virus files are copied to the "share" folders
> as you said.One of the folder is
>
> /home/onder/.kde/share/apps/k3b/eminem - lick my pussy.mp3.pif
> /home/onder/.kde/share/apps/k3b/temp/dummydir/eminem - lick my pussy.mp3.pif
> /home/onder/.kde/share/apps/k3b/temp/eminem - lick my pussy.mp3.pif
>
> So when burning a cd these files are automatically writed to the cd?
>
> I think I need to remove all these files?Is there any other ideas?
>

First off, if I recall correctly, k3b is a ui wrapper. If something on your
machine is infected, it's probably the actual program writing to the CD that's
hit. However, in this case, the problem is likely in the interaction between
k3b and cdrecord. Those .pif files are in places they shouldn't be, so they're
being passed to cdrecord erroneously.

Secondly, for the love of all that is holy: FIX YOUR WINDOWS MACHINE!!!

The nasty piece of malware is most likely Netsky.B:
http://securityresponse.symantec.com/avcenter/venc/data/w32.netsky@xxxxxxx

< Previous Next >