Security Incidents mailing list archives
Re: New Virus / Trojan ?
From: Frank Reppin <frank.reppin () boerde de>
Date: Mon, 26 Jul 2004 21:15:03 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Vincent Jaussaud wrote: | Hi there; | | We just saw a malicious program coming into our network. | | As usual, it uses it's own SMTP engine to send itself. | | None of our anti-virus knows about it (NAV, ClamScan, File::Scan), and | since it's a zip file, it isn't blocked by our mail system. | | The zip file contains one file, named (without quotes): | [britney.jpg thingie] | If any of you already faced this one, please share any comments / idea | you may have. I've seen this today too - up2date clamscan doesn't know about it yet. But I had more luck after I've manually forced another update on our Kaspersky scanner and it's detected as: mail:~/virii# /opt/kav/bin/kavscanner [cleared_filename].txt\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ .scr Kaspersky Anti-Virus On-Demand Scanner for Linux. Version 5.0.4.0/RELEASE build #3, compiled Jul 5 2004, 16:07:57 Copyright (C) Kaspersky Lab, 1997-2004. There are 94049 records loaded, the latest update 26-07-2004 Config file: /etc/kav/5.0/kav4unix.conf ~ .scr INFECTED I-Worm.Mydoom.m | We'll try to submit this to Symantec Virus analysists. | | If you need further infos, please let me know. | | Thanks in advance ! | Best Regards, | cheers, frank - -- 43rd Law of Computing: ~ Anything that can go wr fortune: Segmentation violation -- Core dumped -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBBVg39Atrv5KxwOwRArX9AJoDAJRvkGc2eentlwxqwXv9L3AVFwCaAmlT JsFHF4c6rwxmPq7hYqps9m4= =zX3o -----END PGP SIGNATURE-----
Current thread:
- New Virus / Trojan ? Vincent Jaussaud (Jul 26)
- Re: New Virus / Trojan ? Vincent Jaussaud (Jul 26)
- Re: New Virus / Trojan ? Frank Reppin (Jul 26)
- Re: New Virus / Trojan ? Vincent Jaussaud (Jul 27)
- Re[2]: New Virus / Trojan ? Rafael Núñez (Jul 27)
- RE: New Virus / Trojan ? Byrne Ghavalas (Jul 27)
- <Possible follow-ups>
- Re: New Virus / Trojan ? Travis Howe (Jul 26)
- Re: New Virus / Trojan ? Michael Mucha (Jul 27)