deny cabinet files? It was a virus!
Jeff A. Earickson
jaearick at COLBY.EDU
Fri Jul 8 15:04:26 IST 2005
I just got a response from the Clam team, my suspicious cab file
is a worm:
Submission: 64289
Sender: Andreas Grip
Added: Worm.Kebede.G-cab
Added: Worm.Kebede.G
Virus name alias: Email-Worm.Win32.Kebede.g (Kaspersky AVP),
Virus name alias: BACKDOOR.Trojan (Drweb), Win32.Worm.Kebede.G
Virus name alias: (Bitdefender)
Submission: 64309
Sender: Jeff Earickson
Submission notes: Same as 64289.
Just updated my Clam files and ran the file thru my virus.scan
script, now it says:
=== Checking content.cab with ClamAV clamscan
Scanning content.cab
content.cab: Worm.Kebede.G-cab FOUND
So I wasn't just paranoid, I was right! :)
(Still waiting for the Sophos update...)
Jeff Earickson
Colby College
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list