Heads UP: Suspicious file not detected by most virusscanners.
Stijn Jonker
SJCJonker at SJC.NL
Fri Jun 3 07:13:23 IST 2005
[ The following text is in the "ISO-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
Oeps forgot to mention, it's detected on the extension and the
heuristics checks.
Stijn Jonker said the following on 03/06/2005 08:11:
> Hello all,
>
> I just received 2 copies of an mail containing a text that Osama Bin
> Laden was captured, with an attachment of pics.zip (900 bytes).
>
> Virustotal.com didn't report anything really usefull back, will be doing
> my rounds through the submissions sites of mcafee,norman, symantec and
> clamav.
>
> Output of virustotal.com:
> Antivirus Version Update Result
> AntiVir 6.30.0.15 06.02.2005 Heuristic/Trojan.Downloader
> AVG 718 06.02.2005 no virus found
> Avira 6.30.0.15 06.02.2005 Heuristic/Trojan.Downloader
> BitDefender 7.0 06.02.2005 BehavesLike:Trojan.Downloader
> ClamAV devel-20050501 06.02.2005 Trojan.Downloader.Small-561
> DrWeb 4.32b 06.02.2005 no virus found
> eTrust-Iris 7.1.194.0 06.02.2005 no virus found
> eTrust-Vet 11.9.1.0 06.02.2005 no virus found
> Fortinet 2.27.0.0 06.03.2005 W32/Gifget.A-tr
> Ikarus 2.32 06.03.2005 no virus found
> Kaspersky 4.0.2.24 06.03.2005 Trojan-Downloader.Win32.Small.axr
> McAfee 4505 06.02.2005 no virus found
> NOD32v2 1.1124 06.02.2005 probably unknown NewHeur_PE virus
> Norman 5.70.10 06.03.2005 W32/Downloader
> Panda 8.02.00 06.02.2005 no virus found
> Sybari 7.5.1314 06.03.2005 W32/Downloade
> Symantec 8.0 06.02.2005 no virus found
> VBA32 3.10.3 06.02.2005 no virus found
>
>
--
Met Vriendelijke groet/Yours Sincerely
Stijn Jonker <SJCJonker at sjc.nl>
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list