Heads UP: Suspicious file not detected by most virusscanners.
Hywel Burris
hywel.burris at COMTEC-EUROPE.CO.UK
Fri Jun 3 12:20:50 IST 2005
> -----Original Message-----
> From: Stijn Jonker [mailto:SJCJonker at SJC.NL]
> Sent: 03 June 2005 07:11
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Heads UP: Suspicious file not detected by most virusscanners.
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello all,
>
> I just received 2 copies of an mail containing a text that
> Osama Bin Laden was captured, with an attachment of pics.zip
> (900 bytes).
>
> Virustotal.com didn't report anything really usefull back,
> will be doing my rounds through the submissions sites of
> mcafee,norman, symantec and clamav.
>
> Output of virustotal.com:
> Antivirus Version Update Result
> AntiVir 6.30.0.15 06.02.2005
> Heuristic/Trojan.Downloader
> AVG 718 06.02.2005 no virus found
> Avira 6.30.0.15 06.02.2005 Heuristic/Trojan.Downloader
> BitDefender 7.0 06.02.2005 BehavesLike:Trojan.Downloader
> ClamAV devel-20050501 06.02.2005
> Trojan.Downloader.Small-561
> DrWeb 4.32b 06.02.2005 no virus found
> eTrust-Iris 7.1.194.0 06.02.2005 no virus found
> eTrust-Vet 11.9.1.0 06.02.2005 no virus found
> Fortinet 2.27.0.0 06.03.2005 W32/Gifget.A-tr
> Ikarus 2.32 06.03.2005 no virus found
> Kaspersky 4.0.2.24 06.03.2005
> Trojan-Downloader.Win32.Small.axr
> McAfee 4505 06.02.2005 no virus found
> NOD32v2 1.1124 06.02.2005 probably unknown
> NewHeur_PE virus
> Norman 5.70.10 06.03.2005 W32/Downloader
> Panda 8.02.00 06.02.2005 no virus found
> Sybari 7.5.1314 06.03.2005 W32/Downloade
> Symantec 8.0 06.02.2005 no virus found
> VBA32 3.10.3 06.02.2005 no virus found
I had F-Prot pick this up first along with trusty old
MailScanner..Bitdefender would have as it picked it up as suspicious but
MailScanner allowed it through where do I change this behaviour? I had a
look in bitdefender-wrapper but couldn't see any config there.
Thanks
************************************************************************
This e-mail and any attachments are strictly confidential and intended solely for the addressee. They may contain information which is covered by legal, professional or other privilege. If you are not the intended addressee, you must not copy the e-mail or the attachments, or use them for any purpose or disclose their contents to any other person. To do so may be unlawful. If you have received this transmission in error, please notify us as soon as possible and delete the message and attachments from all places in your computer where they are stored.
Although we have scanned this e-mail and any attachments for viruses, it is your responsibility to ensure that they are actually virus free.
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list