New Trojan
Anthony Peacock
a.peacock at chime.ucl.ac.uk
Fri Jul 25 08:17:20 IST 2008
Hi,
dnsadmin 1bigthink.com wrote:
> At 02:33 PM 7/24/2008, you wrote:
>> Derek Buttineau wrote:
>>> On 2008-Jul-24, at 1:53 PM, Hugo van der Kooij wrote:
>>>
>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>> Hash: SHA1
>>>>
>>>> Scott Silva wrote:
>>>>
>>>> | I guess the blacklists have been helping me because I haven't seen
>>>> any.
>>>> | But it is early, and now that I said something I will be flooded.
>>>> ;-P
>>>>
>>>> If that helps to lay your hands on them I might want to claim I have
>>>> not
>>>> yet received a single one of them.
>>>>
>>>> Hugo.
>>> We're seeing a ton of them incoming now too, clamav is still not
>>> detecting them either :(
>>> Derek
>>
>>
>> What sig file are you running? Daily here is 7815
>> We are catching them, and have been since sometime yesterday afternoon
>> (GMT-7).
>>
>> Clam calls them as Trojan.Zbot-1711, Trojan.Zbot-1712
>>
>> Ken
>
> I'm still not catching them with clamscan, I've got 7815 here, too, but
> running ClamAV 0.92.1 and suspect that is why.
>
> Thinking very seriously about upgrade today.
Clamav is still not catching the ones that claim to be from "Customs"
here, and I am running the latest version with the latest sigs. Clam is
catching the 'Tax_invoice' variant though.
--
Anthony Peacock
CHIME, Royal Free & University College Medical School
WWW: http://www.chime.ucl.ac.uk/~rmhiajp/
Study Health Informatics - Modular Postgraduate Degree
http://www.chime.ucl.ac.uk/study-health-informatics/
More information about the MailScanner
mailing list