Security Incidents mailing list archives
Re: New Virus / Trojan ?
From: Vincent Jaussaud <Vincent.Jaussaud () kelkoo net>
Date: Mon, 26 Jul 2004 23:38:53 +0200
I've seen this today too - up2date clamscan doesn't know about it yet. But I had more luck after I've manually forced another update on our Kaspersky scanner and it's detected as: mail:~/virii# /opt/kav/bin/kavscanner [cleared_filename].txt\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ .scr Kaspersky Anti-Virus On-Demand Scanner for Linux. Version 5.0.4.0/RELEASE build #3, compiled Jul 5 2004, 16:07:57 Copyright (C) Kaspersky Lab, 1997-2004. There are 94049 records loaded, the latest update 26-07-2004 Config file: /etc/kav/5.0/kav4unix.conf ~ .scr INFECTED I-Worm.Mydoom.m
http://www.virustotal.com show the following: Scan results File: britney.zip Date: 07/26/2004 21:30:27 ---- BitDefender 7.0/20040726 found nothing ClamWin devel-20040719/20040726 found nothing eTrustAV-Inoc 4641/20040725 found nothing F-Prot 3.15/20040726 found nothing Kaspersky 4.0.2.23/20040726 found [I-Worm.Mabutu.a] McAfee 4381/20040726 found nothing NOD32v2 1.822/20040726 found nothing Norman 5.70.10/20040726 found nothing Panda 7.02.00/20040726 found nothing Sybari 7.5.1314/20040726 found [I-Worm.Mabutu.a] Symantec 8.0/20040726 found nothing TrendMicro 7.000/20040726 found nothing I-Worm.Mabutu.a and Mydoom.M are the same ?
| We'll try to submit this to Symantec Virus analysists. | | If you need further infos, please let me know. | | Thanks in advance ! | Best Regards, | cheers, frank - -- 43rd Law of Computing: ~ Anything that can go wr fortune: Segmentation violation -- Core dumped -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBBVg39Atrv5KxwOwRArX9AJoDAJRvkGc2eentlwxqwXv9L3AVFwCaAmlT JsFHF4c6rwxmPq7hYqps9m4= =zX3o -----END PGP SIGNATURE-----
-- ################################################################# Kelkoo Security Manager / Networks & Systems Architect JID: portsentry () ims kelkoo net / GPG key 1024D/3BFE3FC7 2002-02-07 Office: +(33)04 7629 7163 / Mobile: +(33)06 806 409 62 ################################################################# "Those who desire to give up freedom in order to gain security will not have, nor do they deserve, either one." -- President Thomas Jefferson. 1743-1826
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- New Virus / Trojan ? Vincent Jaussaud (Jul 26)
- Re: New Virus / Trojan ? Vincent Jaussaud (Jul 26)
- Re: New Virus / Trojan ? Frank Reppin (Jul 26)
- Re: New Virus / Trojan ? Vincent Jaussaud (Jul 27)
- Re[2]: New Virus / Trojan ? Rafael Núñez (Jul 27)
- RE: New Virus / Trojan ? Byrne Ghavalas (Jul 27)
- <Possible follow-ups>
- Re: New Virus / Trojan ? Travis Howe (Jul 26)
- Re: New Virus / Trojan ? Michael Mucha (Jul 27)