[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [ok] [Full-Disclosure] Possible Virus/Trojan
- To: "'Duncan Hill'" <dhill+fulldisc@xxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: RE: [ok] [Full-Disclosure] Possible Virus/Trojan
- From: "Todd Towles" <toddtowles@xxxxxxxxxxxxxxx>
- Date: Tue, 27 Jul 2004 11:27:33 -0500
We have a corporate anti-virus system (AV company based out of Europe) that
I have access too and it is update to date. We normally see viruses before
IDEs are out and are used to handling them in that manner. Most of the time
we hold these unknown files until they are detectable. This file was sent to
the AV vendor before I got my copy and I am the only person in the company
that got this e-mail.
I was the only person to receive this e-mail. To put this in content - we
received about hundred MyDoom-O viruses yesterday.
My job function doesn't allow me the time to look into the code and what it
does as much as I would like. I haven't tried another AV product, but I do
understand that multiple scanners if the best way for detection.
-Todd
-----Original Message-----
From: full-disclosure-admin@xxxxxxxxxxxxxxxx
[mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx] On Behalf Of Duncan Hill
Sent: Tuesday, July 27, 2004 10:17 AM
To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [ok] [Full-Disclosure] Possible Virus/Trojan
On Tuesday 27 July 2004 14:28, Todd Towles might have typed:
> Hey guys,
>
> I was able to finally get the file out of Outlook via add-on. The add-on
> moves file types from Level 1 to Level 2. Anyways, it wasn't detected as a
> virus and it is only 35 KBs in size. Kinda small.
35K is large enough to contain a virus that propagates via an internal SMTP
engine and do other fun things like search google etc.
How up to date is your virus scanner? Have you tried more than one virus
scanner?
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html