D.J. Fan wrote:
I just received 3 emails with a subject of 'foto' or 'fotos' and a zip attachment named 'foto.zip' with 'calc.exe' and 'foto.htm' contained therein that passed through 3 different scanners undetected.
This is Trojan.Dropper.Small-11 added in ClamAV update 475 just in the last hour. I got a couple that slipped through just before the update, but they are being caught now. My other virus scanners still don't detect it.
James Lick >
It was Trojan.Dropper.Small-11 that Symantec calls Download.Ject.C
It was discovered August 28th, and it infected a computer on my network
on that day, but for some reason, no anti-virus vendor that I am aware of
put it in their pattern file until August 31st. It disables descktop anti-virus
programs. This allowed the same computer to get infected with a Beagle
virus. I have 4 scanners on our network, ClamAV, Panda, Symantec and Trend
Micro. It just goes to show you how easy it is for a blended threat to occur.
New rule: quarantine all zip attachments. (I do this on my main network but
have no control over a few machines that need to use a different email provider.)
_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar � get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
