Ciao Mike > > I've been contacted by a couple of customers which caught a new virus in > > the last few days, sent by e-mail in > > a .zip file containing an .exe. (yes, there are still people out there who > > open these kind of attachments if they > > come from a known address) > > Has anybody else seen this? Is there a name or details or cure fo it yet?
I've seen multiple of these, the first one had "Re: Quote" as Subject, the other one "My photo". Guess which one was opened more *g* When I checked them, VirusTotal only knew about them for a few minutes, and just 3 or so AV recognized them. One of the names given was "Packer.W32.Krap" (the Quote thing), the "my photo" went "Win32.Trojan.Inject.Auto". I'd assume these viruses are now part of official signatures, but if it helps, I've appended the two custom signatures I created for clamav. I've recently seen quite a few 0-day virus outbreaks, where classic signature based AV engines are bound to take a while to pick up on them. It helps if you check with multiple products, but you can't really get recognition up to 100%, that's just not feasible. Cheers, Markus
customsig.ndb
Description: Binary data
_______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
