Hmmmm
in [Anti-Virus]
|
Prev: Strange firewall alert - trojan?
Next: adober.exe
From: Duh_OZ on 6 Dec 2006 12:46 Got a standard "message cannot be delievered" in my inbox along with an attachment, so it was off to see if I had a backdoored malware awaiting me. The reason for the bounce back: Reason: LMTP transmission failure has occurred Diagnostic code: smtp;522 5.2.0 Delivery failed: Over quota As to the attachment: ++++ Attachment: No Virus found ++++ Norton AntiVirus - www.symantec.de Bzzzzzz - wrong. Standard Netsky variant - 100% catch rate from virustotal. Either Norton really goofed or the client hasn't updated the virus def's for the last few years LOL. Snip from virustotal: AntiVir 7.2.0.49 12.06.2006 Worm/NetSky.P Authentium 4.93.8 12.05.2006 W32/Netsky.P(a)mm Avast 4.7.892.0 12.06.2006 Win32:Netsky-AF AVG 386 12.06.2006 I-Worm/Netsky.Q
From: Gabriela Salvisberg on 6 Dec 2006 17:57 Am Wed, 06 Dec 2006 09:46:51 -0800 schrieb Duh_OZ: [Got fake bounce message] > As to the attachment: > ++++ Attachment: No Virus found > ++++ Norton AntiVirus - www.symantec.de > > Bzzzzzz - wrong. Standard Netsky variant - 100% catch rate from > virustotal. > > Either Norton really goofed or the client hasn't updated the virus > def's for the last few years LOL. I don't think so. Netsky itself puts that fake AV signature into its fake bounce messages. See for example this Kaspersky description and scroll down to "Message body": http://www.viruslist.com/en/viruses/encyclopedia?virusid=64413 There it says: "+++ Attachment: No Virus found +++ MC-Afee AntiVirus - www.mcafee.com" That's one or better *the* reason why any "No virus found" signature being put into e-mails by several AV apps are completeley useless. Gabriela
From: Duh_OZ on 6 Dec 2006 18:45 Gabriela Salvisberg wrote: > Am Wed, 06 Dec 2006 09:46:51 -0800 schrieb Duh_OZ: > > [Got fake bounce message] > > As to the attachment: > > ++++ Attachment: No Virus found > > ++++ Norton AntiVirus - www.symantec.de > > > > Bzzzzzz - wrong. Standard Netsky variant - 100% catch rate from > > virustotal. > > > > Either Norton really goofed or the client hasn't updated the virus > > def's for the last few years LOL. > > I don't think so. Netsky itself puts that fake AV signature into its fake > bounce messages. See for example this Kaspersky description and scroll > down to "Message body": > http://www.viruslist.com/en/viruses/encyclopedia?virusid=64413 > > There it says: > "+++ Attachment: No Virus found > +++ MC-Afee AntiVirus - www.mcafee.com" > > That's one or better *the* reason why any "No virus found" signature > being put into e-mails by several AV apps are completeley useless. > > Gabriela =========== I'll be darned - first time I recieved one of those. Thanx for the explanation.
From: Potblak on 7 Dec 2006 15:37 "Duh_OZ" <ozzy.kopec(a)gmail.com> wrote in message news:1165448718.545356.115210(a)j44g2000cwa.googlegroups.com... > I'll be darned - first time I recieved one of those. > It certainly won't be the last if you don't hurry up and munge your email address!
|
Pages: 1 Prev: Strange firewall alert - trojan? Next: adober.exe |