Skip navigation.
Home

Got an email-spammed virus.

|

MD5SUM: 4988ef8f16b40fc96f0bbe410df30702
SHA1SUM: 7ba788949036e30ca3ed346c88abe33585760c7d
SHA256SUM: 95bbde188afcce0fbb8060cb97e6a5433422f0adca65fb513f47217f50125961

The text of the message was:
>Mail server report.
>
>Our firewall determined the e-mails containing worm copies are being sent
>from your computer.
>
>Nowadays it happens from many computers, because this is a new virus type
>(Network Worms).
>
>
>Using the new bug in the Windows, these viruses infect the computer
>unnoticeably.
>After the penetrating into the computer the virus harvests all the e-mail
>addresses and sends the copies of itself to these e-mail
>addresses
>
>Please install updates for worm elimination and your computer restoring.
>
>Best regards,
>Customers support service

And the file name was Update-KB9676-x86.exe

ClamAV, our incoming scanner didn't detect it.

-- Pi

ClamAV didn't detect it -

ClamAV didn't detect it - thats odd!

I scanned it through Jotti and ClamAv picked it up as: Worm.Stration.AL-1

Odd. The Clam on OC didn't

Odd. The Clam on OC didn't see anything, nor did our milter.

ill make sure

we have updated signatures.

V.