RE: [Declude.Virus] New Virus (.exe) in a zip attachment?
We are seeing them come in. The common static denominators are: 1. Subject line UPS Tracking Number 2. Body contains Unfortunately we were not able to deliver postal package you sent on July the 1st in time because the recipient's address is not correct. Please print out the invoice copy attached and collect the package at our office Your UPS Mike -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Randy Armbrecht Sent: Monday, July 21, 2008 4:23 PM To: declude.virus@declude.com Subject: [Declude.Virus] New Virus (.exe) in a zip attachment? We juat saw a new apparent virus/phishing threat come across trying to imposter as a failed UPS delivery notice. The file attached was called UPS_INVOICE_978172.zip and included a .exe file within. Is their anyway to catch these in the BanFile area of Declude? We do allow banned files within a zip in our current config. It would have to be set up as a wild card I imagine (assuming the numbers in the file name would change). We've only seen one of these so far, so do not have anything else to compare to to see if name is changing or not. --- Randy A. Technical Support Director Global Web Solutions, Inc. 804-442-5300 http://globalweb.net --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] New Virus (.exe) in a zip attachment?
This also appears to been out in other forms in the last few days. Google it. M --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] runclamd and runclamscan
These files are within the latest version in clamav-0.88.5-1. (http://www.sosdg.org/clamav-win32/index.php) Just need to make sure you check the Contributed Tools check box during the installation. The directories/files will be installed in C:\clamav-devel\thirdparty directory. Mike -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Doug Traylor Sent: Wednesday, November 01, 2006 1:57 PM To: declude.virus@declude.com Subject: Re: [Declude.Virus] runclamd and runclamscan Looks like the web page for runclamd and runclamscan http://www.smartbusiness.com/imail/declude/ has been removed. For the time being, it, and the files linked to, can still be accessed at Google's cache: http://72.14.203.104/search?q=cache:XBeX2LhdbnoJ:www.smartbusiness.com/imail /declude/ or http://tinyurl.com/y4j2yl Just in case you need it, Doug (master of the obvious) --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] New virus new__price.zip
Worm.Win32.Bagle.AL price.zip price2.zip price_new.zip price_08.zip 08_price.zip newprice.zip new_price.zip new__price.zip Michael Jaworski Puget Sound Network, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Markus Gufler Sent: Tuesday, March 01, 2005 7:25 AM To: Declude.Virus@declude.com Subject: [Declude.Virus] New virus new__price.zip Seems there is something going on, please check your virus logs. ... Markus --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: Re[10]: [Declude.Virus] testvirus.org #22
Andrew, Nice work. Thanks for the contribution. This is one of the best benefits of the list. Mike -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Colbeck, Andrew Sent: Wednesday, February 02, 2005 10:13 AM To: Declude.Virus@declude.com Subject: RE: Re[10]: [Declude.Virus] testvirus.org #22 My configuration is catching it. I've attached the entire configuration file with my email address and licence munged. I've also attached what my log lines look line when the virus is caught. Andrew 8) --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.