RE: [Declude.Virus] JS.Downloader.Trojan
Now this morning, we get a W32.Netsky.P.dam virus via a data.zip file. I've submitted everything to F-Prot, but I'm surprised that it didn't catch these things. UGH! Do I need to change the virus.cfg file since upgrading to v1.81? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeff Maze Sent: Tuesday, October 12, 2004 8:33 AM To: [EMAIL PROTECTED] Subject: [Declude.Virus] JS.Downloader.Trojan Hello, This got through on two messages.. Since I wasn't checking messages via a Linux box, I can't find the messages that they came through since NIS 2005 automatically deleted the messages.. Any ideas? --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] JS.Downloader.Trojan
Now this morning, we get a W32.Netsky.P.dam virus via a data.zip file. I've submitted everything to F-Prot, but I'm surprised that it didn't catch these things. UGH! The .dam means damaged, another term for a corrupt, non-viable variant. Since these are harmless, many AV programs do not detect them (but some -- usually Norton -- do). -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] JS.Downloader.Trojan
OK.. Thanks for the info Scott.. I tried to look it up on the Symantec site, but there wasn't any info on it, so I didn't know.. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry Sent: Wednesday, October 13, 2004 8:31 AM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] JS.Downloader.Trojan Now this morning, we get a W32.Netsky.P.dam virus via a data.zip file. I've submitted everything to F-Prot, but I'm surprised that it didn't catch these things. UGH! The .dam means damaged, another term for a corrupt, non-viable variant. Since these are harmless, many AV programs do not detect them (but some -- usually Norton -- do). -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] JS.Downloader.Trojan
I have F-prot marking my Thunderbird mail program files as JS.Downloader.Trojan. Symantec Corp 8.0 sees nothing suspicious about the files. Then today F-prot looked in some static Office 2000 files and determined that AGENTANM.DLL AGENTCTL.DLL AGENTDP2.DLL AGENTDPV.DLL AGENTMPX.DLL AGENTPSH.DLL AGENTSR.DLL All had the W32/[EMAIL PROTECTED] Again Symantec claims they are clean and they are flat storage and have not been accessed for over 18 months. I think F-prot is repotrted a little too many false positives lately. I will email them now. DC -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry Sent: Wednesday, October 13, 2004 8:31 AM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] JS.Downloader.Trojan Now this morning, we get a W32.Netsky.P.dam virus via a data.zip file. I've submitted everything to F-Prot, but I'm surprised that it didn't catch these things. UGH! The .dam means damaged, another term for a corrupt, non-viable variant. Since these are harmless, many AV programs do not detect them (but some -- usually Norton -- do). -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
