Re: [Declude.Virus] mabuto virus
I have a bounced mail from my postmaster account trying to warn someone about the mailto:W32/[EMAIL PROTECTED]W32/[EMAIL PROTECTED] virus they sent. 1) Is this a verry new virus? Neither f-prot, Sophos nor Symantec even heard of it but the f-prot partner site http://www.authentium.com/http://www.authentium.com/ has heard of it, but that's all the information I can find on that site, they have heard of it and are catching it. I believe it came out about a week ago. 2) Is this a forging virus we need to add to the list? If so, does Declude allready have it in his forging virus list? It appears to be a forging virus, although we do not have enough information yet to determine that for certain (we have, however, added it to the forging virus database to be safe). -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] mabuto virus
http://www.gordano.co.uk/kb.htm?q=2297talks about virus definitions from 28 July 2004 and Mabuto, so it can't be a new one from today. Markus From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bonno BloksmaSent: Monday, August 09, 2004 12:23 PMTo: [EMAIL PROTECTED]Subject: [Declude.Virus] mabuto virus Hi, I have a bounced mail from my postmaster account trying to warn someone about the W32/[EMAIL PROTECTED] virus they sent. 1) Is this a verry new virus? Neither f-prot, Sophos nor Symantec even heard of it but the f-prot partner site http://www.authentium.com/has heard of it, but that's all the information I can find on that site, they have heard of it and are catching it. 2) Is this a forging virus we need to add to the list? If so, does Declude allready have it in his forging virus list? Groetjes, Bonno Bloksma
RE: [Declude.Virus] mabuto virus
2) Is this a forging virus we need to add to the list? If so, does Declude allready have it in his forging virus list? It appears to be a forging virus, although we do not have enough information yet to determine that for certain (we have, however, added it to the forging virus database to be safe). I've seen 5 Mabuto's from 29 July on. Up to now there was no NDR's for our Virus warnings but looking at the mail headers it seems that he's forging with real existing email addresses. Markus --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.