USA Missle Strike: Iran War just have started

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Well, not really ;-)    The subject heading's spelling error and
improper grammar should be a hint that the attached file is malware
LOL.

Got one of the e-mails containing the newest spreading malware making
the rounds.    Submitted it (news.exe) to VirusTotal, results below.
(Sorry a typo so I had it scanned in the Spanish page)..  For shame to
McAfee for missing it!

F-Secure write up:
http://www.f-secure.com/v-descs/email-worm_w32_zhelatin_cq.shtml


AhnLab-V3    2007.4.10.0    09.04.2007    no ha encontrado virus
AntiVir    7.3.1.48    09.04.2007    TR/Small.DBY.BS
Authentium    4.93.8    08.04.2007    W32/Trojan.ADUB
Avast    4.7.936.0    08.04.2007    no ha encontrado virus
AVG    7.5.0.447    08.04.2007    no ha encontrado virus
BitDefender    7.2    09.04.2007    Trojan.Peed.Gen
CAT-QuickHeal    9.00    09.04.2007    (Suspicious) - DNAScan
ClamAV    devel-20070312    09.04.2007    Trojan.Small-1604
DrWeb    4.33    09.04.2007    Trojan.Packed.80
eSafe    7.0.15.0    08.04.2007    Suspicious Trojan/Worm
eTrust-Vet    30.7.3549    06.04.2007    no ha encontrado virus
Ewido    4.0    09.04.2007    no ha encontrado virus
FileAdvisor    1    09.04.2007    no ha encontrado virus
Fortinet    2.85.0.0    09.04.2007    W32/Tibs.LO@mm
F-Prot    4.3.1.45    08.04.2007    W32/Trojan.ADUB
F-Secure    6.70.13030.0    09.04.2007    Email-Worm.Win32.Zhelatin.cq
Ikarus    T3.1.1.3    09.04.2007    Trojan.Peed
Kaspersky    4.0.2.24    09.04.2007    Email-Worm.Win32.Zhelatin.cq
McAfee    5003    06.04.2007    no ha encontrado virus
Microsoft    1.2405    09.04.2007    no ha encontrado virus
NOD32v2    2175    09.04.2007    Win32/Nuwar.gen
Norman    5.80.02    09.04.2007    no ha encontrado virus
Panda    9.0.0.4    09.04.2007    no ha encontrado virus
Prevx1    V2    09.04.2007    Polynomial.Code.Exploit
Sophos    4.16.0    06.04.2007    no ha encontrado virus
Sunbelt    2.2.907.0    07.04.2007    VIPRE.Suspicious
Symantec    10    09.04.2007    Trojan.Packed.13
TheHacker    6.1.6.088    09.04.2007    no ha encontrado virus
VBA32    3.11.3    09.04.2007    no ha encontrado virus
VirusBuster    4.3.7:9    08.04.2007    no ha encontrado virus
Webwasher-Gateway    6.0.1    09.04.2007    Trojan.Small.DBY.BS


Re: USA Missle Strike: Iran War just have started


| Well, not really ;-)    The subject heading's spelling error and
| improper grammar should be a hint that the attached file is malware
| LOL.
|
| Got one of the e-mails containing the newest spreading malware making
| the rounds.    Submitted it (news.exe) to VirusTotal, results below.
| (Sorry a typo so I had it scanned in the Spanish page)..  For shame to
| McAfee for missing it!
|
| F-Secure write up:
| http://www.f-secure.com/v-descs/email-worm_w32_zhelatin_cq.shtml
|

< snip >

One of the ones I recveived had the subject "Iran starts World War III"

McAfee has been doing piss poor lately and is falling behind rapidly.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: USA Missle Strike: Iran War just have started

Quoted text here. Click to load it
Starting to get the 'ole postcard and flash_postcard attachments -
most likely from idiots running the news.exe malware attachment.
Scan of both files below.

Still only one one account (I have 9 e-mail addresses LOL).     gmail
is filtering out the phony M$ update attachments- don't have a chance
to get to them ;-(

flash_postcard scan:
==========
AhnLab-V3    2007.4.12.0    04.12.2007    no virus found
AntiVir    7.3.1.50    04.12.2007    TR/Small.DBY.BW
Authentium    4.93.8    04.12.2007    W32/Trojan.AEJV
Avast    4.7.936.0    04.11.2007    no virus found
AVG    7.5.0.447    04.12.2007    no virus found
BitDefender    7.2    04.12.2007    Trojan.Peed.Gen
CAT-QuickHeal    9.00    04.12.2007    (Suspicious) - DNAScan
ClamAV    devel-20070312    04.12.2007    Trojan.Small-1641
DrWeb    4.33    04.12.2007    no virus found
eSafe    7.0.15.0    04.12.2007    Suspicious Trojan/Worm
eTrust-Vet    30.7.3562    04.12.2007    no virus found
Ewido    4.0    04.12.2007    no virus found
FileAdvisor    1    04.12.2007    no virus found
Fortinet    2.85.0.0    04.12.2007    suspicious
F-Prot    4.3.2.48    04.12.2007    W32/Trojan.AEJV
F-Secure    6.70.13030.0    04.12.2007    Email-Worm.Win32.Zhelatin.ct
Ikarus    T3.1.1.5    04.12.2007    Email-Worm.Win32.Zhelatin.ct
Kaspersky    4.0.2.24    04.12.2007    Email-Worm.Win32.Zhelatin.ct
McAfee    5006    04.11.2007    no virus found
Microsoft    1.2405    04.12.2007    no virus found
NOD32v2    2184    04.12.2007    Win32/Nuwar.Gen
Norman    5.80.02    04.12.2007    no virus found
Panda    9.0.0.4    04.12.2007    no virus found
Prevx1    V2    04.12.2007    no virus found
Sophos    4.16.0    04.12.2007    no virus found
Sunbelt    2.2.907.0    04.07.2007    VIPRE.Suspicious
Symantec    10    04.12.2007    Trojan.Packed.13
TheHacker    6.1.6.088    04.09.2007    no virus found
VBA32    3.11.3    04.12.2007    no virus found
VirusBuster    4.3.7:9    04.12.2007    no virus found
Webwasher-Gateway    6.0.1    04.12.2007    Trojan.Small.DBY.BW
=========

postcard.exe (Hey McAfee caught one!)
=========
AhnLab-V3    2007.4.12.0    04.12.2007    no virus found
AntiVir    7.3.1.50    04.12.2007    TR/Small.DBY.BV
Authentium    4.93.8    04.12.2007    W32/Trojan.ADVQ
Avast    4.7.936.0    04.11.2007    no virus found
AVG    7.5.0.447    04.12.2007    Downloader.Tibs.4.AC
BitDefender    7.2    04.12.2007    Trojan.Peed.Gen
CAT-QuickHeal    9.00    04.12.2007    I-Worm.Zhelatine.ch
ClamAV    devel-20070312    04.12.2007    Trojan.Small-1610
DrWeb    4.33    04.12.2007    Trojan.Packed.83
eSafe    7.0.15.0    04.12.2007    Suspicious Trojan/Worm
eTrust-Vet    30.7.3562    04.12.2007    no virus found
Ewido    4.0    04.12.2007    no virus found
FileAdvisor    1    04.12.2007    no virus found
Fortinet    2.85.0.0    04.12.2007    W32/PkTibs.fam!tr
F-Prot    4.3.2.48    04.12.2007    W32/Trojan.ADVQ
F-Secure    6.70.13030.0    04.12.2007    Email-Worm.Win32.Zhelatin.cs
Ikarus    T3.1.1.5    04.12.2007    Email-Worm.Win32.Zhelatin.cs
Kaspersky    4.0.2.24    04.12.2007    Email-Worm.Win32.Zhelatin.cs
McAfee    5006    04.11.2007    New Malware.br
Microsoft    1.2405    04.12.2007    no virus found
NOD32v2    2184    04.12.2007    Win32/Nuwar.Gen
Norman    5.80.02    04.12.2007    no virus found
Panda    9.0.0.4    04.12.2007    no virus found
Prevx1    V2    04.12.2007    no virus found
Sophos    4.16.0    04.12.2007    no virus found
Sunbelt    2.2.907.0    04.07.2007    VIPRE.Suspicious
Symantec    10    04.12.2007    Trojan.Packed.13
TheHacker    6.1.6.088    04.09.2007    no virus found
VBA32    3.11.3    04.12.2007    no virus found
VirusBuster    4.3.7:9    04.12.2007    Trojan.Tibs.Gen!Pac.95
Webwasher-Gateway    6.0.1    04.12.2007    Trojan.Small.DBY.BV
========


Site Timeline