lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <01a501c66f9f$9822ab90$ca01a8c0@pitgroup.local>
Date: Thu May  4 19:03:29 2006
From: youwishyouknew at somewhere.com (...)
Subject: RE: Panda Antivirus Enterprise Secure,
	Norton Antivirus 2005 and the virus "I Love You"

Symantec Antivirus detected and removed it as "VBS.LoveLetter.CI"

version 10.0.1.1000
engine 61.1.0.11
defs 2006/05/03 rev.18

----- Original Message ----- 
From: "Peter van den Houten" <petervdh@...nge.net>
To: <full-disclosure@...ts.grok.org.uk>
Sent: Thursday, May 04, 2006 4:39 PM
Subject: [Full-disclosure] RE: Panda Antivirus Enterprise Secure, Norton 
Antivirus 2005 and the virus "I Love You"


> My ISP caught it:
> -----------------
> The Orange virus filtering service discovered a virus or unauthorised code 
> (e.g. spyware or trojan) in an email sent to you.
>
> Message sender:       full-disclosure-bounces@...ts.grok.org.uk
> Message recipient(s): petervdh@...nge.net
> Message subject:      [Full-disclosure] RE: Panda Antivirus Enterprise 
> Secure,
> Message date:         Thu, 4 May 2006 13:32:26 +0200 (CEST)
> Message size:         8.84Kb
>
> The e-mail contained this virus or unauthorized code:
> >>> [VBS/LoveLetter-MM]
>
>> On 5/4/06, *Joxean Koret* <> wrote:
>>
>>     Sorry, the email was sended without the attachment.
>>
>>     ---
>>     Regards,
>>     Joxean Koret
>>
>>      > Attached goes a working "I Love You" virus in which
>>      > I
>>      > changed ONLY the variable "dirsystem" with the name
>>      > "kk2" (The file attached have the extension
>>      > ".txt.gz",
>>      > otherwise, with the .vbs extension the file will be
>>      > locked by all the most populars anti-viral
>>      > toolkits).
>>
>>     Disclaimer:
>>     ~~~~~~~~~~~
>>
>>     The information in this advisory and any of its
>>     demonstrations is provided "as is" without any
>>     warranty of any kind.
>>
>>     I am not liable for any direct or indirect damages
>>     caused as a result of using the information or
>>     demonstrations provided in any part of this
>>     advisory.
>>
>>     ----------------------------------------------------------------
>>
>>     Contact:
>>     ~~~~~~~~
>>
>>     Joxean Koret at joxeanpiti<<<<<<<<@>>>>>>>>yah00<<<<<<dot>>>>>es
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ