John at ensemble
Aug 4, 2003, 7:53 AM
Post #7 of 11
RE: Signature for W32.Mimail.A@mm available?
[In reply to]
I cron a Freshclam every hour and my log reports that the update you
mention was executed. I am also seeing occasional reports of the
Trojan.Dropper.C virus being detected.
I will investigate the Symantec report I received from our Exchange server
and see if I can work out a timeline.
From: Tomasz Papszun [mailto:tomek-clam-users [at] lodz]
Sent: Monday, August 04, 2003 7:45 AM
To: clamav-users [at] lists
Subject: Re: [Clamav-users] Signature for W32.Mimail.A [at] m available?
On Mon, 04 Aug 2003 at 7:24:02 -0700, John Birkhead wrote:
> Looks like the above worm is making it's way around and we have
> received a few copies already. Any idea when the virus db will be updated
> detect this?
> John Birkhead
Are you sure that these copies were W32.Mimail.A [at] m indeed? Was you
viruses.db2 updated successfully?
The signature of Worm.Mimail.A was added to the db2 about "Sat, 2 Aug
2003 00:20:55 +0200" (with other name: Trojan.Dropper.C).
BTW, a simple workaround is _not_ accept mail from "admin [at] your_domai"
(of course replace "your_domain" with the real name of your domain and
any other domains you are hosting). This virus sends itself using such
You can also subscribe to clamav-virusdb [at] lists
so that you'll be notified about updates of the database.
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
tomek [at] lodz http://www.lodz.tpsa.pl/ | ones and zeros.
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
Clamav-users mailing list
Clamav-users [at] lists