The exe files are Windows' executables (applications). Would they do harm to
Linux? When I tried to open an exe file I was told no application was
available.
What do you have on your pendrive? It seems to be a cross platform problem?
And Michael L Torrie is very right about vendors being afraid of lawsuits.
>
>
> Today's Topics:
>
> 1. What's this? I can't believe it! (umarzuki mochlis)
> 2. Re: What's this? I can't believe it! (Brandon Perry)
> 3. Re: What's this? I can't believe it! (Brandon Perry)
> 4. Re: What's this? I can't believe it! (Joe Clements)
> 5. Re: What's this? I can't believe it! (Michael L Torrie)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Sun, 20 Jan 2008 10:35:28 +0800
> From: "umarzuki mochlis" <[EMAIL PROTECTED]>
> Subject: [Clamav-users] What's this? I can't believe it!
> To: clamav-users@lists.clamav.net
> Message-ID:
> <[EMAIL PROTECTED]>
> Content-Type: text/plain; charset=ISO-8859-1
>
> I tried to scan my pendrive and got this.
>
> [EMAIL PROTECTED]:~$ sudo clamscan /media/UM4R
> [sudo] password for umarzuki:
> /media/UM4R/g2p3s.exe: OK
> /media/UM4R/t.exe: OK
> /media/UM4R/smw-1.7-setup.exe: OK
> /media/UM4R/autorun.inf: OK
>
> I believe g2p3s.exe, t.exe and autorun.inf are some sort of trojan or
> something but calm doesn't seem to detect it.
>
> --
> Get money for each referral >> http://tinyurl.com/2pbj3p
> Beta test website for money >> http://tinyurl.com/28ge49
> Get paid for each click! >> http://tinyurl.com/22th2y
>
>
> ------------------------------
>
> Message: 2
> Date: Sat, 19 Jan 2008 20:53:26 -0600
> From: Brandon Perry <[EMAIL PROTECTED]>
> Subject: Re: [Clamav-users] What's this? I can't believe it!
> To: ClamAV users ML <clamav-users@lists.clamav.net>
> Message-ID: <[EMAIL PROTECTED]>
> Content-Type: text/plain
>
> DOes Norton/AVG/McAfee detect them? What makes you think they are
> trojans?
>
>
> On Sun, 2008-01-20 at 10:35 +0800, umarzuki mochlis wrote:
>> I tried to scan my pendrive and got this.
>>
>> [EMAIL PROTECTED]:~$ sudo clamscan /media/UM4R
>> [sudo] password for umarzuki:
>> /media/UM4R/g2p3s.exe: OK
>> /media/UM4R/t.exe: OK
>> /media/UM4R/smw-1.7-setup.exe: OK
>> /media/UM4R/autorun.inf: OK
>>
>> I believe g2p3s.exe, t.exe and autorun.inf are some sort of trojan or
>> something but calm doesn't seem to detect it.
>>
>
>
>
> ------------------------------
>
> Message: 3
> Date: Sat, 19 Jan 2008 21:27:58 -0600
> From: Brandon Perry <[EMAIL PROTECTED]>
> Subject: Re: [Clamav-users] What's this? I can't believe it!
> To: ClamAV users ML <clamav-users@lists.clamav.net>
> Message-ID: <[EMAIL PROTECTED]>
> Content-Type: text/plain
>
> Also, what version are you using? Do you have all the definitions?
>
> On Sun, 2008-01-20 at 10:35 +0800, umarzuki mochlis wrote:
>> I tried to scan my pendrive and got this.
>>
>> [EMAIL PROTECTED]:~$ sudo clamscan /media/UM4R
>> [sudo] password for umarzuki:
>> /media/UM4R/g2p3s.exe: OK
>> /media/UM4R/t.exe: OK
>> /media/UM4R/smw-1.7-setup.exe: OK
>> /media/UM4R/autorun.inf: OK
>>
>> I believe g2p3s.exe, t.exe and autorun.inf are some sort of trojan or
>> something but calm doesn't seem to detect it.
>>
>
>
>
> ------------------------------
>
> Message: 4
> Date: Sun, 20 Jan 2008 04:57:43 +0000
> From: Joe Clements <[EMAIL PROTECTED]>
> Subject: Re: [Clamav-users] What's this? I can't believe it!
> To: ClamAV users ML <clamav-users@lists.clamav.net>
> Message-ID: <[EMAIL PROTECTED]>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> Brandon Perry wrote:
>> Also, what version are you using? Do you have all the definitions?
>>
>> On Sun, 2008-01-20 at 10:35 +0800, umarzuki mochlis wrote:
>>
>>> I tried to scan my pendrive and got this.
>>>
>>> [EMAIL PROTECTED]:~$ sudo clamscan /media/UM4R
>>> [sudo] password for umarzuki:
>>> /media/UM4R/g2p3s.exe: OK
>>> /media/UM4R/t.exe: OK
>>> /media/UM4R/smw-1.7-setup.exe: OK
>>> /media/UM4R/autorun.inf: OK
>>>
>>> I believe g2p3s.exe, t.exe and autorun.inf are some sort of trojan or
>>> something but calm doesn't seem to detect it.
>>>
>>>
>>
>> _______________________________________________
>> Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
>> http://lurker.clamav.net/list/clamav-users.html
>>
>>
> autorun.inf is the standard windows pre installation proceedure. The
> others do look iffy, BUT they are only iffy if proved. Zip them and send
> them to your anti virus people.
>
>
> ------------------------------
>
> Message: 5
> Date: Sat, 19 Jan 2008 23:41:25 -0700
> From: Michael L Torrie <[EMAIL PROTECTED]>
> Subject: Re: [Clamav-users] What's this? I can't believe it!
> To: ClamAV users ML <clamav-users@lists.clamav.net>
> Message-ID: <[EMAIL PROTECTED]>
> Content-Type: text/plain; charset=ISO-8859-1
>
> umarzuki mochlis wrote:
>> I tried to scan my pendrive and got this.
>>
>> [EMAIL PROTECTED]:~$ sudo clamscan /media/UM4R
>> [sudo] password for umarzuki:
>> /media/UM4R/g2p3s.exe: OK
>> /media/UM4R/t.exe: OK
>> /media/UM4R/smw-1.7-setup.exe: OK
>> /media/UM4R/autorun.inf: OK
>>
>> I believe g2p3s.exe, t.exe and autorun.inf are some sort of trojan or
>> something but calm doesn't seem to detect it.
>
> A casual search of google reveals that this is most likely malware, or
> at least something that's a little bit suspicious, shipped by the
> manufacturer (a common thing these days) who probably gets paid by the
> malware vendor. It's not a virus, then, so most AV programs won't flag
> it. Obviously commercial AV programs are reluctant to classify certain
> types of "spyware" as malware because of the risk of a lawsuit from the
> vendor of the malware.
>
> http://www.computing.net/security/wwwboard/forum/22168.html
>
>>
>
>
>
> ------------------------------
>
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
