>>> Michael Scheidell wrote: >>>> >>>> than trys to load a binary: >>>> >>>> ref="http://www.spamcom.com.br/CartadeAmor.exe" >>>> >>>> both files still exist on the hosts, and neither was >>>> identified by clamav, and neither triggered any ET >>>> (snort) rules, SA didn't trigger any rules except >>>> these:
ClamAV nor F-Prot on Linux did not detect this, but AVG Free on Windows did, and quarantined it gracefully.