[Dshield] What triggered the positive false alarms (Was: Anunfixed highly critical vulnerability discovered in Microsoft Internet Explorer)

Akuanata Akasha aakasha at houston.rr.com
Thu Apr 15 23:08:20 GMT 2004


I immediately quarantined and deleted the attachment, and thought it best to
warn everyone of the occurrence. Your email, was the last of the three, so
what you say could indeed be the case. Here is the activity report:

Source: Unknown00000000.data 
Description: The email attachment Unknown00000000.data within
Unknown00000000.data is infected with the Bloodhound.Exploit.6 virus. 
Click for more information about this virus : Bloodhound.Exploit.6

-----Original Message-----
From: list-bounces at lists.dshield.org [mailto:list-bounces at lists.dshield.org]
On Behalf Of Peter Stendahl-Juvonen
Sent: Thursday, April 15, 2004 4:37 PM
To: 'General DShield Discussion List'
Subject: RE: [Dshield] What triggered the positive false alarms (Was:
Anunfixed highly critical vulnerability discovered in Microsoft Internet
Explorer)


RE: [Dshield] What triggered the positive false alarms (Was: An
unfixedhighly critical vulnerability discovered in Microsoft Internet
Explorer)

list-bounces at lists.dshield.org <mailto:list-bounces at lists.dshield.org>
wrote on Thursday, April 15, 2004 11:49 PM UTC+3 on behalf of Akuanata
Akasha

| I'm sending this post to the three user's I've just received email 
| from. I received a virus called, "Bloodhound.exploit.6", as an 
| Attachment. Please scan your PC, to be safe. You are one of three 
| emails, that I've received in the past 4 hours.
| 
| Thanks
| 
| A.Akasha


Akuanata et al.

Please kindly specify what attachment you refer to. At least my post to the
list did NOT contain any attachment what so ever.

There was only an example string of characters in the body of that email.
That example string of characters (in the body of the email) triggers, e.g.
Symantec's Norton AntiVirus2004 to prompt a pop-up Virus Alert.

Please note that there is no valid cause for the Virus Alert I am referring
to. It is a so-called "positive false alert", "positive false alarm" or
"positive false detection" caused by a malfunction in the virus or threat
detection mechanism of the Anti-Virus S/W.


- Pete


      "It's not what you look at that matters, it's what you see."
        Henry David Thoreau (1817 - 1862) US essayist, poet.


_______________________________________________
list mailing list
list at lists.dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list