[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <3FFFFCDB.24948.346F79A7@localhost>
From: nick at virus-l.demon.co.uk (Nick FitzGerald)
Subject: Virus / Trojan
"Otero, Hernan (EDS)" <HOtero@...chile.cl> wrote:
> Today found this suspicious file attached to an email, obviously is a virus
> (our AV don?t detect it :-( ). The virus/trojan is very simple, the
> developer only put effort in obfuscate the strings inside the binary.
If you suspect it is a virus, why in heck post a sample to a public
mailing list?
If you suspect something is a new virus or other malware and your AV
does not detect, for pity's sake send a sample of it to your AV
developer. Better yet, send a sample to several AV developers you
trust to analyse it properly and report back to you, but whatever else
you do, do not send copies of it to thousands upon thousands of unknown
folk. Fortunately the mail service you sent this from uses an AV that
was updated for detecting this malware than the service where you
received it (or, if the same service, the required update arrived in
the interim between initial receipt and re-sending) and the file was
detached from your message...
--
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854
Powered by blists - more mailing lists