Full Disclosure mailing list archives
RE: Where to submit a suspected trojan or virus?
From: "DSardina" <dsardina () si rr com>
Date: Fri, 3 Sep 2004 15:04:56 -0400
submit () diamondcs com au Add trojan to zip file and send away. Nothing accepted over 1mb. -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of John LaCour Sent: Friday, September 03, 2004 1:32 PM To: Scenobro; full-disclosure () lists netsys com Subject: RE: [Full-disclosure] Where to submit a suspected trojan or virus? Here's my list of vendor submission addresses, many of which initially came from Nick Fitzgerald. antivir () dials ru avsubmit.symantec.com ipevirus () vet com au labs () pandasoftware com newvirus () kaspersky com samples () f-secure com submit () sybertrek com submitvirus () fortinet com support () sophos com virus () antivir de virus () authentium com virus () ca com virus () grisoft cz virus_doctor () trendmicro com virus_research () nai com viruslab () f-prot com Most of these want you to send it in a password protected zip file with a password 'infected'. Some of them want the password to be 'virus'. I tend to just send two zip files to everyone on my distribution list. If anyone knows of any others, I'd appreciate the info. -John
-----Original Message----- From: Scenobro [mailto:scenobro () tiscali it] Sent: Thursday, September 02, 2004 9:00 PM To: full-disclosure () lists netsys com Subject: [Full-disclosure] Where to submit a suspected trojan or virus? I found an explorer.exe in my system32 folder which I believe take precedence over the real explorer.exe located in c:\windows. It's a 92K file that seems to be a visual basic program. Among the strings contained in it there is a "C:\TestDL.exe" which I didn't find on my disk and a url "http://www.getupdate.com/TestDownload.exe" which does't exists. (the home page of that site is a textfile containing only "SB2"). I sent the file to virustotal.com and they found nothing. Where I can send this file for analysis? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Where to submit a suspected trojan or virus? Scenobro (Sep 02)
- Re: Where to submit a suspected trojan or virus? Über GuidoZ (Sep 03)
- Re: Where to submit a suspected trojan or virus? Kyle Maxwell (Sep 03)
- Re: Where to submit a suspected trojan or virus? Harlan Carvey (Sep 03)
- Re: Where to submit a suspected trojan or virus? Scenobro (Sep 03)
- Re: Where to submit a suspected trojan or virus? Harlan Carvey (Sep 03)
- <Possible follow-ups>
- RE: Where to submit a suspected trojan or virus? John LaCour (Sep 03)
- RE: Where to submit a suspected trojan or virus? DSardina (Sep 03)
- RE: Where to submit a suspected trojan or virus? Donahue, Pat (Sep 03)