New one?

M

MJD

Received in an email yesterday;
Subject: FW_good short joke
body text: A shepherd was looking after...
attachment: D2DCmdLog_E.log.exe (61.5KB)

No detection from updated AVG 6 and 7
It may be that it's been stripped of its payload, but I'm not going to
execute it to find out!
 
D

David H. Lipman

Either (primary suggestion) submit a copy to McAfee/AVERT at:
https://www.webimmune.net/default.asp

..or.

(secondary suggestion) ZIP the file into a password protected ZIP file with the password -
infected
and send it to an appropriate address listed on the following URL:
http://vil.nai.com/vil/submit-sample.asp

Please post back any/all results.

Dave


| Received in an email yesterday;
| Subject: FW_good short joke
| body text: A shepherd was looking after...
| attachment: D2DCmdLog_E.log.exe (61.5KB)
|
| No detection from updated AVG 6 and 7
| It may be that it's been stripped of its payload, but I'm not going to
| execute it to find out!
|
|
 
F

FromTheRafters

MJD said:
Received in an email yesterday;
Subject: FW_good short joke
body text: A shepherd was looking after...
attachment: D2DCmdLog_E.log.exe (61.5KB)

No detection from updated AVG 6 and 7
It may be that it's been stripped of its payload, but I'm not going to
execute it to find out!
Click to expand...

Ohh, where's your sense of adventure!? :blush:)
 
M

MJD

FromTheRafters said:
Ohh, where's your sense of adventure!? :blush:)
Click to expand...
Happy New Year to you too!
I'll stick to the quiet life.
(Actually I do have a spare 5yr old computer whose last gasp could be to
fulfil this useful task.)
 
M

MJD

Actually Dave, I've already sent zipped copies to Grisoft and Gladius. As I
actually paid for my AVG's, I reckon Grisoft could have first crack. The
copy to Andy was by way of a HNY present to him.
Martin
 
M

MJD

Grisoft reports "its a damaged I-Worm/Bugbear. The file is corrupted and
unable to run."
AVERT reports the file is infected with w32/bugbear.b.dam (the 'dam'
presumably meaning damaged, but it doesn't make this clear) and goes on to
try to sell me their program which would (they claim) give me a (probably
false) positive.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Is this a virus - startup.com & startup.pif 2
AVG 8 attaches text file to email 6
Please Help! Virus? Avast, Firefox, Windows update quit working 4
New .PDF malware (?) 51
How to pop-out specific outlook emails in a new window through VBA Script in a forward Mode. 0
Another new email worm 5
Outlook 2002 does not display html in the body of messages 1
many viruses so-called emitted by symantec ? 1

Top