Just recieved this suspicious email in French and an attachment which I didnt open as I dont speak french. I ran it through the Jotti scanner and no AV said it was malware although the scanner said it could be malware because sandbox emulation took a long time. Any opinions on this? This is the french text of the email could someone translate?

Le message est prêt à être envoyé avec le fichier suivant ou les liens joints :
TR_ALittleAngel-Justforyou!Fw_YourInbox

Remarque : pour se protéger de virus informatiques, il se peut que les programmes de messagerie électronique évitent d'envoyer ou de recevoir certains types de pièces jointes. Vérifiez les paramètres de sécurité de votre messagerie électronique pour déterminer de quelle manière les pièces jointes sont gérées.

Seems malware too me, although I don't speak french...

Well the email sender has the same name as a french friend of mine so Im thinking that maybe her pc has been infected and the malware got my name from her email address list.

Although for academic interest knowing the contents is an understandable desire, since you don't speak French, even if it is not malware there is little you can likely do with the attachment. Seems as though deletion is the best option.

From the text below it seems as though the attachment may contain a link to the real package.

Blue

-{ Quote: "PS: my machine assisted translation would be something like:

A message is ready to be sent with the following file or the joined links: TR_ALittleAngel-Justforyou!Fw_YourInbox

Notice: to protect from computer viruses, the mail service avoids sending or receiving certain types of attachments. Verify the security parameters of your electronic mail service to determine in which manner the attachments are managed." }-

I already deleted the email so my concern was for my friends potentially infected pc. The attachment had an eml extension which I believe is used by worms.

If you haven't already, I'd e-mail your concerns to your friend and suggest she scan her system. As an added measure, particularly if she is unsure of what to do or if she does not have current AV protection, I'd direct her to Blackspear's General Cleaning Instructions (http://www.wilderssecurity.com/showthread.php?t=50662) as a good starting point.

Blue

-{ Quote: "The attachment had an eml extension which I believe is used by worms." }-Very true....but .eml's are also used by Outlook Express. As others have said tho....better safe than sorry.

My friend just told me she did indeed send the email and the eml attachment turned out to be a sort of greeting card with a pretty picture which asks that once you recieve it you email it on to other people a sort of cyber chain letter which I wont because I think its a stupid thing to do.

Just out of interest this was the message I got from the Jotti scanner.
"MIGHT BE INFECTED/MALWARE (Sandbox emulation took a long time and/or runtime packers were found, this is suspicious. Normally programs aren't packed and don't force the sandbox into lengthy emulation. Do realize no scanner issued any warning, the file can very well be harmless. Caution is advised, however.)"