Is this malware?

Discussion in 'other anti-virus software' started by I who know nothing, Mar 22, 2005.

Thread Status:
Not open for further replies.
  1. Just recieved this suspicious email in French and an attachment which I didnt open as I dont speak french. I ran it through the Jotti scanner and no AV said it was malware although the scanner said it could be malware because sandbox emulation took a long time. Any opinions on this? This is the french text of the email could someone translate?

    Le message est prêt à être envoyé avec le fichier suivant ou les liens joints :
    TR_ALittleAngel-Justforyou!Fw_YourInbox

    Remarque : pour se protéger de virus informatiques, il se peut que les programmes de messagerie électronique évitent d'envoyer ou de recevoir certains types de pièces jointes. Vérifiez les paramètres de sécurité de votre messagerie électronique pour déterminer de quelle manière les pièces jointes sont gérées.
     
  2. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    Seems malware too me, although I don't speak french...
     
  3. Well the email sender has the same name as a french friend of mine so Im thinking that maybe her pc has been infected and the malware got my name from her email address list.
     
  4. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Although for academic interest knowing the contents is an understandable desire, since you don't speak French, even if it is not malware there is little you can likely do with the attachment. Seems as though deletion is the best option.

    From the text below it seems as though the attachment may contain a link to the real package.

    Blue

     
  5. I already deleted the email so my concern was for my friends potentially infected pc. The attachment had an eml extension which I believe is used by worms.
     
  6. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    If you haven't already, I'd e-mail your concerns to your friend and suggest she scan her system. As an added measure, particularly if she is unsure of what to do or if she does not have current AV protection, I'd direct her to Blackspear's General Cleaning Instructions as a good starting point.

    Blue
     
  7. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Very true....but .eml's are also used by Outlook Express. As others have said tho....better safe than sorry.
     
  8. My friend just told me she did indeed send the email and the eml attachment turned out to be a sort of greeting card with a pretty picture which asks that once you recieve it you email it on to other people a sort of cyber chain letter which I wont because I think its a stupid thing to do.

    Just out of interest this was the message I got from the Jotti scanner.
    "MIGHT BE INFECTED/MALWARE (Sandbox emulation took a long time and/or runtime packers were found, this is suspicious. Normally programs aren't packed and don't force the sandbox into lengthy emulation. Do realize no scanner issued any warning, the file can very well be harmless. Caution is advised, however.)"
     
Loading...
Thread Status:
Not open for further replies.