|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: wmon16.exe
From: Nick FitzGerald (nick
virus-l.demon.co.uk)
Date: Mon May 10 2004 - 19:20:20 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
"Willem Tahon" <tahonun.org> wrote:
> Also keep in mind that some of the AV developers require specific handling
> of viruses (e.g. password-protected zipping) before sending them.
Indeed, which is why the McAfee entry appears as follows:
> Network Associates (McAfee) <virus_researchnai.com>
> (use a ZIP file with the password 'infected' without the quotes)
Some of the others may _prefer_ you to do similar or recommend you to
do so to prevent the attachment being stripped by virus-scanning
gateways between the sender and recipient (though these days, zealous
content-filtering gateways will consider passworded ZIPs suitably
dubious to be stripped anyway), but AFAIK only McAfee "requires" this
(and even then they will accept non-ZIP'ed samples but weird things can
happen due to stuffed-up internal message routing resulting in them
sending you back a malicious file along with a message suggesting there
is nothing wrong with it).
Regards,
Nick FitzGerald
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]