[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Re: WINDOWS XP: Idiot Engineering 101

To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] Re: WINDOWS XP: Idiot Engineering 101
From: Nick FitzGerald <nick@virus-l.demon.co.uk>
Date: Mon, 26 Jan 2004 22:59:44 +1300

Feher Tamas <etomcat@freemail.hu> wrote:

> >take a look!!!
> >
> >http://www.malware.com/my.pics.zip
> 
> TrojanDropper.JS.Mimail.B

I know you probably think you are being helpful posting these incorrect 
virus detection reports when folk post URLs to various pieces of 
interesting software, but it woud be much more helpful were to point 
out the silly errors in these "detections" rather than just posting  
the reported malware names.

For example, the other day you told us that Kaspersky AV detected
"TrojanDropper.Win32.Delf.bw" in a file adjacent to one under 
discussion, when in fact, that file is the toolkit used to build a 
particular kind of dropped.

And now you tell us that some unnamed scanner (but to the expert eye 
also almost certainly KAV again) has detected a Mimail dropper in a 
file that certainly is not a Mimail dropper.

Don't you see how the more detailed versions of these stories are 
likely more informative and helpful to the less virus-expert among
F-D's readers?

Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Re: WINDOWS XP: Idiot Engineering 101
  - From: Feher Tamas <etomcat@freemail.hu>

Prev by Date: [Full-Disclosure] Advisory 01/2004: 12 x Gaim remote overflows
Next by Date: Re: [Full-Disclosure] Outlook Express - is this possible?
Previous by thread: [Full-Disclosure] Re: WINDOWS XP: Idiot Engineering 101
Next by thread: [Full-Disclosure] Yes another phishing scam
Index(es):
- Date
- Thread