How to send a suspicious file?

  • Thread starter Thread starter Jacques
  • Start date Start date
J

Jacques

As I understand the help display on top of the window, with Tools/submit a
spyware, you can submit the list of programs already running on your box.
If you have a doubt about one (ore more) files, it should be good to have an
option letting you send any file found on your disk before installing it.
How can I do this?
 
There is a button somewhere in the program--probably in the system
explorers?? which appears to have this function. However, when you press
it, whatever happens is so instantaneous, that I suspect it doesn't do
anything.

So--I don't believe there's a function to do this at the moment--and perhaps
there won't be--they do collect both names of critters and maybe the MD5
hashes via the suspected spyware reports.
 
In system explorers, there is effectively a button when a running program is
not known. This link seems to work as if I clck on it with an unknown
programm (ie Windows Udate ActiveX), it can be seen in FW log and status can
change (this one) or not (ie. Google-IE toolbar).

I don't find any link where I can submit any part of an app which can be
suspect (if I can, I'll definitly prefer send a suspicious befor installing
than after). Another circumstance I sould send is anything found by antother
tool but not by MSAS. Could perhaps be a mailbox like the one used for
errors.log.

Remarque : On my box, there is a lot of programs comming from MicroSoft
that I think must be trusted but aren't ;-). Not a bug but something missing
in the defs which can be CONFUSING for non skilled users.

I hope in released versions, defs will be updated according to SP and Win
Update.
 
Jacques said:
In system explorers, there is effectively a button when a running program
is not known. This link seems to work as if I clck on it with an unknown
programm (ie Windows Udate ActiveX), it can be seen in FW log and status
can change (this one) or not (ie. Google-IE toolbar).

I don't find any link where I can submit any part of an app which can be
suspect (if I can, I'll definitly prefer send a suspicious befor
installing than after). Another circumstance I sould send is anything
found by antother tool but not by MSAS. Could perhaps be a mailbox like
the one used for errors.log.

Remarque : On my box, there is a lot of programs comming from MicroSoft
that I think must be trusted but aren't ;-). Not a bug but something
missing in the defs which can be CONFUSING for non skilled users.

I hope in released versions, defs will be updated according to SP and Win
Update.
Click to expand...

Yes - I see what I know to be legitimate Microsoft controls and programs
marked as unknown as well. I can imagine several reasons for these--and
we've seen one report in these groups of a piece of beta code used beyond
its expiration that was marked as unknown--so some of these may be worth
investigating.

Steve Wechsler has a channel by which he can get suspicious code to the
development team. I know that others are also able to submit such code--so
they may feel that they have sufficient sources and couldn't handle the
volume of a public address.
 
I'm not worried by a specific file now (the one which put me on this idea is
a new variant of a well known virus) but I think it could be usefull in next
releases.
 
Back
Top