I just received some bastard's product, a worm, with the title
sexyname.scr loaded with the virus W95 Hybris.worm

Norton AV caught it!

Thanks!

<intemej@sympatico.ca> wrote in message news:3EF9D602.9020707@sympatico.ca...
One of my old favorites...it lives!!
It relies pretty heavily on stupidity, thus its enormous success.

Did you attempt to execute the .scr file?
....or did Norton warn you prior to you being given
any chance to do so?

Another satisfied Norton AV user (...or was that the first?) <G>

6 out of 10 anonymous usenet posters prefer NOD 32

"Ian.H [dS]" <ian@WINDOZEdigiserv.net> wrote in message news:rfslfvoqm0g83v5080h68uakrl0ubs0bp1@4ax.com...
Not being "in the know" about such things I could easily be
wrong, but I was under the impression that Vecna coded
this one, and Spanska coded at least one of the 'plug-ins'
("Spirale" which implies collaboration to me, as there is an
encryption key involved).

The plug-in which adds another vector of spread was an
interesting addition too (I wonder who coded that one).

IIRC Dalt mentioned some time ago that Vecna relinquished
the encryption key to another party. Another plus for this one
is the lack (thus far) of a more malicious payload. Let's hope
the new operator continues with this trend.