a request i think would be maybe very helpfull to us in the field, would be a online databse that we could use to cross refrence any suspecious files found against, so that we can move the process on, while we wait for the labs to comeback with results. eg: if getsusp finds a file that might be suspecious, ( an we are in offline mode) we can than run it against your online database, verify the file and maybe be able to create a access protection rule in VirusScan to block it until the file is added to the dats or the Artiems detections database.
sorry about spelling, IE9 a bit crazy :)
You could cross reference antivirus vendor detections against a md5 hash using this Virus Total link : http://www.virustotal.com/search.html
This should help in verifying suspicions about any file.
Message was edited by: Vinoo Thomas on 29/10/10 3:39:49 PM IST