> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:clamav-users- > [EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] > Sent: 2. marts 2004 13:15 > To: [EMAIL PROTECTED] > Subject: Re: [Clamav-users] password-protected Worm.Bagle.H > > Suggestions? There are really easy ways for the virus writer to > circumvent this type of check but until they start utilizing such > strategies, is it possible to include the zip's crc into ClamAV's sigs? >
>From the (unzipped) samples I've access to they differ in size, so MD5 or other checksums are useless. Best regards, Diego d'Ambra
smime.p7s
Description: S/MIME cryptographic signature
