Sooo my question is that at this point, does clamav have the ability to pick up the passworded zip file sent by a specific bagle variant, while passing others along undetected? the testvirus.org password protected zip gets through :-( So I wondered if just the bagle virus with the passworded zip has a specific signature attached.
My config: running clamscan .70-rc grep -v "#" clamav.conf | strings | sort AllowSupplementaryGroups ArchiveMaxCompressionRatio 200 ArchiveMaxFileSize 10M ArchiveMaxFiles 1000 ArchiveMaxRecursion 5 ClamukoIncludePath /home ClamukoMaxFileSize 1M ClamukoScanArchive ClamukoScanOnClose ClamukoScanOnExec ClamukoScanOnOpen DatabaseDirectory /usr/local/share/clamav FixStaleSocket LocalSocket /var/run/clamav/clamd LogFile /var/log/clamav/clamd.log LogFileMaxSize 5M LogTime MaxConnectionQueueLength 30 MaxDirectoryRecursion 15 MaxThreads 15 PidFile /var/run/clamav/clamd.pid ScanArchive ScanMail ScanOLE2 ThreadTimeout 500
Thanks! -Bart
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
