"Jim Maul" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Any more ideas?
I just installed ClamAV 0.71 (Windows build devel-20040520) today (upgraded from 0.70) and now I'm getting virii through to our email accounts with similar symptoms. One of the original unmodified emails that is causing problems can be downloaded from http://www.nevrona.com/virus.txt If I submit this file to the online scanner I get this back: File is valid, and was successfully uploaded. clamav scans the file ... Clamav-Output: /tmp/phpk0Orlc: Worm.SomeFool.P FOUND And found something: Worm.SomeFool.P If I scan it with command line clamscan: C:\MailServer\VirusTemp>\clamav-devel\bin\clamscan.exe --mbox virus.eml virus.eml: OK ----------- SCAN SUMMARY ----------- Known viruses: 21693 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 0.04 MB I/O buffer size: 131072 bytes Time: 0.564 sec (0 m 0 s) I am all up to date on my virus database: C:\MailServer\VirusTemp>\clamav-devel\bin\freshclam.exe ClamAV update process started at Tue May 25 01:25:31 2004 Reading CVD header (main.cvd): OK main.cvd is up to date (version: 23, sigs: 21096, f-level: 2, builder: ddm) Reading CVD header (daily.cvd): OK daily.cvd is up to date (version: 328, sigs: 597, f-level: 2, builder: trog) If I extract the zip file contained in the email (using Outlook Express) and scan it with ClamAV the virus is found: C:\MailServer\VirusTemp>\clamav-devel\bin\clamscan.exe message.zip message.zip: Worm.SomeFool.P FOUND ----------- SCAN SUMMARY ----------- Known viruses: 21693 Scanned directories: 0 Scanned files: 1 Infected files: 1 Data scanned: 0.03 MB I/O buffer size: 131072 bytes Time: 0.537 sec (0 m 0 s) AFAICT, everything is configured as it has always been and the scanner is catching other infected emails just fine. Let me know if you need more info, Jim Gunkel Nevrona Designs ------------------------------------------------------- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
