I am seeing MyDoom.m coming through, but when i run clamscan or clamdscan on the directory where i save the zip, clamav identifies it as MyDoom.m
If I unzip it there is a message.cmd file which is executable and not broken binary rubbish. The worrying thing is, my mail server has identified 450 MyDoom.m viruses since midnight last night. What is going on here? I am running 0.75 latest stable. On Wednesday 28 July 2004 07:58, Trog wrote: > On Tue, 2004-07-27 at 22:48, Jim wrote: > > The new [EMAIL PROTECTED] zipped versions are getting through my > > clamav/amavisd-new/spamassassin box. > > > > It is stopping and dropping zipped versions of Bagle, but no luck with > > zipped versions of mydoom.M > > > > Any one else expereincing this? > > The only Mydoom.M I've seen not get detected are in fact just broken > binary rubbish that are harmless as they are not executable. > > This includes files that are zipped and doubly zipped. > > -trog -- +-------------------------------------+ (0> Scott Ryan //\ Unix/Linux Systems Engineer V_/_ Telkom Internet - SA +-------------------------------------+ Email: [EMAIL PROTECTED] Cell: +27721164832 Work: +27126807835 +-------------------------------------+ ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
