On Wed, 25 Apr 2007, Christoph Cordes wrote: > Gary V schrieb: >> I received an email with a password protected .rar file that claims to >> contain an .exe file that I should run in ordrer to protect me from an >> undetected worm. I submitted it and it was recognized as ...
> The file inside the archive is already detected. The rar archive is a > bit manipulated. The samples i checked so far can't be unpacked with > winrar for example, also the linux version of rar has certain problems This was similar for us but the rar file could be opened with winrar 3.62. Of course it is passworded and was passed through the mail server but secondary anti-virus software on the clients caught it. Regards James -- James Bourne | Email: [EMAIL PROTECTED] UNIX Systems Administration | WWW: http://www.hardrock.org Custom UNIX Programming | Linux: The choice of a GNU generation ---------------------------------------------------------------------- "All you need's an occasional kick in the philosophy." Frank Herbert _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
