James Bourne schrieb: > On Wed, 25 Apr 2007, Christoph Cordes wrote: > >> Gary V schrieb: >>> I received an email with a password protected .rar file that claims to >>> contain an .exe file that I should run in ordrer to protect me from an >>> undetected worm. I submitted it and it was recognized as > ... > >> The file inside the archive is already detected. The rar archive is a >> bit manipulated. The samples i checked so far can't be unpacked with >> winrar for example, also the linux version of rar has certain problems > > This was similar for us but the rar file could be opened with winrar 3.62. > Of course it is passworded and was passed through the mail server but > secondary anti-virus software on the clients caught it. >
I tried the 3.62 as well and got the same error. Do you still have the file? If so - could you send it to me? Thank you. -- Best regards, Christoph mailto:[EMAIL PROTECTED] _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
