James Bourne schrieb:
> On Wed, 25 Apr 2007, Christoph Cordes wrote:
>
>> Gary V schrieb:
>>> I received an email with a password protected .rar file that claims to
>>> contain an .exe file that I should run in ordrer to protect me from an
>>> undetected worm. I submitted it and it was recognized as
> ...
>
>> The file inside the archive is already detected. The rar archive is a
>> bit manipulated. The samples i checked so far can't be unpacked with
>> winrar for example, also the linux version of rar has certain problems
>
> This was similar for us but the rar file could be opened with winrar 3.62.
> Of course it is passworded and was passed through the mail server but
> secondary anti-virus software on the clients caught it.
>
I tried the 3.62 as well and got the same error. Do you still have the
file? If so - could you send it to me? Thank you.
--
Best regards,
Christoph mailto:ib@precompiled.de
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
(text/plain)