On Tue, 02 Mar 2004 at 4:14:52 -0800, [EMAIL PROTECTED] wrote: > > > Worm.Bagle.H found in unzipped file. It\'s impossible > > to create signature of encrypted zip file. > > This new infection method is likely to drive us nuts. This is the > password-less workaround I've come up with and your input is appreciated. > The unix unzip output looks like so: [...] > 21150 Stored 21150 0% 03-01-04 19:33 7ac0095f hifrm.scr [...] > Fortunately we can get the file crc w/o actually extracting the file. [...]
It gives nothing as copies of Worm.Bagle.H (and previous variants also) vary in their contents and even sizes. So checksums are different. -- Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only [EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros. [EMAIL PROTECTED] http://www.ClamAV.net/ A GPL virus scanner ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users