Maren Leizaola wrote:
Noel Jones wrote:
At 02:36 AM 7/27/2006, Maren Leizaola wrote:
LibClamAV debug: Recognized ZIP file
LibClamAV debug: in scanzip()
OK, clam knows it's a zip file and starts the scanzip() routine.
LibClamAV debug: Zip: upiiwsat/qjflcanjes.dll, crc32: 0x822b7df8,
offset: 0, encrypted: 1, compressed: 1253, normal: 2004, method: 8,
ratio: 1 (max: 250)
LibClamAV debug: Small data (0 bytes)
LibClamAV debug: Zip: upiiwsat/, crc32: 0x0, offset: 1306,
encrypted: 0, compressed: 0, normal: 0, method: 0, ratio: 0 (max: 250)
LibClamAV debug: Zip: xqkioayseo.exe, crc32: 0xb3303819, offset:
1345, encrypted: 1, compressed: 83555, normal: 94126, method: 8,
ratio: 1 (max: 250)
Oops... encrypted: 1
Your zip files are encrypted. Clamav (or anything else) cannot test
files within an encrypted archive.
Yes, true, however the other server is able to detect that this is a
virus...
sorry I am wrong, this is same virus is not detected on the other
server. I must have had a virus arrive at the same time and got confused
on the other server on prior testing.
_______________________________________________
http://lurker.clamav.net/list/clamav-users.html
