At 11:32 PM 7/10/02 -0700, you wrote: >============== > mailman-2.1b2.tgz > ArchiveType: GZ > --> mailman-2.1b2.tar > Contains code of W32/Nimda.eml >============== > >Someone please put my mind at ease. Is this a false virus find? >Before testing the beta (2 mo's ago) I checked with symantec -- No virus. >With AntiVir (current personal release) the above Nimda virus is 'found'. >I do not remember the mirror on ><http://sourceforge.net/project/showfiles.php>http://sourceforge.net/project/showfiles.php > >used but I believe it to be the same as Virginia, North America or >telia.dl.sourceforge.net_sourceforge ... > >I repeated the virgina download and rescanned .. same 'virus' code found... > >should I be concerned? >
There's an inactive piece of a nimda file in one of the test files, not even complete, it's just the mime wrapper that a nimda once came, in, with the payload replaced by XXXXX; apparently it's just enough to trigger *that* scanner, but the other scanners realize that it's not the same file. Your scanner is operating on a *really* narrow pattern, since there's no payload in the note, it has to be picking up either the subject of the message in the test file, or the filename of the fake mime attachment... ------------------------------------------------------ Mailman-Users mailing list [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
