Mon, 01 Mar 2004 at 09:06 GMT "Fajar A. Nugraha" <[EMAIL PROTECTED]> wrote
> Since the password is the same, hopefully it won't take virus db team > long to update the signature. > However what IF: > > - there's a new virus > - the virus just passes known (detected) worm, in a zip file > - the zip file is password-protected, and the password always changes > (random, included in email body), thus > - the zip file always changes. Creating signature from zip is > imposssible. > - ClamAV can't extract the real content. > Please forgive my ignorance, I have not used windows in a long time, but if the Zip-file is password protected, how can the virus spread? How does the user trying to extract the content know the password? Especially if it is a "random" password for each file? Rgds. Ola Thoresen ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
