On Tue, 2005-03-22 at 18:31, John Hinton wrote: > John Hinton wrote: > > > In the last couple of weeks, I'm getting reports from users that > > Norton is reporting W32.Netsky.P making it through from my servers. > > I'm configured right, have the latest db updates. I'm wondering if > > this is another of Norton's reporting of 'broken' viruses? I searched > > the list and only could find data from 2004. > > > > I do know that these are appearing as at least .pif and .jpg extensions. > > > > Sorry, but I don't have one of these messages to send to the clam > > report virus system. > > > > Seems all other viruses are being handled by Clam on these machines. > > > Meanwhile.... if I could interupt the regularly posted AV/Phishing > thread.... :) And yes, I have had to bite my fingers on that one. > > Have I missed something here? Did I ask the wrong question? Did I not > provide clear or enough information? Am I on the wrong list? > > Basically, all I'm trying to find out. > > Norton is detecting W32.Netsky.P in Clamscanned email coming from my > servers. > > ClamAV is not catching it. > > ClamAV seems to be working fine in all other areas on other viruses. > Virus DBs are updated. > (ClamAV 0.83/779/Tue Mar 22 07:34:41 2005 signatures) > > Does anyone know why? > > Thanks for any help or direction for where I should go to find help.
Without the samples, which you said you can't get hold of, it's difficult to help. > Best, > John Hinton -Nigel Horne _______________________________________________ http://lurker.clamav.net/list/clamav-users.html