[Esd-l] Extensions with Trailer
Robert Wagner
rwagner at eruces.com
Tue May 27 10:18:30 PDT 2003
We have been seeing this more often.
Virus: WORM_PALYH.A
\Virus\Sample3ec8529a1.pif_
It appears that they system can capture anything with the pif extension, but
not pif_
MANGLE_EXTENSIONS='html?|exe|com|cmd|bat|pif|sc[rt]|lnk|dll|ocx|do[ct]|xl[sw
t]|p[po]t|rtf|vb[se]?|hta|p[lm]|sh[bs]|hlp\
|chm|eml|ws[cfh]|ad[ep]|jse?|md[abew]|ms[ip]|reg|as[dfx]|c[ip]l|pps|wm[avszd
]|vcf|nws|wsz|\{[-0-9a-f]+\}'
Is there a simple way to fix this?
More information about the esd-l
mailing list