Update on ClamAV Got the "freshclam" updater working. Pretty simple actually. Just browse one of the mirrors for the db updates - see http://www.clamav.net/mirrors.html for a list -
Pick one of them - say - http://clamav.sonic.net/database/ - download the .md5 files to your virus db folder (eg c:\clamav-devel\share\clamav\ ) I got all of them while I was there just in case. Then go to c:\clamav-devel\bin and run freshclam from cmd line and it should update. See freshclam --help for more. You can run it as a daemon if you stay logged on otherwise you'll have to do something different. There is a .conf file. Results are pretty decent for me once I got the virus db updated. Basically ClamAv is catching everything so far that f-prot is catching. Log snippet at end - although this is pretty light day. Where NAI is not indicating a virus and the other 2 are I think the attachments may be corrupted but haven't verified that. You can create our own virus signatures, too. If you don't want to wait on someone else. There is also a web page to report viruses: http://www.nervous.it/~nervous/cgi-bin/sendvirus.cgi Pretty nice really for "free" and an additional scanner. Only real disadvantage I see is the virus name and that's not too significant. Terry Fritts Log Snippet: =================================================================== 13:10:24 Scanner 1: Virus=: W32/[EMAIL PROTECTED] 13:10:25 Scanner 2: Virus= the W32/[EMAIL PROTECTED] virus 13:10:26 Scanner #3 detected a virus 13:55:08 Scanner 1: Virus=: W32/[EMAIL PROTECTED] 13:55:09 Scanner 2: Virus= the W32/[EMAIL PROTECTED] 13:55:10 Scanner #3 detected a virus 13:55:59 Scanner 1: Virus=: W32/[EMAIL PROTECTED] 13:56:00 Scanner 2: Virus= the W32/[EMAIL PROTECTED] 13:56:01 Scanner #3 detected a virus 13:57:13 Scanner 1: Virus=: W32/[EMAIL PROTECTED] 13:57:15 Scanner #3 detected a virus 14:20:08 Scanner 1: Virus=: W32/[EMAIL PROTECTED] 14:20:08 Scanner 2: Virus= the W32/[EMAIL PROTECTED] 14:20:10 Scanner #3 detected a virus 14:34:57 Scanner 1: Virus=: W32/[EMAIL PROTECTED] 14:34:58 Scanner 2: Virus= the W32/[EMAIL PROTECTED] 14:34:59 Scanner #3 detected a virus 14:51:10 Scanner 1: Virus=: W32/[EMAIL PROTECTED] 14:51:12 Scanner #3 detected a virus 14:51:55 Scanner 1: Virus=: W32/[EMAIL PROTECTED] 14:51:58 Scanner #3 detected a virus 14:52:50 Scanner 1: Virus=: W32/[EMAIL PROTECTED] 14:52:52 Scanner #3 detected a virus 14:52:58 Scanner 1: Virus=: W32/[EMAIL PROTECTED] 14:53:00 Scanner #3 detected a virus 14:53:36 Scanner 1: Virus=: W32/[EMAIL PROTECTED] 14:53:38 Scanner #3 detected a virus =================================================================== --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.
