>
>
>
> > grep clam /etc/passwd
> > clamilt:x:989:985:Clamav Milter User:/var/run/clamav-milter:/sbin/nologin
> > clamav:x:985:981::/var/run/clamav:/sbin/nologin
> > clamupdate:x:983:979:Clamav database update
> user:/var/lib/clamav:/sbin/nologin
> > clamscan:x:982:978:Clamav scanner user:/:/sbin/n
Hi there,
On Mon, 12 Jul 2021, Robert Kudyba wrote:
ls -l / | grep var
...
drwxr-xr-x. 23 root root4096 Jan 11 14:49 var
...
ls -l /var | grep lib
drwxr-xr-x. 95 root root 4096 Mar 20 08:00 lib
OK (assuming that you're *really* not using SELinux nor anything like it).
... /var/log/clam
>
> I asked about the permissions on the directories, not on files. In
> your 'find' command there you specifically limit the search to files
> and not directories with "-type f". See 'man find' for more (but IMO
> 'find' is a bit like a cornered rat and I'm starting to think it might
> not be th
Hi there,
On Mon, 12 Jul 2021, Michael Wang via clamav-users wrote:
I run ClamAV on windows using the latest portable installation with all
default configuration.
What version of ClamAV, and where did it come from?
I run the task scheduler under the SYSTEM user with the highest
credentials
Hello again,
On Mon, 12 Jul 2021, Robert Kudyba wrote:
... I'm not comfortable with hacking the shell script.
Fair enough. In any case now it looks to me less likely that it's the
shell script that's causing the issue (because you said in your last
mail that just three files showed incorrect
In all likelihood, it means that a GET or POST payload contained the
signature. Whether or not the request containing the signature was
successful in injecting it into your site is a question that only you will
be able to answer.
You can use sigtool to find the signature and again to decode the si
Clamscan detested a virus in Microsoft Internet Information Services 8.5
log file:
*C:\inetpub\logs\LogFiles\W3SVC1\u_exNN.log: Php.Trojan.MSShellcode-81
> FOUND*
>
I looked at the file manually, it consists of comments and GET and POST
messages. How do I determine if this is a real or false
Hello all ClamAV users:
I run ClamAV on windows using the latest portable installation with all
default configuration. I run the task scheduler under the SYSTEM user with
the highest credentials checked, but I still have lots of permission denied
messages.
I logged in locally and checked one of t
>
> >> ... next time it happens I can try some of these:
> >>> ...
> >>
> >> ... put some logging in place before it does, so you get as precise a
> >> timeline as you can.
> >
> > Indeed and here we are 9 months later and the problem is back. I can see
> > this happened after Jul 3 at 4:22 AM:
> >
Hi there,
On Sun, 11 Jul 2021, Robert Kudyba wrote:
On Sat, 10 Oct 2020, G.W. Haywood wrote:
On Sat, 10 Oct 2020, Robert Kudyba wrote:
... next time it happens I can try some of these:
...
... put some logging in place before it does, so you get as precise a
timeline as you can.
Indeed an
10 matches
Mail list logo