Re: [clamav-users] ClamAV 0.105 release candidate

On 3/16/2022 12:35 PM, G.W. Haywood via clamav-users wrote: Hi there, On Wed, 16 Mar 2022, Bowie Bailey via clamav-users wrote: On 3/16/2022 10:09 AM, Joel Esler via clamav-users wrote: On Mar 16, 2022, at 5:35 AM, Gary R. Schmidt wrote: On 16/03/2022 20:19, Christoph Moench-Tegeder via

Re: [clamav-users] ClamAV 0.105 release candidate

On 3/16/2022 10:09 AM, Joel Esler via clamav-users wrote: On Mar 16, 2022, at 5:35 AM, Gary R. Schmidt wrote: On 16/03/2022 20:19, Christoph Moench-Tegeder via clamav-users wrote: ## Joel Esler via clamav-users (clamav-users@lists.clamav.net): Can’t use wget. Looks like "can't use

Re: [clamav-users] Problem installing ClamAV 104.1 on CentOS 7

On 12/6/2021 10:04 PM, Paul Kosinski wrote: On Mon, 6 Dec 2021 16:41:51 -0500 Bowie Bailey via clamav-users wrote: I followed the instructions to install the prerequisites and then went through the steps for the default build.  Everything went fine until I got to the last step. $ sudo cmake

[clamav-users] Problem installing ClamAV 104.1 on CentOS 7

I followed the instructions to install the prerequisites and then went through the steps for the default build.  Everything went fine until I got to the last step. $ sudo cmake --build . --target install sudo: cmake: command not found The instructions have me install cmake under my user

Re: [clamav-users] ClamAV® blog: ClamAV 0.104.0 Second Release Candidate is here!

On 8/20/2021 9:46 AM, Arjen de Korte via clamav-users wrote: Citeren "Joel Esler (jesler) via clamav-users" : https://blog.clamav.net/2021/08/clamav-01040-second-release-candidate.html ClamAV 0.104.0 Second

Re: [clamav-users] ClamAV 0.102.2 needs a "--without-systemd" option

On 4/20/2020 1:25 PM, Paul Kosinski via clamav-users wrote: > Andrew, > > Yeah, per your posting, I tried running 'configure' specifying > `--with-systemdsystemunitdir=no` and it seemed to be suppress the > systemd tie-in. (I didn't actually run 'make'.) > > It would be nice if this were

Re: [clamav-users] Error loading libfreshclam.so.2 with ClamAV 102.1

On 1/17/2020 2:34 PM, Micah Snyder (micasnyd) via clamav-users wrote: > If you run `sudo ldconfig` does that resolve the issue? Yes, it did! Thanks! -- Bowie ___ clamav-users mailing list clamav-users@lists.clamav.net

Re: [clamav-users] Error loading libfreshclam.so.2 with ClamAV 102.1

On 1/17/2020 1:39 PM, Matus UHLAR - fantomas wrote: >>> On 17.01.20 12:25, Bowie Bailey wrote: >>>> I just upgraded from ClamAV 101.4 to 102.1 on CentOS 7.4.  Clam runs fine >>>> (through >>>> avfilter for Courier), but when I run freshclam, I get a

Re: [clamav-users] Error loading libfreshclam.so.2 with ClamAV 102.1

On 1/17/2020 1:03 PM, Matus UHLAR - fantomas wrote: > On 17.01.20 12:25, Bowie Bailey wrote: >> I just upgraded from ClamAV 101.4 to 102.1 on CentOS 7.4.  Clam runs fine >> (through >> avfilter for Courier), but when I run freshclam, I get an error: >> >> # fr

[clamav-users] Error loading libfreshclam.so.2 with ClamAV 102.1

I just upgraded from ClamAV 101.4 to 102.1 on CentOS 7.4.  Clam runs fine (through avfilter for Courier), but when I run freshclam, I get an error: # freshclam freshclam: error while loading shared libraries: libfreshclam.so.2: cannot open shared object file: No such file or directory # ll

Re: [clamav-users] Port number

On 8/27/2019 1:23 AM, Alpesh Thakare via clamav-users wrote: > > Dear Team, > >   > > What is the port number used by ClamAV. > ClamAV defaults to listening on a Unix socket rather than a TCP port.  If you enable the TCP port, then the port number is set in the config file.  Take a look at

Re: [clamav-users] SecuriteInfo.com.Spam-12370

On 6/25/2019 3:16 AM, Arnaud Jacques wrote: > Hello Bowie, > > Le 24/06/2019 à 22:45, Bowie Bailey a écrit : >> Anyone else having issues with this signature?  It seems to decode to >> "yahoo.com". >> >> VIRUS NAME: SecuriteInfo.com.Spam-123

[clamav-users] SecuriteInfo.com.Spam-12370

Anyone else having issues with this signature?  It seems to decode to "yahoo.com".     VIRUS NAME: SecuriteInfo.com.Spam-12370     TARGET TYPE: MAIL     OFFSET: *     DECODED SIGNATURE:     yahoo.com It's been blocking a bunch of emails that were forwarded from my Yahoo account. I already

Re: [clamav-users] Updating multiple servers

On 4/4/2019 9:01 PM, Tim Hawkins wrote: > We have a large number of services running inside kubernetes that need to have > access to clamav,  given the sheer number, i dont want to have to run > freshclam > process on each virtual machine (container), due to the managemeht and > monitoring >

Re: [clamav-users] Slow reload

On 3/22/2019 10:54 AM, Bowie Bailey wrote: > > The only problem I have found is that > since my databases take so long to load, avfilter_sig times out when > reloading the > virus definitions.  Is there a way to increase the timeout for avfilter_sig? Nevermind.  I updated the

Re: [clamav-users] Slow reload

On 3/22/2019 6:58 AM, Alessandro Vesely via clamav-users wrote: > On Thu 21/Mar/2019 21:21:45 +0100 Bowie Bailey wrote: >> >> And here's the problem.  SecuriteInfo has their own Eicar signatures, so >> ClamAV found >> those first and not the one you were expec

Re: [clamav-users] Slow reload

On 3/21/2019 3:14 PM, Alessandro Vesely via clamav-users wrote: > On Thu 21/Mar/2019 15:05:59 +0100 Bowie Bailey wrote: >> $ pkg-config --atleast-version=0.101.0 libclamav --print-errors >> Package libclamav was not found in the pkg-config search path. >> Perhaps you sho

Re: [clamav-users] Slow reload

On 3/20/2019 3:53 PM, Bowie Bailey wrote: > On 3/20/2019 2:57 PM, Alessandro Vesely via clamav-users wrote: >> On Wed 20/Mar/2019 14:53:28 +0100 Bowie Bailey wrote: >> >>> On 3/20/2019 8:42 AM, Alessandro Vesely via clamav-users wrote: >>>> On Tue 19/Mar/20

Re: [clamav-users] Slow reload

On 3/20/2019 2:57 PM, Alessandro Vesely via clamav-users wrote: > On Wed 20/Mar/2019 14:53:28 +0100 Bowie Bailey wrote: > >> On 3/20/2019 8:42 AM, Alessandro Vesely via clamav-users wrote: >>> On Tue 19/Mar/2019 15:35:39 +0100 Bowie Bailey wrote: >>> >>>

Re: [clamav-users] Slow reload

On 3/20/2019 8:42 AM, Alessandro Vesely via clamav-users wrote: > On Tue 19/Mar/2019 15:35:39 +0100 Bowie Bailey wrote: > >> ClamAV is taking about 2 1/2 minutes to reload its database on my mail >> server.  This >> seems to frequently happen when we are sending an e

Re: [clamav-users] Slow reload

On 3/20/2019 2:57 AM, Arnaud Jacques wrote: > Hello Bowie, > >> I did a check on the SecuriteInfo signatures.  I grepped my clamd logs for >> hits on >> SecuriteInfo signatures and then matched them to the file they came from. >> >> #1 was spam_marketing.ndb with 110 hits >> #2 was javascript.ndb

Re: [clamav-users] Slow reload

On 3/19/2019 4:27 PM, Bowie Bailey wrote: > On 3/19/2019 10:44 AM, Arnaud Jacques wrote: >> Hello Bowie, >> >> Le 19/03/2019 à 15:35, Bowie Bailey a écrit : >>> ClamAV is taking about 2 1/2 minutes to reload its database on my mail >>> server.  This

Re: [clamav-users] Slow reload

On 3/19/2019 10:44 AM, Arnaud Jacques wrote: > Hello Bowie, > > Le 19/03/2019 à 15:35, Bowie Bailey a écrit : >> ClamAV is taking about 2 1/2 minutes to reload its database on my mail >> server.  This >> seems to frequently happen when we are sending an email, so th

[clamav-users] Slow reload

ClamAV is taking about 2 1/2 minutes to reload its database on my mail server.  This seems to frequently happen when we are sending an email, so the Thunderbird will time out on the send (although the message will frequently go through anyway). I do have a bunch of third party signatures

Re: [clamav-users] Any way to force scan as mail?

On 3/1/2017 1:00 PM, G.W. Haywood wrote: Hello again, On Wed, 1 Mar 2017, Carlos Velasco wrote: G.W. Haywood wrote: > Your conjecture is incorrect. Neither of those things is a properly > formed mail message. I'd describe them as jumbled up collections of > bits and pieces of things which

Re: [clamav-users] Understanding OLE2BlockMacros

On 8/25/2016 7:06 PM, Alex wrote: Hi, Try this: 1) Enable OLE2BlockMacros and restart clamd 2) Use clamdscan to test your sample message and note the results 3) Disable OLE2BlockMacros and restart clamd 4) Use clamdscan to test your sample message again and note these results Very

Re: [clamav-users] Understanding OLE2BlockMacros

On 8/25/2016 4:20 PM, Dennis Peterson wrote: On 8/25/16 1:10 PM, Bowie Bailey wrote: On 8/25/2016 3:10 PM, Steve Basford wrote: Try this: 1) Enable OLE2BlockMacros and restart clamd 2) Use clamdscan to test your sample message and note the results 3) Disable OLE2BlockMacros and restart clamd 4

Re: [clamav-users] Understanding OLE2BlockMacros

On 8/25/2016 3:10 PM, Steve Basford wrote: Try this: 1) Enable OLE2BlockMacros and restart clamd 2) Use clamdscan to test your sample message and note the results 3) Disable OLE2BlockMacros and restart clamd 4) Use clamdscan to test your sample message again and note these results Something

Re: [clamav-users] Understanding OLE2BlockMacros

On 8/25/2016 2:39 PM, Alex wrote: Hi, When this option is set to Yes, the emails are tagged, but even emails with macro virus attachments are forwarded on, not blocked problem is that you don't understand your mailsystem, clamd itself only hives back with signatures are hit and then the glue

Re: [clamav-users] Supported Operating Systems

install ClamAV to a server so that it is accessible via HTTP? Id like to do scans from http. Thanks, Joe On Jun 9, 2016, at 8:46 AM, Bowie Bailey <bowie_bai...@buc.com> wrote: On 6/9/2016 8:24 AM, Van Dalsen, Herbie wrote: Hi all, I would please like to know if clamav is supported on

Re: [clamav-users] Supported Operating Systems

On 6/9/2016 8:24 AM, Van Dalsen, Herbie wrote: Hi all, I would please like to know if clamav is supported on HP-UX, and where I can get the manuals to install on HP-UX. I haven't tried it on HP-UX, but ClamAV should be fairly easy to install on any standard Linux/Unix system. If there are

Re: [clamav-users] Structured.CreditCardNumber bounce

On 4/1/2016 11:48 AM, Rob McKennon wrote: On 04/01/2016 11:40 AM, Bowie Bailey wrote: On 4/1/2016 11:16 AM, Rob McKennon wrote: On 04/01/2016 11:01 AM, Vladislav Kurz wrote: On Friday 01 of April 2016 Rob McKennon <rmcken...@monetra.com> wrote: Hello, One of the reasons we use

Re: [clamav-users] Structured.CreditCardNumber bounce

On 4/1/2016 11:16 AM, Rob McKennon wrote: On 04/01/2016 11:01 AM, Vladislav Kurz wrote: On Friday 01 of April 2016 Rob McKennon wrote: Hello, One of the reasons we use clamav is to not accept emails with credit card numbers. And it works great to bounce the

Re: [clamav-users] [Fwd: [sanesecurity] Hacking Team detection]

On 8/7/2015 6:30 PM, Gene Heskett wrote: On Friday 07 August 2015 16:58:09 Al Varnell wrote: Gene, It’s on the sanesecurity.net mirror sites, not the ones clamav.net provides, so freshclam isn’t going to find those. As Steve said earlier, you would have to install, configure and use the

Re: [clamav-users] [Fwd: [sanesecurity] Hacking Team detection]

On 8/7/2015 9:20 AM, Gene Heskett wrote: On Friday 07 August 2015 04:46:31 Steve Basford wrote: Just in case it's useful... Original Message Subject: [sanesecurity] Hacking Team detection From:Steve Basford

Re: [clamav-users] gpg key

On 7/16/2015 7:33 PM, Joel Esler (jesler) wrote: On Jul 16, 2015, at 2:45 PM, Bowie Bailey bowie_bai...@buc.commailto:bowie_bai...@buc.com wrote: On 7/16/2015 1:30 PM, Al Varnell wrote: Start with the Documentation page for Upgrading ClamAV: http://www.clamav.net/doc/upgrade.html • How do I

[clamav-users] gpg key

Where can I find the gpg key for the clamav tarball? I've poked through the website and sourceforge and can't find it anywhere. -- Bowie ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq

Re: [clamav-users] gpg key

On Thu, Jul 16, 2015 at 08:21 AM, Bowie Bailey wrote: Where can I find the gpg key for the clamav tarball? I've poked through the website and sourceforge and can't find it anywhere. Wow. They certainly buried it well enough! You would think they would put a link on the download page

Re: [clamav-users] problem reading socket while updating database

On 7/7/2015 4:31 PM, Kris Deugau wrote: Jingo Administrator wrote: Already more than a week ago I posted my first question to the list. I must admit I'm a bit disappointed that nobody responds. Is it that I asked a silly question? Or is the issue just to hard to solve and just nobody wants to

Re: [clamav-users] problem reading socket while updating database

On 7/8/2015 11:11 AM, Jingo Administrator wrote: The system is a VIA PC3500G Motherboard with an onboard VIA Esther processor 1500MHz. So, indeed, nothing special or heavy, I know, although it's dedicated:-) . Scanning is not the bottleneck, reloading the database is. Before this server I had a

Re: [clamav-users] [Fwd: securiteinfo problems]

On 4/24/2015 6:29 AM, Cedric Knight wrote: 2) Is anyone else using the new SI system via freshclam willing to report on it? Thanks. I have been using it since it was announced in March. It seems to work fine. -- Bowie ___ Help us build a

Re: [clamav-users] Clamav on Debian

On 1/13/2015 10:17 AM, Richard Thibaudeau wrote: Hi everyone For at least two weeks I'm searching the Internet to find a solution to: root@debian:/# freshclam ERROR: Parse error at line 4: Unknown option LocalSocket ERROR: Can't open/parse the config file /etc/clamav/freshclam.conf I don't

Re: [clamav-users] Warning in ClamAV update process

On 9/11/2014 4:25 PM, Joel Esler (jesler) wrote: On Sep 11, 2014, at 7:15 AM, Gene Heskett ghesk...@wdtv.commailto:ghesk...@wdtv.com wrote: On Thursday 11 September 2014 05:10:52 Tommy Berglund did opine And Gene did reply: Den 2014-09-11 09:59, Al Varnell skrev: On Thu, Sep 11, 2014 at 12:27

Re: [clamav-users] Bad detection rate

On 6/24/2014 9:53 AM, Walter Bürger wrote: Hi dear ClamAV team, I submitted the same file as yesterday to virustotal.com: Rechnung_23_14_06_198630274520031_telekom_deutschland_GmbH.exe (MD5 ad690be247dda635781e20887fcac0e7) 30 out of 54 scanners detected a virus (NOD32 named it

Re: [clamav-users] reported before, makes no sense

On 5/16/2014 6:39 AM, Steve Basford wrote: -rw-r--r-- 1 clamav adm 5958972 2013-05-03 07:51 junk.ndb That's a bit out of date ;) -rw-r--r-- 1 clamav adm 567741 2013-05-04 01:48 mbl.ndb JUST NUKED I'll see if the one I just nuked comes back. Yep, that'll be the one to watch out

Re: [clamav-users] reported before, makes no sense

On 5/16/2014 9:52 AM, Kris Deugau wrote: Bowie Bailey wrote: I highly recommend the Sanesecurity signatures. They catch much more than the stock signatures. They also catch spam, scam, phishing, and other misc junk emails. I haven't had any problems with false positives. Here's

Re: [clamav-users] Version 0.98.3 hard loops on clamdscan -V

On 5/9/2014 7:41 PM, Dennis Peterson wrote: On 5/9/14, 7:33 AM, Bowie Bailey wrote: On 5/8/2014 10:35 PM, Eric Shubert wrote: [root@qmt-cos5 etc]# grep -v ^# clamd.conf | grep -v ^$ Inefficiency bugs me... You can do multiple patterns with a single grep using the -e flag. grep -v -e ^# -e

Re: [clamav-users] Version 0.98.3 hard loops on clamdscan -V

On 5/8/2014 10:35 PM, Eric Shubert wrote: [root@qmt-cos5 etc]# grep -v ^# clamd.conf | grep -v ^$ Inefficiency bugs me... You can do multiple patterns with a single grep using the -e flag. grep -v -e ^# -e ^$ clamd.conf -- Bowie ___ Help us

Re: [clamav-users] clamav stops boot

On 5/2/2014 11:21 AM, Alain Zidouemba wrote: The ClamAV engine won't update itself automatically. You will have to manually perform that operation. The latest version of ClamAV (version 0.98.1) can be downloaded here: http://www.clamav.net/lang/en/download/sources/ Or, if ClamAV was installed

Re: [clamav-users] clamav stops boot

On 5/2/2014 12:16 PM, Greg Mueller wrote: I can't get to anything yet. It won't go past the out of date adviso It has to be something else causing the hang. That notice is just a warning message and should not affect the boot process. Have you tried booting into single user mode? I don't

Re: [clamav-users] clamav stops boot

On 5/2/2014 12:32 PM, Greg Mueller wrote: I found a selection in the GRUB page that is for recovery (it says) so I'm trying various options from that. CTR-C didn't work nor CTRL-Q If it's using Grub to boot, then you should be able to get to single user mode by editing the grub boot

Re: [clamav-users] Generating a positive?

On 4/21/2014 3:12 PM, Dave Shevett wrote: Hi everyone - we have clamav now running happily via cron job and integrated with puppet. Problem is I want to have it successfully find something so I can test our notification mechanism. Infect one of my servers seems a big gruesome. Is there an

Re: [clamav-users] filename ignore uppercase

On 9/17/2013 3:47 PM, Douglas Goddard wrote: On Tue, Sep 17, 2013 at 3:05 PM, Alejandro Rodriguez arodrig...@b2ec.netwrote: How I can ignore uppercase in a filename. Right now i´m using foxhole_all.cdb to block .exe files inside .zip archives However if the zip contain archive.EXE (in

Re: [clamav-users] Virus pattern grammar license

On 6/13/2013 5:50 AM, Yoon-Chan Jhi wrote: Hello, I am wondering if anyone can give me an answer on this. What is the license for ClamAV's virus signature grammar? I know the official CVDs are GPL, but I have not found anything about the grammar(i.e., the use of the symbols such as *, (, ), [,

Re: [clamav-users] ClamAV Yum Repositories

On 5/16/2013 12:03 PM, Bob Cohen wrote: Hi Folks, My server runs CentOS 5.x and I use yum to keep it updated. For a few weeks, LogWatch has been complaining that my install is not current. Is there a better yum repository for keeping my install current? In order for us to tell you about a

[clamav-users] New key?

ClamAV 0.97.8 is apparently being signed with a new key. Where can I find the new gpg key? -- Bowie ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml

Re: [clamav-users] New key?

On 4/25/2013 12:21 PM, Nigel Houghton wrote: On Apr 25, 2013, at 11:23 AM, Bowie Bailey bowie_bai...@buc.com wrote: ClamAV 0.97.8 is apparently being signed with a new key. Where can I find the new gpg key? http://pgp.mit.edu:11371/pks/lookup?search=Sourcefire+VRTop=index Perfect

[clamav-users] ClamAV 0.97.7 available?

Freshclam is complaining that my engine is outdated and I should be using 0.97.7. However, the website still lists 0.97.6 as current. Is this a problem with Freshclam/DNS or do I just need to wait for the website to catch up? -- Bowie ___ Help us

Re: [clamav-users] ClamAV 0.97.7 available?

On 3/14/2013 2:54 PM, Al Varnell wrote: On 3/14/13 11:38 AM, Bowie Bailey wrote: Freshclam is complaining that my engine is outdated and I should be using 0.97.7. However, the website still lists 0.97.6 as current. Is this a problem with Freshclam/DNS or do I just need to wait

Re: [clamav-users] ClamAV 0.97.7 available?

On 3/14/2013 3:38 PM, Al Varnell wrote: On 3/14/13 12:29 PM, Bowie Bailey wrote: On 3/14/2013 2:54 PM, Al Varnell wrote: On 3/14/13 11:38 AM, Bowie Bailey wrote: Freshclam is complaining that my engine is outdated and I should be using 0.97.7. However, the website still lists 0.97.6

Re: [clamav-users] Incremental Update Warnings

On 1/7/2013 3:50 PM, Al Varnell wrote: I'm sure this is due to the large increases over the past month or so of new signatures being posted, but several ClamXav users are reporting seeing update sessions similar to the following on a frequent basis. Fri Dec 28 13:12:19 2012 - ClamAV update

Re: [clamav-users] Incremental Update Warnings

On 1/7/2013 4:38 PM, Tom Judge wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 1/7/13 4:26 PM, Bowie Bailey wrote: SNIP Interesting. I took a look at my freshclam logs and I am seeing this kind of thing about once a day as well. In my case, it seems to be a temporary problem

Re: [clamav-users] RES: Block files type inside attached files

On 12/7/2012 3:01 PM, Ronaldo Luiz de Carvalho wrote: Sorry, I don't explain very well what I'm trying to do I have a CentOS server running ClamAV. When the server receive e-mails with attached files, some files attached has inside files with extension .cmd, .bat, .cpl and others. My doubt is

Re: [clamav-users] [Clamav-users] clamav no timestamp in the logs

On 12/6/2012 7:28 AM, franckm wrote: With clamdscan, it still does not show timestamps (see below) The default config (/etc/clamd.conf) is to no show LogTimes. I have changed that (LogTime yes). Is there anything I need to do after having changed the clamd config? Restart clamd.

Re: [clamav-users] [Clamav-users] clamav no timestamp in the logs

On 12/6/2012 10:43 AM, franckm wrote: Ok I've done that. LogTimes are shown (in a weird datetime format) but the file that I've just scanned is not listed at all: clamdscan /tmp/clamscan-franck-test/clamscan-franck-testclamscan-man.txt

Re: [clamav-users] [Clamav-users] clamav no timestamp in the logs

On 12/6/2012 11:25 AM, franckm wrote: Bowie Bailey wrote: On 12/6/2012 10:43 AM, franckm wrote: Ok I've done that. LogTimes are shown (in a weird datetime format) but the file that I've just scanned is not listed at all: clamdscan /tmp/clamscan-franck-test/clamscan-franck-testclamscan

Re: [clamav-users] Enabling stats in ClamAV

On 10/3/2012 11:40 AM, Bryan Burke wrote: So, the page http://www.clamav.net/lang/en/faq/faq-cctts/stats-howto/ mentions having the LogFile directive filled out, but I use the syslog interface for logging (to the LOG_MAIL facility). So, my question is... can I point frechclam somehow at the

[clamav-users] Personal stats webpage

I posted this a few days ago with no response. I think it got lost in the mailing list etiquette discussion. Original post: Now that I have the submission working, I took a look at the personal stats page (www.stats.clamav.net). I see a graph of some data here, but I'm not sure how to read

Re: [clamav-users] Personal stats webpage

On 9/25/2012 11:45 AM, Joel Esler wrote: I'm sorry I didn't respond. We are working on your request and I'll have one of the guys get back to you. Thanks for your patience. No problem. Since the original thread devolved into an etiquette discussion, I wanted to re-post in case the

Re: [clamav-users] ClamAV® : ClamAV Stats, we need more of them, we need your help

On 9/21/2012 4:35 AM, Al Varnell wrote: On 9/20/12 9:12 AM, Bowie Bailey bowie_bai...@buc.com wrote: On 9/18/2012 6:24 PM, Joel Esler wrote: http://blog.clamav.net/2012/09/clamav-stats-we-need-more-of-them-we.html ClamAV Stats, we need more of them, we need your help We've been working

Re: [clamav-users] ClamAV® : ClamAV Stats, we need more of them, we need your help

Now that I have the submission working, I took a look at the personal stats page (www.stats.clamav.net). I see a graph of some data here, but I'm not sure how to read it. There is a bar chart with four bars. The numbers on the bars are 5, 1, 4, 2. When I hover over the bars, I get 19, 21,

Re: [clamav-users] How to remove infected files after scanning with Clamd ??

On 9/21/2012 11:29 AM, Siranjeevi wrote: Clamdscan is client which runs on Clamd thread know. I am asking, Is there any option to delete the infected file..?? I want use daemon process to do this for my mail attachments. Keep in mind that mail attachments are not normal files. When you are

Re: [clamav-users] ClamAV®: ClamAV Stats, we need more of them, we need your help

On 9/18/2012 6:24 PM, Joel Esler wrote: http://blog.clamav.net/2012/09/clamav-stats-we-need-more-of-them-we.html ClamAV Stats, we need more of them, we need your help We've been working pretty hard behind the scenes over here on ClamAV, its backend infrastructure, and moving the codebase as

Re: [clamav-users] What is the maximum file size ClamAV supports ??

On 9/17/2012 5:20 AM, Siranjeevi wrote: Sure. I have given full permission to that file.. like -rwxrwxrwx 1 root root 261638 Nov 11 2010 xrdp-0.4.0-1.el6.rf.x86_64.rpm But still i am getting the same error. I couldn't find out the exact reason. Check the permissions of the directory.

Re: [clamav-users] Many false positives: MBL_312128 / MBL_303159

On 8/7/2012 2:46 PM, Matt Olney wrote: We've heard similar complaints on IRC. It looks like downloads may be broken from MBL. You'll have to work with them to address the issue. My last download was 3 hours ago. I don't see a problem from here. Also, I do not see the problematic rules in

[clamav-users] ClamAV 0.97.5 download

I see that the text on the download page of the website has changed to 0.97.5, but the link still goes to an 0.97.4 download file. -- Bowie ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml

Re: [clamav-users] Help to download ClamAV 0.97.5

On 6/15/2012 10:59 AM, gene heskett wrote: On Friday, June 15, 2012 10:44:29 AM Matt Olney did opine: We're having some trouble with our freshmeat account. You can download the latest here, until we get it fixed up: https://sourceforge.net/projects/clamav/files/ I downloaded this, removed

Re: [clamav-users] Basic newbie question

On 5/4/2012 10:39 AM, Mr. Eddie Jackson wrote: Please answer this simple basic newbie webmaster question. I have spent hous and read the entire clamav manual and it is not answered. I simply need to know if clamav deletes or quarantines viruses it finds in a default debian squeeze apache2

Re: [clamav-users] CentOS 5.6 and clamav 0.97.4

On 4/12/2012 4:56 PM, Trixi D. Bubemyre wrote: Is clamav 0.97.4 supported for CentOS 5.6? I do not find it listed among the supported linux platforms. ClamAV should run on just about any recent version of CentOS. I'm running one on a CentOS 4.9 system (compiled from source) and another on

Re: [clamav-users] My outdated Clam.

On 3/7/2012 2:25 PM, Steve Kirkby wrote: Following Edwin's reply (and thanks for that) I visited the clamav.net site. I downloaded the ClamAV 0.97.3 install guide. It consists of 17 pages of highly technical instructions which are so beyond me that I could not even think of doing anything

Re: [clamav-users] false positives with MBL_207346?

On 2/22/2012 1:00 PM, John Madden wrote: Oh, and I now realize that this is outside of freshclam's control, being a sanesecurity signature. I removed the mbl.db and disabled that cronjob until we sort this out... On 02/22/2012 12:51 PM, John Madden wrote: I wasn't able to receive my own

Re: [clamav-users] Heuristics.OLE2.ContainsMacros false positive

On 1/25/2012 9:48 AM, [Cardiff] Tugdual de LASSAT wrote: Hello the list.. I have a problem, i wish to submit to your review... We run 4 years discontinuating, an Exim+Clamav mail server solution that ran smoothly to our needs, until recent internal false positive has been signaled... One

Re: [clamav-users] Heuristics.OLE2.ContainsMacros false positive

On 1/25/2012 11:02 AM, [Cardiff] Tugdual de LASSAT wrote: That one is good: I do get : clamdscan selsia.ppt /root/selsia.ppt: Heuristics.OLE2.ContainsMacros FOUND --- SCAN SUMMARY --- Infected files: 1 Time: 0.001 sec (0 m 0 s) So I must admit there is a problem in

Re: [clamav-users] clamav can't access socket file

On 12/6/2011 7:31 AM, Tim Dunphy wrote: Hi Ged and thank you for your reply. The error message doesn't say that permission was denied, it says that the connection was refused. That means that nothing is listening on the socket. Maybe the daemon died? Good question. Although I checked the

Re: [clamav-users] New user

On 12/1/2011 7:02 PM, pushpa gouder wrote: I have passed those arguments to clamd and put eicar.txt.com virus in that SCAN folder. Nothing happened. But If I use clamsan/clamdscan on command line it finds it. #clamd -h Clam AntiVirus Daemon 0.97.2 By The

Re: [clamav-users] New user

On 12/1/2011 10:53 AM, pushpa gouder wrote: Thanks a lot, very helpful!. I have been researching about this for quite a while now, If 'clamd' daemon does not scan anything why do they even have options like SCAN MULTISCAN INSTREAM...etc in its man page, I am just curious. Those are commands

Re: [clamav-users] Scan files by date

On 10/10/2011 5:28 AM, Matus UHLAR - fantomas wrote: On 9/30/2011 10:56 PM, Nathan Gibbs wrote: clamscan itself isn't that smart, but if you are using unix, find could feed a list of things to clamscan. On 03.10.11 11:34, Bowie Bailey wrote: Just keep in mind that it is quite easy

Re: [clamav-users] Scan files by date

On 9/30/2011 10:56 PM, Nathan Gibbs wrote: On 9/30/2011 9:37 PM, Rohler, Brian L wrote: I have a large number of files (9TB) with over a million files and thousands of directories. I would like to scan the group one time so I have a good baseline. After that I would like to scan files that

Re: [clamav-users] Obfuscated IP address.

On 9/19/2011 11:46 AM, Michael Orlitzky wrote: A hostname cannot be all digits and except when the IP is used there will be a TLD, so if you see a pattern such as http:// 123456789/ cgi-bin/innocent_code.pl (Ignore the spaces they are there to let this post slip by most antispam

Re: [clamav-users] Obfuscated IP address.

On 9/19/2011 12:16 PM, Michael Orlitzky wrote: On 09/19/11 12:04, Bowie Bailey wrote: He is not trying to match the IP address. He is trying to match an unusual way of presenting the IP address that seems to occur primarily in spam. Whether this is something that should be done in ClamAV

Re: [clamav-users] Obfuscated IP address.

On 9/19/2011 12:46 PM, Bernd Petrovitsch wrote: On Mon, 2011-09-19 at 12:40 -0400, Bowie Bailey wrote: On 9/19/2011 12:16 PM, Michael Orlitzky wrote: On 09/19/11 12:04, Bowie Bailey wrote: He is not trying to match the IP address. He is trying to match an unusual way of presenting the IP

Re: [clamav-users] Yet Another US Mirror Issue

On 9/14/2011 3:29 AM, sys...@ra-schaal.de wrote: i´ll have at look. but i´m moving until september to a new server with much bandwith (20 TB/month) and a better performance. maybe i can setup the mirror on this system on weekend. if you can´t connect to 88.198.67.125, you should fall back

Re: [clamav-users] Yet Another US Mirror Issue

On 9/13/2011 1:18 PM, sys...@ra-schaal.de wrote: Am 13.09.2011 18:01, schrieb Al Varnell: On Sep 13, 2011, at 8:15 AM, Dan dantear...@gmail.com wrote: Yet more failure on 88.198.67.125, this morning. This one is a double. I was going to wait a few more days to mention this, but since you

Re: [clamav-users] Access has been denied page

On 4/14/2011 9:31 AM, Antonio Pereira wrote: Hello, I have tried this again today and am getting this message still. Do I need to do something on my system so it does not filter this? -Original Message- From: clamav-users-boun...@lists.clamav.net

Re: [clamav-users] Access has been denied page

On 4/14/2011 9:49 AM, Antonio Pereira wrote: Thanks I ad put in MBL_200562.UNOFFICIAL instead of MBL_200562 I reloaded clamav and now it works. I would have done the same thing if I hadn't looked at the Sanesecurity file first. I think UNOFFICIAL is just a tag that is added onto the

Re: [clamav-users] Improving Scan Speeds on OS X.4.11

On 3/16/2011 10:24 AM, Russ Tyndall wrote: On Mar 15, 2011, at 4:51 PM, Chuck Swiger wrote: One thing you might consider doing is using find /location -mtime 1 to generate a list of which files have been modified over the past day, and only scanning these via clamdscan -f. I experimented

Re: [clamav-users] daily database broken again

On 2/28/2011 10:03 AM, Royce Williams wrote: For future-proofing purposes, would it be feasible to enable optionally tagging a signature with its minimum supported ClamAV version? In other words, the entry is tagged with min 0.98.2, and if you're running 0.98.1, it ignores it, but complains

Re: [clamav-users] daily database broken again

On 2/28/2011 12:17 PM, Royce Williams wrote: On Mon, Feb 28, 2011 at 7:39 AM, Bowie Bailey bowie_bai...@buc.com wrote: ClamAV 0.96 was released in April of 2010. How much time do you need to schedule an upgrade? If my servers were still running an old version a month after an update, I would

Re: [clamav-users] Immunet 3.0 powered by ClamAV

On 2/20/2011 12:49 PM, Török Edwin wrote: On 2011-02-19 19:59, Barry Cisna wrote: Hello All, Been using Clamav and Clamwin in our school enviornment for many years now. We run into from time to time viruses that get hanged onto our lan from kids dragging in stuff that shouldn't be there,on

Re: [clamav-users] Immunet 3.0 powered by ClamAV

On 2/22/2011 1:01 PM, Török Edwin wrote: On 2011-02-22 19:50, Bowie Bailey wrote: Will it upgrade ClamAV for Windows 2.0, or do I need to uninstall that version first? I think that the upgrade should work, if you launch the installer for 3.0 manually (which you can find on the about/win32

  1   2   >