Hey Thomas,
this happens sometimes, by unknown reasons and ClamAV can't prevent it.
Maybe interesting for you:
https://blog.clamav.net/2021/03/clamav-cvds-cdiffs-and-magic-behind.html
BTW: in your freshclam.log you can find follow: "We revieve an older daily.CVD file
then advertised,
Hello,
I've two equal system, but today I saw that on server 1 there is a
daily.cld (202299904 Bytes) and on server 2 a daily.cvd instead
(63677565 Bytes). On both servers I see the message "daily... database
is up-to-date".
Server 1
ls -al /var/lib/clamav/daily.cld
-rw-r--r-
>
> Is it possible to configure clamav, so it rejects or marks files as virus
> just based on their file extension?
>
When it processes data from milter. Maybe someone has experience with this? I
have the impression from these pages that somewhere filenames are available
within
Is it possible to configure clamav, so it rejects or marks files as virus just
based on their file extension?
___
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build
nonlocal_bind = 0
___
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
running on it) has to be local, hence
CONTSCAN.
What does "sysctl net.ipv4.ip_nonlocal_bind" say?
___
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us b
>>>> This is what I see from the strace:
>>>>
>>>> sendto(3, "zCONTSCAN /etc/gshadow\0", 23, 0, NULL, 0) = 23
>>>That's interesting. Does the client machine access clamav-central via a
>>>local proxy? Or more precisely, does the exe
That's interesting. Does the client machine access clamav-central via a local proxy? Or
more precisely, does the exemplary TCPAddr "clamav-central.company.com" resolve
to an IP-address that the client machine uses on one of its interfaces?
No, it's a direct connection. In both str
>> This is what I see from the strace:
>>
>> sendto(3, "zCONTSCAN /etc/gshadow\0", 23, 0, NULL, 0) = 23
>That's interesting. Does the client machine access clamav-central via a local
>proxy? Or more precisely, does the exemplary TCPAddr
>"clamav-cen
This is what I see from the strace:
sendto(3, "zCONTSCAN /etc/gshadow\0", 23, 0, NULL, 0) = 23
That's interesting. Does the client machine access clamav-central via a
local proxy? Or more precisely, does the exemplary TCPAddr
"clamav-central.company.com" reso
>>>>We have a central clamav server that does all of the actual scanning
>>>You mean a remote one from clamdscan's perspective, queried via "TCPAddr
>>>..."?
>>Correct.
>>
>>TCPSocket 3310
>>TCPAddr clamav-central.company.com
>m
We have a central clamav server that does all of the actual scanning
You mean a remote one from clamdscan's perspective, queried via "TCPAddr ..."?
Correct.
TCPSocket 3310
TCPAddr clamav-central.company.com
man clamdscan:
--fdpass
... Only available if connected to clamd
>> We have a central clamav server that does all of the actual scanning
>
>You mean a remote one from clamdscan's perspective, queried via "TCPAddr ..."?
Correct.
TCPSocket 3310
TCPAddr clamav-central.company.com
_______
Manage you
On 17 May 2024 13:26:27 Julia Korhonen via clamav-users
wrote:
Upon running command curl http://database.clamav.net, I received a message
indicating that my access was blocked. However, upon reviewing my network
settings and conducting diagnostic tests, I could not find any explicit
to your
prompt response.
Sincerely,
Julia
___
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav
We have a central clamav server that does all of the actual scanning
You mean a remote one from clamdscan's perspective, queried via "TCPAddr ..."?
___
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.n
have a central clamav server that does all of the actual scanning. I've
found that if I replace "--fdpass" with "--stream" the error goes away, however
the documentation states that this should only be used for testing and
debugging. When using a central server should
Hi,
No, it's not an issue if it's not present. We added it to the output so that
when people are blocked, and ask us why, it should already be in the output,
and save us the step of asking for it.
Thanks,
Andy
From: clamav-users on behalf of Ralf
Hildebrandt
* Micah Snyder (micasnyd) via clamav-users :
> The ClamAV 1.4.0 release candidate is now available.
I upgraded today and got a log message I've never seen before:
Mon May 13 17:18:37 2024 -> WARNING: Last cf-ray not present in freshclam.dat.
Mon May 13 17:18:37 2024 -> freshclam daemon
Submit them to http://www.clamav.net/reports/fp.
Sent from my iPad
-Al-
> On May 11, 2024, at 08:07, Richard via clamav-users
> wrote:
>
>
> I run clamav on linux, but I also have windows 7 installed.
> I mounted the windows partition and ran a clamav scan,
> whic
> >
> > I run clamav on linux, but I also have windows 7 installed.
> > I mounted the windows partition and ran a clamav scan,
> > which found the following viruses:
> >
> > /mnt/windows/Windows/System32/cliconfg.exe: Win.Virus.Expiro-9965977-0
> >
>
> I run clamav on linux, but I also have windows 7 installed.
> I mounted the windows partition and ran a clamav scan,
> which found the following viruses:
>
> /mnt/windows/Windows/System32/cliconfg.exe: Win.Virus.Expiro-9965977-0
> /mnt/windows/Windows/System32/spool/too
I run clamav on linux, but I also have windows 7 installed.
I mounted the windows partition and ran a clamav scan,
which found the following viruses:
/mnt/windows/Windows/System32/cliconfg.exe: Win.Virus.Expiro-9965977-0
/mnt/windows/Windows/System32/spool/tools/PrintBrmEngine.exe
in a
'resource busy' condition.
I reinstalled openssl-1.0.2.2102 clean and then updated/upgraded to
openssl-1.1.2.2200 so I could install dnf so I can install clamav-0.103.11 -
mean upgrade to - ...
So now - of course - the install/upgrade of dnf via dnf_aixtoolbox.sh fails
thusly
Hi Martin,
Duh-ohh - been working to long to forget or maybe I just learned to forget - I
got this project 3rd hand - "install clamav-0.103 because clamav-0.102 cant
access the virus DB."
So like a talking monkey I just kept trying to do just that. Even though I knew
clamav
Read this online at:
https://blog.clamav.net/2024/05/clamav-140-release-candidate-now.html
The ClamAV 1.4.0 release candidate is now available.
You may find the source code and installers for this release on the
clamav.net/downloads<https://www.clamav.net/downloads> page or the ClamAV
Hi Brendan,
if You have a clean YUM repository already in place, then just type “sudo yum
install clamav”. This will do the trick (if sudo is implemented correctly for
Your user. If not, switch to root instead).
But if You don’t have a working yum environment, You might think about
rpm but also generates a list
of sub dependencies. Yum probably does but I don't know the command well enough.
clamav-1:0.103.11-1.ppc dependencies and their sub dependencies
geninstall -I "a -cgNpQqwX -J" -Z -p -d . -f File 2>&1
Failed dependencies:
needed by clamav-1:0.103
Hi Brendan,
if I may - this looks like that You don't use a correct installation of the AIX
toolbox.
We are also using it on AIX 7.2 and we don't face those troubles. So the
package is working.
This is how it looks like on our machines - and Yes, we use yum for
installation and ClamAV
it out and the ar to add to lib.a
Wow - later than I thought.
Thanks for your help
Hope we can do more next week
-Brendan
-Original Message-
From: Andrew C Aitchison
Sent: Friday, May 3, 2024 5:00 PM
To: Walsh, Brendan L. (FFD) (CON)
Cc: ClamAV users ML ; Brendan Walsh
Subject
On Fri, 3 May 2024, Brendan Walsh wrote:
IBM has this handy install option called 'install from all
available'. Say if you want to install something like clamav in
/software/clamav. so you call it with that option and it checks the
dependencies and looks thru all the files in the dir
Hello everyone,
I have two different versions of clamav installed on two different OS: Red Hat
9 and Red Hat 7
Red Hat 7 has 0.103.11
Red Hat 9 has 1.0.5
Both are using the same pattern definition files 27260 Mon Apr 29 2024.
They are also using the same main.cvd bytecode.cld and freshclam.dat
Hi - I also meant to ask what you meant about not satisfying the installer - I
thought it said it looked in that lib archive ?
-Original Message-
From: clamav-users On Behalf Of Brendan
Walsh via clamav-users
Sent: Friday, May 3, 2024 2:49 PM
To: Andrew C Aitchison ; Brendan Walsh via
Hi Andrew,
Thanks for responding.
I didn't think to see if dependencies were there - should have known though.
I can grab a couple. I also found the old Clam install dir for clamav-0.102.
tits got some rpms that may be used.
IBM has this handy install option called 'install from all available
nice weekend!
___
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.
On Thu, 2 May 2024, Andrew C Aitchison wrote (but the list bounced):
On Thu, 2 May 2024, Brendan Walsh via clamav-users wrote:
Hi guys,
I have been trying to install the IBM version of ClamAV.0.103.11 which I
downloaded from IBMs open source page :
https://www.ibm.com/support/pages/node
Hi Steve,
Thanks for this however it happens on a lot please see attached .txt file.
Kind regards,
Nathan
From: clamav-users On Behalf Of Steve
Basford via clamav-users
Sent: 30 April 2024 12:50
To: ClamAV users ML
Cc: Steve Basford
Subject: Re: [clamav-users] Failed to open file. ERROR
On 30 April 2024 10:42:39 Nathan Millard via clamav-users
wrote:
Hi, when I am scanning using clamav on windows I am getting lots of errors
staying “Failed to open file. ERROR”
Does anyone know how to solve this? Seems like it would be a permissions
problem?
Hi.
While there is a windows
Hi, when I am scanning using clamav on windows I am getting lots of errors
staying "Failed to open file. ERROR"
[cid:image001.png@01DA9AEA.F7C2BB50]
Does anyone know how to solve this? Seems like it would be a permissions
problem?
Kind regard
"I'm not familiar with KMail."
Kmail is KDE's standard email client/MUA (like e.g., Thunderbird), while
Sendmail is one of the earliest SMTP email servers/MTAs (like e.g., Postfix).
So they are quite different pieces of software.
Paul
P.S. I use ClamAV with Postfix (but not wit
Umbra,
It sounds likeyou may need help with your ClamAV configuration.
Can you provide a copy of your ClamAV configuration?
What specific types of notifications are you looking for?
clamav-milter is made to integrate with Sendmail, not KMail. I'm not familiar
with KMail. I don't know
On 4/29/24 03:14, Marc wrote:
>
>>
>> With the help of John Sullivan and Sérgio M. Basto we have gotten the
>> Fedora ClamAV 1.0.X package in shape to be built for EPEL 7 and 8. We
>> have a COPR available now with builds of 1.0.6 ready for testing here:
>>
&g
On 4/29/24 03:03, Ben Argyle wrote:
> I'd be extremely grateful if you could consider EPEL 9 as well, please!
EPEL 9 already has ClamAV 1.0.5, with 1.0.6 on its way:
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-25c9732d41
> -Original Message-
> From: clamav-users
Huge +1 for EPEL for RHEL 9, please. We use it for mail services, and
having an EPEL package would be *awesome* to me.
--
Thomas
On 4/29/24 04:03, Ben Argyle via clamav-users wrote:
I'd be extremely grateful if you could consider EPEL 9 as well, please!
With thanks,
Ben
-Original
>
> With the help of John Sullivan and Sérgio M. Basto we have gotten the
> Fedora ClamAV 1.0.X package in shape to be built for EPEL 7 and 8. We
> have a COPR available now with builds of 1.0.6 ready for testing here:
>
Hi Orion, I wrote Sergio a few months ago about imple
I'd be extremely grateful if you could consider EPEL 9 as well, please!
With thanks,
Ben
-Original Message-
From: clamav-users On Behalf Of Orion
Poplawski via clamav-users
Sent: 27 April 2024 01:06
To: ClamAV users ML
Cc: Orion Poplawski
Subject: [clamav-users] ClamAV 1.0.X
Good day,
I tried looking for help and am not having success. I would like to properly
configure clamav to monitor entire system and notify about any detections.
Having issue with configuration. At this point, when I scan the eicar.com file
it does not detect it as malicious, but says
With the help of John Sullivan and Sérgio M. Basto we have gotten the
Fedora ClamAV 1.0.X package in shape to be built for EPEL 7 and 8. We
have a COPR available now with builds of 1.0.6 ready for testing here:
https://copr.fedorainfracloud.org/coprs/g/clamav/clamav-1.0/
We will likely push
Hi Richard,
Sorry about the delay on the reply. Retirement of Immunet had no impact on
ClamAV CVD signatures. We still create new detections and publish daily
updates.
Immunet was a sort of testing ground for Cisco Secure Endpoint - specifically
for Windows, but without the enterprise
Read this online at:
https://blog.clamav.net/2024/04/clamav-131-123-106-patch-versions.html
Today, we are publishing the 1.3.1, 1.2.3, and 1.0.6 security patch versions.
The release files for the patch versions are available for download on the
ClamAV downloads page<https://www.clamav.
system.
This email message has been swept for computer viruses.
**
___
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav
On Wed, 10 Apr 2024, Nathan Millard via clamav-users wrote:
If I mapped a network drive to my server running clamav would it be
possible to scan that network drive?
Yes, but ...
So if I map another servers C drive to my clam server could I run a
scan of that mapped c drive using clamav
If I mapped a network drive to my server running clamav would it be possible to
scan that network drive?
So if I map another servers C drive to my clam server could I run a scan of
that mapped c drive using clamav?
-Original Message-
From: clamav-users On Behalf Of Andrew
C
(which I really wish weren't even packaged
there...)
The signature it hit, Win.Virus.Expiro-10026576-0, was added yesterday
in signatures 27238:
https://lists.clamav.net/pipermail/clamav-virusdb/2024-April/008622.html
I expect (and hope) that signature will be removed again shortly.
Historic
There are also reports on Reddit today of ClamAV finding this:
https://www.reddit.com/r/flatpak/comments/1byn8og/clamav_detecting_winvirusexpiro100265760_malware/?rdt=45424
One reply says:
I ran one of the files tagged as a virus by Clamav through VirusTotal.com;
out of 64 anti-virus
On Wed, 3 Apr 2024, Matthew Hibberd via clamav-users wrote:
* I am hosting the ClamAV DB files on S3.
* I have a lambda routinely running as a cron job that downloads the latest
DB files from S3 to a local dir and runs freshclam against said dir as its
database directory
On Fri, 5 Apr 2024, Nathan Millard via clamav-users wrote:
So I have a kali Linux server, could I use that to scan my windows
vms for viruses using this "For Linux etc. you can get a central
machine (either the same server or a different one) to connect to
each client, eg with ssh, and
So I have a kali Linux server, could I use that to scan my windows vms for
viruses using this "For Linux etc. you can get a central machine (either the
same server or a different one) to connect to each client, eg with ssh, and
make it run the above scan?"
Sorry I am quite clamav so
On Fri, 5 Apr 2024, Nathan Millard via clamav-users wrote:
I would like some help setting up clamav to scan remote hosts
from a clamd server is this possible?
Nearly.
In the likely setup,
each client reads the files and sends them to the server for checking.
For Linux etc. you can get
Hi, I hope I am emailing the right address.
I would like some help setting up clamav to scan remote hosts form a clamd
server is this possible?
Kind regards
Nathan
___
Manage your clamav-users mailing list subscription / unsubscribe:
https
* I am hosting the ClamAV DB files on S3.
* I have a lambda routinely running as a cron job that downloads the latest
DB files from S3 to a local dir and runs freshclam against said dir as its
database directory.
* freshclam is correctly identifying the daily.cvd as out of date
ng slash is never part of a directory name (though
it may be part of an "ls -p" output). Thus "^/tmp$" is what you should
use.
Sincerely,
Rainer
_______
Manage your clamav-users mailing list subscription / unsubscribe:
https://list
Hello,
I am running ClamAV on an air-gapped Ubuntu 20.04 LTS machine and I cannot seem
to figure this issue out for the life of me. Currently, I run a full system
virus scan every weekend I end up totally maxing out my logs in var/log/audit.
I have auditd configured for a max of 10 log files
This has been resolved. Thank you
Sent from my iPhone
> On Mar 30, 2024, at 05:43, Andrew C Aitchison wrote:
>
> On Fri, 29 Mar 2024, Jonathan Lee via clamav-users wrote:
>
>>
>> Does anyone know how to fix this issue for version 335?
>>
>> "Th
On Fri, 29 Mar 2024, Jonathan Lee via clamav-users wrote:
Does anyone know how to fix this issue for version 335?
"The database server doesn't have the latest patch for the bytecode database
(version 335). The server will likely have updated if you check again in a few hours.
ynman)
ClamAV update process started at Fri Mar 29 08:05:26 2024”
Jonathan Lee
Adult Student
___
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV
On Mon, 25 Mar 2024, McCarthy, John D. [US-US] via clamav-users wrote:
How does one Obtain ClamAV Linux Anvi-Virus Database File Updates
for Systems not Connected to the internet? All our systems are
air-gapped (not internet connected) so as ClamAV provides Linux
Anvi-Virus Database File
http://database.clamav.net/main.cvd
http://database.clamav.net/daily.cvd
http://database.clamav.net/bytecode.cvd
From: clamav-users On Behalf Of
McCarthy, John D. [US-US] via clamav-users
Sent: Monday, March 25, 2024 1:43 PM
To: clamav-users@lists.clamav.net
Cc: McCarthy, John D. [US-US
How does one Obtain ClamAV Linux Anvi-Virus Database File Updates for Systems
not Connected to the internet? All our systems are air-gapped (not internet
connected) so as ClamAV provides Linux Anvi-Virus Database File Updates for
viruses as they are identified, what link or website can I
* Scott Kitterman via clamav-users:
> Debian 10 still has LTS security support, but that's it. I don't find
> it surprising that it's too old.
I am certainly not surprised, in case you were wondering. What does
surprise me is that some people hold on to old software stacks for a
long time
ficial-CNS-Search-for-open-source
https://open.substack.com/pub/swudususuwu/p/howto-produce-better-virus-scanners
)
_______
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us bu
On March 20, 2024 3:19:33 PM UTC, Ralph Seichter via clamav-users
wrote:
>* Damian via clamav-users:
>
>>> requirements.txt:
>>> requests >= 2.22.0
>>> SQLAlchemy >= 1.4.0
>>
>> Are those requirements sharp? I wonder if Fangfrisch could
* Damian via clamav-users:
>> requirements.txt:
>> requests >= 2.22.0
>> SQLAlchemy >= 1.4.0
>
> Are those requirements sharp? I wonder if Fangfrisch could run on
> older Debian systems with Debian-shipped python packages.
Fangfrisch is available as a Debian pack
ckages.
___
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
10:58 main.cvd
-rw-r--r-- 1 clamupdate clamupdate289733 Mar 18 10:58 bytecode.cvd
```sh
$ clamd --version
ClamAV 1.3.0/27217/Sun Mar 17 17:24:26 2024
$ sigtool -i daily.cvd
File: daily.cvd
Build time: 17 Mar 2024 04:24 -0400
Version: 27217
Signatures: 2055524
Functionality level: 90
Hello,
it "should"?
Sometimes the CDN delivers an older definition as advertised and then you get
cld and not cvd.
Unfortunaly clamav can't do something in this case.
Please read "The Magic behind cvd's, cld's and cdiff's":
https://blog.clamav.net/2021/03/clamav-c
Hello,
Sorry for late reply.
In the Message;
Subject: Re: [clamav-users] 100% CPU usage in clamd
Message-ID :
Date & Time: Fri, 15 Mar 2024 23:55:13 +0900
[TI] == Taizo ITO via clamav-users has written:
TI> Hello,
TI> Thank you for the reply.
TI> Clamd versi
s in parallel
caused almost 300% in CPU workload.
Any help would be appreciated.
Regards,
Taizo
On Fri, Mar 15, 2024 at 7:20 PM Masaru Nomiya via clamav-users
wrote:
>
> Hello,
>
> In the Message;
>
> Subject: [clamav-users] 100% CPU usage in clamd
> Message-ID :
>
Hello,
In the Message;
Subject: [clamav-users] 100% CPU usage in clamd
Message-ID :
Date & Time: Thu, 14 Mar 2024 12:08:39 +0900
[TI] == Taizo ITO via clamav-users has written:
TI> Hello,
TI> We got a high CPU usage problem with the latest signature database
TI
put. How does this
translate to a configuration specification in file "/etc/clamav/clamav.
conf"? Since running "clamscan" on my laptop takes 20+ seconds just to
process the virus database, I'd prefer running "clamdscan", provided it
could also be tricked int
Hello,
We got a high CPU usage problem with the latest signature database
updated by freshclam.
$ sigtool -i /var/lib/clamav/daily.cvd
File: /var/lib/clamav/daily.cvd
Build time: 13 Mar 2024 04:26 -0400
Version: 27213
Signatures: 2054946
Functionality level: 90
Builder: raynman
MD5
always
FOLLOW the mail headers.
Sincerely,
Rainer
___
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
On 8 March 2024 13:20:53 Ralph Seichter via clamav-users
wrote:
I am also happy to report that the new HTTP mirror for SaneSecurity
signature files is chugging along nicely. Over the last days, I have
counted 4672 unique client connections accessing these files, with a
slow but steady
client connections accessing these files, with a
slow but steady increase in numbers according to the logs.
-Ralph
___
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us
According to our Cloudflare log for CF-RAY: 860d52e20d2136c2-YYZ, you're using
wget. I completely missed that from your initial email that you were testing
with wget after the download failure. Sorry about that.
You must use freshclam from a supported version of ClamAV, or else use
___
Thanks,
John
On Thu, Mar 7, 2024 at 3:20 PM Micah Snyder (micasnyd) via clamav-users <
clamav-users@lists.clamav.net> wrote:
> It feels like the proxy may not be forwarding freshclam's HTTP
> User-Agent header. We use that header to block unsupported software (like
> curl
to RHEL 8,
however.
John, if you can get the HTTP "cf-ray" header value from the HTTP 403 response
to the proxy, our Cloudflare admin can look for the firewall event logs in
Cloudflare to confirm the reason for the 403 response.
Regards,
Micah
Micah Snyder (they/them)
ClamAV Develop
Or if your release is no longer supported, I'd like to have it
present you with a list of supported versions and recommend an upgrade.
Regards,
Micah
Micah Snyder (they/them)
ClamAV Development
Talos
Cisco Systems, Inc.
____
From: clamav-users on behalf of
energynor
Looks like you’re trying to connect through a proxy. Not directly. — Sent from my iPhoneOn Mar 7, 2024, at 13:34, John Paul Guay via clamav-users wrote:Hello,We have performed an In-Place upgrade to RHEL 8 on our system that ClamAV resides on and afterwards we are no longer able to download
hu Mar 7 20:12:48 2024 -> Log file size limited to 2097152 bytes.
Thu Mar 7 20:12:48 2024 -> Reading databases from /usr/local/share/clamav
Thu Mar 7 20:12:48 2024 -> Not loading PUA signatures.
Thu Mar 7 20:12:48 2024 -> Bytecode: Security mode set to "TrustSigned".
Thu
2024 -> ERROR: LOCAL: Socket file /var/run/clamav/clamd.ctl
could not be bound: No such file or directory
Thu Mar 7 05:34:48 2024 -> ERROR: Can't unlink the socket file
/var/run/clamav/clamd.ctl
Thu Mar 7 18:15:24 2024 -> ERROR: LOCAL: Could not create socket directory:
/var/r
On 07.03.24 15:29, energynorman--- via clamav-users wrote:
hope all of you are well. I have a more cosmetic question. We used
the last clam versions all above 1.03, but in our eMail report we
still see:
Software version from DNS: 0.103.11
what is this "eMail report"?
On 07.0
Hello,
We have performed an In-Place upgrade to RHEL 8 on our system that ClamAV
resides on and afterwards we are no longer able to download the daily.cvd.
Just a little history. The system is in a lab behind a corporate proxy and
it requires proxy rules to be able to reach database.clamav.net
Thanks for your answer. And, no we do not have any further version
installed. This happens on several systems.
Therefore our question.
Here is our research:
sudo dpkg -l | grep clam
ii clamav 1.3.0-1 amd64 ClamAV open source email, web, and
end-point anti-virus toolkit.
sudo which
On 07.03.24 15:29, energynorman--- via clamav-users wrote:
hope all of you are well. I have a more cosmetic question. We used the
last clam versions all above 1.03, but in our eMail report we still
see:
Software version from DNS: 0.103.11
0.103.11 is the LTS version
Last ClamAV update
Hi clamav community,
hope all of you are well. I have a more cosmetic question. We used the
last clam versions all above 1.03, but in our eMail report we still see:
Software version from DNS: 0.103.11
Last ClamAV update process started at Wed Mar 6 23:48:42 2024
Last Status:
Current
Arnaud Jacques via clamav-users wrote:
Hello Kris,
[...]
> /(n\d+).htmldomstuff;function(\1);/
>
> Do any of Clam's signature types support something like this?
I use :
6e3?3?3?
that matches n000, n003, n024, n781 ...
Right, and I've used that in cases where tracking a p
7.09.81
E-mail : a...@securiteinfo.com
Site web : https://www.securiteinfo.com
Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
Twitter : @SecuriteInfoCom
Writing signatures for ClamAV antivirus since 2006
___
Manage your cla
g some
more complex signature concepts to actually work with either.
-kgd
___
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://gi
Thanks Scott.
Glad to hear that this is under control.
On Thu, 29 Feb 2024, Scott Kitterman via clamav-users wrote:
On February 29, 2024 12:56:47 PM UTC, Andrew C Aitchison via clamav-users
wrote:
I haven't fully understood this yet, but Debian is planning a flag-day
on 29 March to fix
1 - 100 of 5035 matches
Mail list logo