Re: [clamav-users] ClamAV® blog: ClamAV Signature Interface maintenance is now complete! New Main.cvd!

entire database But at 4:17 am, no further log entries. I do see a limited anount of net traffic, in the 20k to 50k a second range that seems to be continuous, so either some one is wgetting my web page (again) or freshclam is still working on it. But if it is, its not logging it. Found i

Re: [clamav-users] New ClamnAV database....test results for Clamwin

V guide: > > https://github.com/vrtadmin/clamav-faq > > > > http://www.clamav.net/contact.html#ml > > ___ > > Help us build a comprehensive ClamAV guide: > > https://github.com/vrtadmin/clamav-faq > > > > http

Re: [clamav-users] clamav-milter reject and quarantine?

thub.com/vrtadmin/clamav-faq > > > > http://www.clamav.net/contact.html#ml > > ___ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml Cheers, Ge

Re: [clamav-users] How can Clam/Cisco be so irresponsibly reckless and nonchalant to Windows users?

On Thursday 18 February 2016 04:06:07 Groach wrote: > Hi Gene, I will clarify my terminology for you, if it helps > > On 18/02/2016 09:48, Gene Heskett wrote: > > I > > > >> Receive notification of someones reply, click REPLY, write > >> answer...SEND. &

Re: [clamav-users] How can Clam/Cisco be so irresponsibly reckless and nonchalant to Windows users?

ou dont have a notification for it in the first place. > (Maybe you were not subscribed at the time or you have since deleted > email notifications). That could happen, but if the expire time set for that folder is a month or more, that rarely happens. > > Cheers. > > On 18/02/201

Re: [clamav-users] How can Clam/Cisco be so irresponsibly reckless and nonchalant to Windows users?

groups should be terminated, with prejudice. Does your ISP provide an email server? Most do. I can help you get setup, but not on this list, its off-topic. > On 17/02/2016 20:48, Joel Esler wrote: > > On 2/17/16 1:34 PM, Gene Heskett wrote: > >> On Wednesday 17 February 2016 1

Re: [clamav-users] How can Clam/Cisco be so irresponsibly reckless and nonchalant to Windows users?

On Wednesday 17 February 2016 14:12:54 Groach wrote: > On 17/02/2016 19:34, Gene Heskett wrote: > > On Wednesday 17 February 2016 12:01:11 Noel Jones wrote: > >> On 2/17/2016 10:40 AM, Joel Esler (jesler) wrote: > >>> Okay, so this is a lon

Re: [clamav-users] How can Clam/Cisco be so irresponsibly reckless and nonchalant to Windows users?

lack of quoting it's impossible to tell which > parts are yours. > > > -- Noel Jones That is also one of my pet peeves Joel. PLEASE fix your quoting so the rest of us CAN track who wrote what. Cheers, Gene Heskett -- "There are four boxes to be used in defense of lib

Re: [clamav-users] making clamdscan noisier when it has found something

nd any Reply-to: lines in the email it sends me. All I have to do is find my missing round tuit. And I am in the early stages of something else I need to get done while I still can get it done, the years (81) are catching up to my body and beginning to limit what I can do physic

[clamav-users] making clamdscan noisier when it has found something

21359/Fri Feb 12 08:36:44 2016 in use on debian wheezy. Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Genes Web page <http://geneslinuxbox.net:6309/gene> ___

Re: [clamav-users] Clamd vs clamscan

On Wednesday 10 February 2016 10:22:44 Kris Deugau wrote: > Gene Heskett wrote: > > But, I do wish that clamd would send me a substitute email advising > > that it has stashed a suspect incoming email into the > > mailfile /var/spool/mail/virii. I try to look that file o

Re: [clamav-users] Clamd vs clamscan

FP rate in excess of 90%! That is so high that I am expunging the clamd recipe from my .procmailrc as the next thing I do. Only two files containing .zip's, were real suspects, and I do have a delete button. Also on my wishlist is a clamscan recipe that only sends me an email IF it fin

[clamav-users] Still getting this:

browser cache, I am just nuking them. Debian wheezy here, up to date as of about 2 hours ago. Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Genes Web

Re: [clamav-users] Swf.Exploit.CVE_2015_5548 giving FP's

.Exploit.CVE_2015_5548 In the mozilla and chrome caches, I just nuked the lot of them. Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author

Re: [clamav-users] "Starting tor daemon" is the last thing I see during shutdown

On Sunday 25 October 2015 15:09:41 ame...@amenex.com wrote: > Previously I wrote: > > ... The second-to-last thing the system does is upgrade my ClamAV > > database by running freeclam. Then it says, "Starting tor daemon." > > In response to my concern, Gene Hesk

Re: [clamav-users] "Starting tor daemon" is the last thing I see during shutdown

Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in t

Re: [clamav-users] Interesting report from clamscan after adding new database

On Thursday 15 October 2015 12:19:19 Peter Bonivart wrote: > On Thu, Oct 15, 2015 at 5:55 PM, Gene Heskett wrote: > >> http://sanesecurity.co.uk/foxhole-databases/ > > > > Unfortunatly, nothing seems to be linked, the only thing I can save > > is the web page i

Re: [clamav-users] Interesting report from clamscan after adding new database

lso an old (81 yo) long retired pensioner, so I can't afford to donate at the requested level. Are my browsers broken or is this policy, taking a donation to gain access? I'm not unhappy if the latter is the case, I long ago learned about TANSTAAFL. ;-) Cheers, Gene Heskett -- &q

Re: [clamav-users] Interesting report from clamscan after adding new database

On Thursday 15 October 2015 11:15:54 Benny Pedersen wrote: > On October 15, 2015 5:04:36 PM Gene Heskett wrote: > > So they will be gone from tomoorows scan report. > > no backup ? Amanda will have them yet for about 29 more days. But they are very very old, with lots newer v

Re: [clamav-users] Interesting report from clamscan after adding new database

On Thursday 15 October 2015 11:15:54 Benny Pedersen wrote: > On October 15, 2015 5:04:36 PM Gene Heskett wrote: > > So they will be gone from tomoorows scan report. > > no backup ? > > > Clamav user list, comments please? > > foxhole is 0day signatures, so y

[clamav-users] Fwd: Cron /usr/bin/clamscan -i -r /home/gene --exclude-dir=/home/gene/.clamtk/viruses --exclude-dir=/home/gene/src --log=$HOME/.clamtk/history/$(date +%b-%d-%Y).log 2>/dev

les: 79 Total errors: 1 Data scanned: 24561.27 MB Data read: 62954.62 MB (ratio 0.39:1) Time: 7420.027 sec (123 m 40 s) --- Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please

[clamav-users] Interesting report from clamscan after adding new database

and I had to give him the username & pw to get past the guard dogs in dd-wrt. The other 3 could be done away with as everyone is using newer versions of dw by now. So they will be gone from tomoorows scan report. Clamav user list, comments please? Cheers, Gene Heskett -- "There are fo

Re: [clamav-users] Trouble with foxhole

prehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > > ___ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/cl

[clamav-users] Making sense of the clamscan reports

line email, which does NOT contain a single error. If its an error to the short summary, why the heck does it not elaborate & give one a chance to see what triggered the error? Something's aglay, can anyone comment? Thanks. Cheers, Gene Heskett -- "There are four boxes

Re: [clamav-users] Freshclam problem

if you use a real browser, like firefox for PC, you will see my > certificate have green bar, with no warning. Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Genes Web page

Re: [clamav-users] [Fwd: [sanesecurity] Hacking Team detection]

On Monday 10 August 2015 09:12:09 Bowie Bailey wrote: > On 8/7/2015 6:30 PM, Gene Heskett wrote: > > On Friday 07 August 2015 16:58:09 Al Varnell wrote: > >> Gene, > >> > >> It’s on the sanesecurity.net mirror sites, not the ones clamav.net > >> pro

Re: [clamav-users] [Fwd: [sanesecurity] Hacking Team detection]

On Friday 07 August 2015 22:08:10 Scott Kitterman wrote: > On August 7, 2015 9:17:44 PM EDT, Gene Heskett wrote: > >On Friday 07 August 2015 18:34:30 Scott Kitterman wrote: > >> On August 7, 2015 6:30:42 PM EDT, Gene Heskett > > > >wrote: > >> >On

Re: [clamav-users] [Fwd: [sanesecurity] Hacking Team detection]

On Friday 07 August 2015 18:34:30 Scott Kitterman wrote: > On August 7, 2015 6:30:42 PM EDT, Gene Heskett wrote: > >On Friday 07 August 2015 16:58:09 Al Varnell wrote: > >> Gene, > >> > >> It’s on the sanesecurity.net mirror sites, not the ones clamav.net >

Re: [clamav-users] [Fwd: [sanesecurity] Hacking Team detection]

ird party sigs that aren’t distributed by ClamAV. freshclam > isn’t ever going to find them. > > -Al- > > On Fri, Aug 07, 2015 at 09:25 AM, Gene Heskett wrote: > > It may be that it has not made it to the u.s. mirrors yet. Or that > &

Re: [clamav-users] [Fwd: [sanesecurity] Hacking Team detection]

On Friday 07 August 2015 12:34:54 Jim Popovitch wrote: > clamscan --database=/tmp/hackingteam.hsb -ri / Chuckle, and will, on this system, take a loooggg time. :) Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Pl

Re: [clamav-users] [Fwd: [sanesecurity] Hacking Team detection]

On Friday 07 August 2015 09:48:37 Bowie Bailey wrote: > On 8/7/2015 9:20 AM, Gene Heskett wrote: > > On Friday 07 August 2015 04:46:31 Steve Basford wrote: > >> Just in case it's useful... > >> > >> Original Message

Re: [clamav-users] [Fwd: [sanesecurity] Hacking Team detection]

its been Just Working(TM) for a year or more, a pointer to a URL showing how to incorporate this into the working configs we have would be appropriate. Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order.&qu

Re: [clamav-users] Freshclam Question

On Wednesday 01 July 2015 05:27:33 Gene Heskett wrote: > On Wednesday 01 July 2015 04:22:29 Al Varnell wrote: > > The default in the source code is 12 times a day. > > > > > # Number of database checks per day. > > > # Default: 12 (every two hours) > > >

Re: [clamav-users] Freshclam Question

it must be sleeping pretty soundly. I'll see what hapopens when it next wakes up a few seconds after 6am local. > On Wed, Jul 01, 2015 at 01:09 AM, Matus UHLAR - fantomas wrote: > > On 30.06.15 09:26, Gene Heskett wrote: > >> While personally investigating it here, I came to

Re: [clamav-users] Freshclam Question

On Wednesday 01 July 2015 04:09:28 Matus UHLAR - fantomas wrote: > On 30.06.15 09:26, Gene Heskett wrote: > >While personally investigating it here, I came to > > /etc/freshclam.conf, and discovered it was checking hourly. IMO that > > is really severe abuse of a free service,

Re: [clamav-users] Freshclam Question

On Tuesday 30 June 2015 11:57:50 Gene Heskett wrote: > On Tuesday 30 June 2015 11:10:49 Benny Pedersen wrote: > > Gene Heskett skrev den 2015-06-30 15:26: > > > Do I need to restart freshclam, or whatever to bring that > > > setting in? > > > > imho it

Re: [clamav-users] Freshclam Question

On Tuesday 30 June 2015 11:10:49 Benny Pedersen wrote: > Gene Heskett skrev den 2015-06-30 15:26: > > Do I need to restart freshclam, or whatever to bring that > > setting in? > > imho its just so 2x each day you check dns for updatees, http servers > is only abused if

Re: [clamav-users] Freshclam Question

e team I think to answer. While personally investigating it here, I came to /etc/freshclam.conf, and discovered it was checking hourly. IMO that is really severe abuse of a free service, so I reset it to 12x daily and may even set it down to 2x a day. Do I need to restart freshclam, or whatever to brin

Re: [clamav-users] Using clamscan with multiple cores

On Tuesday 23 June 2015 13:24:11 MarkusGMX wrote: > Am 23/06/15 um 14:10 schrieb Gene Heskett: > > On Monday 22 June 2015 19:01:34 Dennis Peterson wrote: > >> And be careful if using the -l option of clamscan. > > > > And what might that result in? > > >

Re: [clamav-users] Using clamscan with multiple cores

gt; > the xargs man page might help. > > > > > > > > ___ > > Help us build a comprehensive ClamAV guide: > > https://github.com/vrtadmin/clamav-faq > > > > http://www.clamav.net/contact.html#ml > > _

Re: [clamav-users] fmap errors

t; > > TIA > > > > Sincerely, > > Bruce Hyatt > > _______ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml Cheers, Gene

Re: [clamav-users] adding a new scan target to the daily

On Friday 29 May 2015 11:56:35 Gene Heskett wrote: > Greetings; > > All this talk about this HTML exploit makes me want to add my own "on > this machine" web pages to the list of targets to scan. Since they > are scattered far and wide in the /opt tree, but most are links

[clamav-users] adding a new scan target to the daily

follow the links? Its been so long since I setup the original scan jobs I'll have to find those scripts again. That is one of the signs of old age they tell me, but I'm only 80. ;-) Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury

Re: [clamav-users] PCI DSS - Configuring ClamAv Logs to be Retained for 12 Months

record that can itself be reprinted, of the last 25 such items I printed. > If anyone has configured these settings before, it would be a big > help. > > Thanks > > Dale Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and

Re: [clamav-users] daily.cvd out of date?

refreshed. Any SWAG's? Thanks Al. > -Al— > > On Mon, Mar 16, 2015 at 08:16AM, Gene Heskett wrote: > > On Monday 16 March 2015 09:14:36 Joel Esler (jesler) wrote: > >> David, > >> > >> I forwarded this on to the ops team for a look. > > > > I c

Re: [clamav-users] daily.cvd out of date?

the server, so that extra Pragma header should force > the proxy to re-download it instead of feeding out of cache. If the > file ends up with a newer date, then that confirms there's a proxy in > between (and as a side effect should have replaced the stale cached > entry - so freshclam w

Re: [clamav-users] ClamAV® blog: ClamAV 0.98.5 has been released!

de: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Genes Web page <http://

Re: [clamav-users] Why are the ClamAV team so slow at creating signatures ?

Perhaps you should consider submitted them in a compressed file format that is NOT proprietary to apple and which carries a per seat license fee? Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Ho

Re: [clamav-users] Bugzilla setup, was: Re: ARM Cross Compile

Regards, Bernd Its the same for me, in a bright red banner.> > ___ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml Cheers, Gene Heskett -- "There are four boxes to be used i

Re: [clamav-users] Warning in ClamAV update process

On Saturday 13 September 2014 12:14:33 Scott Kitterman did opine And Gene did reply: > On Saturday, September 13, 2014 12:07:46 Gene Heskett wrote: > > And then even more time to convince TPTB in charge of the major > > distributions, that the upgrade needs to find its way into thei

Re: [clamav-users] Warning in ClamAV update process

users, see right up front, and when not fixed in the open source fashion of perhaps an hour or so, makes the user, particularly the newbie understandably a bit wary. Thank you Joel, for taking the time to respond in some detail, its appreciated by quite a few here I'd imagine. [...] Che

Re: [clamav-users] Warning in ClamAV update process

On Thursday 11 September 2014 16:25:27 Joel Esler (jesler) did opine And Gene did reply: > On Sep 11, 2014, at 7:15 AM, Gene Heskett > mailto:ghesk...@wdtv.com>> wrote: > > On Thursday 11 September 2014 05:10:52 Tommy Berglund did opine > And Gene did reply: > Den 2014

Re: [clamav-users] Warning in ClamAV update process

ment does not seem to be on the same page as its users have been for years. Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Genes Web page <http

Re: [clamav-users] False positive for sure

Basford < > > steveb_cla...@sanesecurity.com> wrote: > > On Wed, September 3, 2014 12:54 pm, Gene Heskett wrote: > > >> â€‌—detect-puaâ€‌ switch for clamscan or disable it in the > > >> clamd.conf file. > > > > > > Which one?, I have 3

Re: [clamav-users] False positive for sure

On Wednesday 03 September 2014 07:41:36 Steve Basford did opine And Gene did reply: > On Wed, September 3, 2014 12:38 pm, Gene Heskett wrote: > > So as its been yonks since I setup the daily machine scan, where do I > > turn off this particular PUA feature? > > ”—detect-pua

Re: [clamav-users] False positive for sure

On Wednesday 03 September 2014 07:01:00 Steve Basford did opine And Gene did reply: > On Wed, September 3, 2014 11:56 am, Gene Heskett wrote: > > Ok, I'll byte, whats a PUA? > > Here's a good description... > > Q. What is a Potentially Unwanted Application (PUA)? &

Re: [clamav-users] False positive for sure

gt; should be ignored. > > >> On Sep 3, 2014, at 6:40, "Gene Heskett" wrote: > >> This report from last nights clamscan is absolutely a false > >> positive: > >> /home/gene/Downloads/Download/DriveWire4_linux_i386.tar.gz: > >> PUA.Misc.Double

Re: [clamav-users] False positive for sure

On Wednesday 03 September 2014 06:51:45 Joel Esler (jesler) did opine And Gene did reply: > That's a PUA alert. That's not on by default. Ok, I'll byte, whats a PUA? > > -- > Joel Esler > Sent from my iPhone > > > On Sep 3, 2014, at 6:40, &q

[clamav-users] False positive for sure

Greetings; This report from last nights clamscan is absolutely a false positive: /home/gene/Downloads/Download/DriveWire4_linux_i386.tar.gz: PUA.Misc.DoubleExtension-zippwd-3 FOUND Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and

Re: [clamav-users] PLEASE REMOVE

s] PLEASE REMOVE > > > On Sep 2, 2014, at 4:22 PM, YSPSC IT wrote: > > > > From this mailing list… > > Do it yourself at > <http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users>. > > > -Al- Cheers, Gene Heskett -- "There are four b

[clamav-users] New virus warning on a 2 year old file

: 9855.813 sec (164 m 15 s) Methinks this is an FP. Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Genes Web page <http://geneslinuxbox.net:6309/gene> US V Castle

Re: [clamav-users] reported before, makes no sense

urrent FP report addresses: > > http://sanesecurity.com/support/false-positives/ Thanks for the link. > Hope this helps a little... I suspect a lot, thank you, Steve. > > Cheers, > > Steve > Sanesecurity Cheers, Gene Heskett -- "There are four boxes to be used

Re: [clamav-users] reported before, makes no sense

On Friday 16 May 2014 02:36:28 Greg Folkert did opine And Gene did reply: > On Fri, 2014-05-16 at 02:03 -0400, Gene Heskett wrote: > > On Friday 16 May 2014 00:59:44 Al Varnell did opine > > > > And Gene did reply: > > > UNOFFICIAL means it did not come from Clam

Re: [clamav-users] reported before, makes no sense

; Data scanned: 16897.31 MB > > Data read: 30006.48 MB (ratio 0.56:1) > > Time: 9936.535 sec (165 m 36 s) > > > > Can we please get this FP removed? > > ___ > Help us build a comprehensive ClamAV guide: > https://github.

[clamav-users] reported before, makes no sense

files: 2 Total errors: 1 Data scanned: 16897.31 MB Data read: 30006.48 MB (ratio 0.56:1) Time: 9936.535 sec (165 m 36 s) Can we please get this FP removed? Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order.

Re: [clamav-users] clamav stops boot

On Friday 02 May 2014 12:04:25 Alain Zidouemba did opine: > The ClamAV engine won't update itself automatically. You will have to > manually perform that operation. The latest version of ClamAV (version > 0.98.1) can be downloaded here: > http://www.clamav.net/lang/en/download/sources/ > > - Alai

Re: [clamav-users] rkhunter : hopefully a false-positive

On Wednesday 09 April 2014 06:01:05 Al Varnell did opine: > On Wed, Apr 09, 2014 at 02:16 AM, ellanios82 wrote: > > Hello List > > > > - today, clamscan advises that rkhunter is infected : > > > > - run on openSuSE 13.01 : rkhunter-1.4.0-8.1.2.x86_64 > > > > file permissions : > > > > -rw-

Re: [clamav-users] rkhunter : hopefully a false-positive

On Wednesday 09 April 2014 06:12:25 Wijatmoko U. Prayitno did opine: > Submit the false positive file here > http://www.clamav.net/sendvirus/submit-fp/ > I just did, and was told to please submit in zip format. Seems rather strange that a site should demand some winderz format from its linux use

Re: [clamav-users] rkhunter : hopefully a false-positive

On Wednesday 09 April 2014 06:10:20 Al Varnell did opine: > On Wed, Apr 09, 2014 at 02:16 AM, ellanios82 wrote: > > Hello List > > > > - today, clamscan advises that rkhunter is infected : > > > > - run on openSuSE 13.01 : rkhunter-1.4.0-8.1.2.x86_64 > > > > file permissions : > > > > -rw-

Re: [clamav-users] FP: CloudCompare-2.5.0.dmg

On Tuesday 08 April 2014 21:36:21 Gene Heskett did opine: > On Tuesday 08 April 2014 21:08:34 Al Varnell did opine: > > A ClamXav user contacted me today that the software he developed, > > packaged and posted as a .dmg image file had been falsely identified > > as Osx.Trojan

Re: [clamav-users] FP: CloudCompare-2.5.0.dmg

On Tuesday 08 April 2014 21:08:34 Al Varnell did opine: > A ClamXav user contacted me today that the software he developed, > packaged and posted as a .dmg image file had been falsely identified as > Osx.Trojan.Genieo. I believe he had already submitted it to you a few > days ago, but I took the t

Re: [clamav-users] An FP?

On Thursday 06 February 2014 07:07:09 Steve Basford did opine: > > Now, since the real thing is considered a high level threat to a win32 > > system, perhaps the thing to do is edit the .'s to DOT's, make a patch > > and submit it to lkml? I might see if its accepted. > > Sorry, forgot to add th

Re: [clamav-users] An FP?

On Thursday 06 February 2014 06:50:55 Ralf Hildebrandt did opine: > * Gene Heskett : > > > It's an UNOFFICIAL pattern, not a core clamav pattern > > > > Still, is it not un-needed noise? > > It's obviously a FP, but calling it un-needed noise is a bi

Re: [clamav-users] An FP?

On Thursday 06 February 2014 06:31:40 Steve Basford did opine: > > The daily system scan is fussing about > > /home/gene/src/linux-3.8.2/Documentation/usb/gadget_multi.txt: > > MBL_400944.UNOFFICIAL FOUND > > Hi, > > Just seen your post on LKML, so before this get's any more out of hand > than i

Re: [clamav-users] An FP?

On Wednesday 05 February 2014 16:02:03 Greg Folkert did opine: > On Wed, 2014-02-05 at 15:17 -0500, Gene Heskett wrote: > > On Wednesday 05 February 2014 15:15:07 Alan Stern did opine: > > > On Wed, 5 Feb 2014, Gene Heskett wrote: > > > > Greetings; > > &

Re: [clamav-users] An FP?

On Wednesday 05 February 2014 15:17:53 Greg Folkert did opine: > On Wed, 2014-02-05 at 12:54 -0500, Gene Heskett wrote: > > On Wednesday 05 February 2014 12:53:15 Ralf Hildebrandt did opine: > > > * Gene Heskett : > > > > Greetings; > > > > >

Re: [clamav-users] An FP?

On Wednesday 05 February 2014 15:15:07 Alan Stern did opine: > On Wed, 5 Feb 2014, Gene Heskett wrote: > > Greetings; > > > > The daily system scan is fussing about > > /home/gene/src/linux-3.8.2/Documentation/usb/gadget_multi.txt: > > MBL_400944.UNOFFICIAL FOUN

Re: [clamav-users] An FP?

On Wednesday 05 February 2014 12:53:15 Ralf Hildebrandt did opine: > * Gene Heskett : > > Greetings; > > > > The daily system scan is fussing about > > /home/gene/src/linux-3.8.2/Documentation/usb/gadget_multi.txt: > > MBL_400944.UNOFFICIAL FOUND > > /home/

[clamav-users] An FP?

Greetings; The daily system scan is fussing about /home/gene/src/linux-3.8.2/Documentation/usb/gadget_multi.txt: MBL_400944.UNOFFICIAL FOUND /home/gene/src/linux-3.12.6/Documentation/usb/gadget_multi.txt: MBL_400944.UNOFFICIAL FOUND /home/gene/src/linux-3.8.3/Documentation/usb/gadget_multi.txt:

Re: [clamav-users] request for feature

On Monday 03 February 2014 21:30:38 Kris Deugau did opine: > Gene Heskett wrote: > > On Sunday 02 February 2014 09:12:36 G.W. Haywood did opine: > >> You might be. IF I understand what you're doing, it seems to me that > >> you're piping a stream of data t

Re: [clamav-users] request for feature

On Monday 03 February 2014 13:12:45 Gene Heskett did opine: > On Sunday 02 February 2014 09:48:26 Joel Esler (jesler) did opine: > > Because these are two separate systems. In two different parts of the > > network. We haven't consolidated everything that we took over when &

Re: [clamav-users] request for feature

On Sunday 02 February 2014 09:48:26 Joel Esler (jesler) did opine: > Because these are two separate systems. In two different parts of the > network. We haven't consolidated everything that we took over when the > original clam team left yet. > > > -- > Joel Esler I should add, that when I st

Re: [clamav-users] request for feature

t; Sent from my iPhone I see Joel. Is this something thats sort of in the "inbox"? Or has it not been discussed? > > On Jan 31, 2014, at 14:59, "Gene Heskett" wrote: > > > > On Friday 31 January 2014 14:55:39 Shawn Webb did opine: > >> Hey G

Re: [clamav-users] request for feature

On Sunday 02 February 2014 09:12:36 G.W. Haywood did opine: > Hi there, > > On Sun, 2 Feb 2014, Gene Heskett wrote: > > I have trolled thru the man pages at length, and can find no option to > > make it just a little more verbose by outputting something that would >

Re: [clamav-users] request for feature

little mind I have left. > On Fri, Jan 31, 2014 at 2:23 PM, Gene Heskett wrote: > > Greetings; > > > > I have trolled thru the man pages at length, and can find no option to > > make it just a little more verbose by outputting something that would > > serve to i

[clamav-users] request for feature

Greetings; I have trolled thru the man pages at length, and can find no option to make it just a little more verbose by outputting something that would serve to identify the originator of a compromised email. What we do get, is hard to impossible to actually connect to a given email currently

Re: [clamav-users] 2 more with regard to using procmail to launch clamdscan

On Thursday 30 January 2014 14:43:32 Charles Swiger did opine: > Hi-- > > On Jan 30, 2014, at 9:31 AM, Gene Heskett wrote: > > Is stuff like this in the clamav man pages? I haven't found it if it > > is, hence the question. > > No. ClamAV documents what it

[clamav-users] 2 more with regard to using procmail to launch clamdscan

Greetings; Despite the procmail log showing that viri are being identified, the macro to store it in $VIRIBOX=/var/spool/mail/virii Is being ignored, hence procmail recovers and sends it on to /var/spool/mail/gene. Procmailrc has had a DROPPRIVS directive set for years, but what is not clear

Re: [clamav-users] One last Q (I hope)

On Wednesday 29 January 2014 12:04:36 David Raynor did opine: > On Tue, Jan 28, 2014 at 7:22 PM, Gene Heskett wrote: > > Greetings all; > > > > Can I use more than 1 --exclude= directive in the crontab entry that > > runs clamdscan? > > > > I am getting q

Re: [clamav-users] One last Q (I hope) And an FP report

On Wednesday 29 January 2014 07:35:24 Wijatmoko U. Prayitno did opine: > On Wed, 29 Jan 2014 06:29:37 -0500 > > Gene Heskett wrote: > > I would also like to report what seems to be an FP. The current > > database seems to think that in any kernel src tree existing on my

Re: [clamav-users] One last Q (I hope) And an FP report

On Wednesday 29 January 2014 06:18:21 G.W. Haywood did opine: > Hi there, > > On Wed, 29 Jan 2014, Gene Heskett wrote: > > Re: One last Q (I hope) > > > Can I use more than 1 --exclude= directive in the crontab entry that > > runs clamdscan? > &g

[clamav-users] One last Q (I hope)

Greetings all; Can I use more than 1 --exclude= directive in the crontab entry that runs clamdscan? I am getting quite verbose emails that start out with identifying all the reference files it uses. Must be nearly 70 lines of that. Too much noise is counterproductive, one tends to turn off t

Re: [clamav-users] Is there any chance of the 97.8 version as shipped by ubuntu 10.04.4 LTS, working?

On Monday 27 January 2014 14:22:15 David Raynor did opine: > On Mon, Jan 27, 2014 at 10:14 AM, Gene Heskett wrote: > > On Monday 27 January 2014 09:54:13 Gene Heskett did opine: > > > On Monday 27 January 2014 08:29:48 Greg Folkert did opine: > > > > On Mon, 2

Re: [clamav-users] Is there any chance of the 97.8 version as shipped by ubuntu 10.04.4 LTS, working?

On Monday 27 January 2014 09:54:13 Gene Heskett did opine: > On Monday 27 January 2014 08:29:48 Greg Folkert did opine: > > On Mon, 2014-01-27 at 07:16 -0500, Gene Heskett wrote: > > > Greetings all; > > > > > > Been on this list for quite a while, and did us

Re: [clamav-users] Is there any chance of the 97.8 version as shipped by ubuntu 10.04.4 LTS, working?

On Monday 27 January 2014 08:29:48 Greg Folkert did opine: > On Mon, 2014-01-27 at 07:16 -0500, Gene Heskett wrote: > > Greetings all; > > > > Been on this list for quite a while, and did use it for a year or 3 > > but I had removed clamav in its entirety

Re: [clamav-users] Is there any chance of the 97.8 version as shipped by ubuntu 10.04.4 LTS, working?

On Monday 27 January 2014 08:23:10 Simon Hobson did opine: > Gene Heskett wrote: > > So, is there any hope of making it work again using what the repo's > > for ubuntu 10.04.4 LTS will put back in (version 97.8) using > > synaptic? Or has the data format changed so mu

[clamav-users] Is there any chance of the 97.8 version as shipped by ubuntu 10.04.4 LTS, working?

Greetings all; Been on this list for quite a while, and did use it for a year or 3 but I had removed clamav in its entirety when a long spell of broken freshclam was spamming my logs, and clamscan itself was also generating failure msgs for every msg that procmail had it check. So, is there an

Re: [clamav-users] Suggestion box

On Tuesday 24 September 2013 15:28:40 Al Varnell did opine: > On Sep 24, 2013, at 12:06 PM, Gene Heskett wrote: > > On Tuesday 24 September 2013 14:58:21 Al Varnell did opine: > >> I'm not clear on what you mean by "stuff for signature generation". > >>

Re: [clamav-users] Suggestion box

On Tuesday 24 September 2013 14:58:21 Al Varnell did opine: > I'm not clear on what you mean by "stuff for signature generation". If > you are talking about malware samples, then the approved method of > submission is via the Submit a file page > . I was not aw

[clamav-users] Suggestion box

The current problem in submitting stuff for signature generation, and having the attachment stripped by the server is doing neither side in this spam battle any favors. Folks try to submit, it gets stripped 2 maybe 3 times, they give up and you, unless you are quietly keeping those strippings,

<    1   2   3   >