Re: [clamav-users] VirusDB Updates Broken?

Jun 26, 2018 at 05:40 PM, Joel Esler (jesler) wrote: I just purged db.us<http://db.us/>’s cache. Can you try? Sent from my iPhone On Jun 26, 2018, at 20:24, Paul Kosinski mailto:clamav-us...@iment.com>> wrote: Joel, Sorry to have been somewhat cryptic: I assumed the context of the

Re: [clamav-users] VirusDB Updates Broken?

"not synchronized". > > The result of all this confusion is that the last time I got a > daily.cvd via freshclam was before CloudFlare: > > Monday 25 June 2018 at 09:06:26 > Database updated (6556585 signatures) from db.us.clamav.net (IP: > 200.236.31.1) > >

[clamav-users] Mirror Load + ClamAV Updates

are seeking feedback about the stability of this, or if any updates are failing. (I have seen the thread that is currently on-going). If you having problems downloading from the ClamAV mirror infrastructure, please delete your mirrors.dat file and start over. -- Joel Esler Sr. Manager Open Source

Re: [clamav-users] VirusDB Updates Broken?

>> >> On Tue, Jun 26, 2018, at 06:41, Robin Bourne wrote: >>> Joel, >>> >>> I'm now getting "WARNING: Mirror 104.16.188.138 is not >>> synchronized." when using the CDN. Could it be related to the >>> changes made to fix

Re: [clamav-users] VirusDB Updates Broken?

Al, Thanks. We are aware. Looking into it. Sent from my iPhone > On Jun 24, 2018, at 23:12, Al Varnell wrote: > > Yes, but all but one was empty. > > Sent from my iPad > > -Al- > >> On Jun 24, 2018, at 19:42, Paul Kosinski wrote: >> >> I've gotten several daily.cvd updates in that

Re: [clamav-users] clamav list spf problem

> On Jun 21, 2018, at 3:54 AM, Tilman Schmidt wrote: > >> Am 20.06.2018 um 19:14 schrieb Andrew McGlashan: >> >> This is an opportunity to fix things, such an opportunity should not >> lost, especially if it helps more people to understand the problems with >> having too liberal SPF rules

Re: [clamav-users] Server inside DMZ - No internet access - Howto update definitions

Plus the diff files, if you are using freshclam. We much prefer that you download using freshclam, so that diff Cvds are available. Saves on bandwidth. Sent from my iPhone On Jun 19, 2018, at 07:45, SCOTT PACKARD wrote: >> Is there a way that I can copy the files from another server

Re: [clamav-users] Mirrors not responding?

Oh sorry, dB.gb. Very interesting. Thank you for the follow up Sent from my iPhone > On May 20, 2018, at 11:06, Joel Esler (jesler) <jes...@cisco.com> wrote: > > What zone? > > Sent from my iPhone > >> On May 20, 2018, at 08:34, Brian Morrison <b...@fenrir

Re: [clamav-users] Mirrors not responding?

What zone? Sent from my iPhone > On May 20, 2018, at 08:34, Brian Morrison <b...@fenrir.org.uk> wrote: > > On Sat, 19 May 2018 12:23:29 +0000 > "Joel Esler (jesler)" <jes...@cisco.com> wrote: > >> Try removing your mirrors.dat. > > Fix

Re: [clamav-users] DNS entry of db.jp.clamav.net disappeared?

Sorry for my lack of response. We went to fix it, and I didn’t acknowledge your email. Sent from my iPhone > On May 20, 2018, at 03:06, Yasuhiro KIMURA wrote: > > From: Al Varnell > Subject: Re: [clamav-users] DNS entry of db.jp.clamav.net disappeared?

[clamav-users] Db.cn was moved to CDN last night, and more CDN stuff

We are letting the traffic settle back down after the transfer of dB.cn. What we have discovered are there a ton of ClamAV installations that have not been able to update in a long time or are pointed at a dead mirror in the zone. When we transfer a zone to Cloudflare, (our CDN provider,

Re: [clamav-users] Mirrors not responding?

Try removing your mirrors.dat. Sent from my iPhone > On May 19, 2018, at 05:45, Brian Morrison <b...@fenrir.org.uk> wrote: > > On Fri, 18 May 2018 15:18:06 +0000 > "Joel Esler (jesler)" <jes...@cisco.com> wrote: > >> db.gb was overlooked in

Re: [clamav-users] Attachments

This should be fixed. On May 15, 2018, at 8:13 AM, Groach via clamav-users > wrote: From: Groach > Subject: Re: [clamav-users] Attachments Date:

Re: [clamav-users] Test Message

Date: Friday, May 18, 2018 at 3:04 PM > To: ClamAV users ML <clamav-users@lists.clamav.net> > Subject: Re: [clamav-users] Test Message > >Test 2 worked for me. > >From: clamav-users <clamav-users-boun...@lists.clamav.net> on behalf of > "Joel Esler (jes

Re: [clamav-users] Test Message

ailed information for our analysts and technicians. -Original Message- From: clamav-users <clamav-users-boun...@lists.clamav.net<mailto:clamav-users-boun...@lists.clamav.net>> on behalf of "Joel Esler (jesler) via clamav-users" <clamav-users@lists.clamav.net<m

[clamav-users] Test Message

--- Begin Message --- I made some alterations to this clamav-users list. Hopefully that stops the errors that people seem to be having? -- Joel Esler Sr. Manager Open Source, Design, Web, and Education Talos Group http://www.talosintelligence.com --- End Message

Re: [clamav-users] Mirrors not responding?

--- Begin Message --- db.gb was overlooked in the move of db.uk to our CDN for freshclam. We just moved db.gb over to our CDN. Problem should clear itself up shortly. On May 18, 2018, at 10:45 AM, Brian Morrison via clamav-users

Re: [clamav-users] clamsubmit error code 500

--- Begin Message --- One of the backend systems that handles the submissions was on the fritz. I kicked it. Should be okay now. -- Joel Esler Sr. Manager Open Source, Design, Web, and Education Talos Group http://www.talosintelligence.com On May 15, 2018, at 10:16 AM, Arnaud Jacques via

Re: [clamav-users] clamsubmit error

--- Begin Message --- We may be able to provide you a better way to do this, if you have a massive amount? > On May 11, 2018, at 9:20 AM, Arnaud Jacques > wrote: > > Hello Jesler, > > >> Is that you sending us all those submissions?! Fantastic amount! > > Yes

Re: [clamav-users] how long i will get up-to-date AV signatures for version 0.99.2

0.99.2 is still supported, and will remain supported officially until we ship 0.101.0, according to our EOL guidelines. But I will also tell you that we keep testing older versions for awhile, right up until they break. I think we test as far back as 0.97ish, I'd have to check to be sure.

Re: [clamav-users] clamsubmit error

Arnaud, Is that you sending us all those submissions?! Fantastic amount! > On May 9, 2018, at 10:07 AM, Arnaud Jacques > wrote: > > Hello, > >> clamsubmit with ClamAV 0.100.0 should work fine. I am surprised to see that >> error. We fixed code in the near

Re: [clamav-users] clamsubmit error

On May 9, 2018, at 3:43 PM, Benny Pedersen > wrote: Micah Snyder (micasnyd) skrev den 2018-05-09 19:39: The web interface, however, can do both http and https. if users can do 2 things, most will do incorrect way turning off ssl is not a good option to any

Re: [clamav-users] Is it legal to use ClamAV on a Windows Server in a SMB environment?

ClamAV's license is GPLv2. I don't see why it wouldn't be legal to do so. On May 9, 2018, at 2:11 PM, Allen Morrow > wrote: Is it legal to use ClamAV on a Windows Server in a SMB environment?

Re: [clamav-users] fp Img.Malware.Agent-6499558-0

Whoops, that’s an old link https://www.clamav.net/reports/fp Sent from my iPhone On May 6, 2018, at 21:24, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: Dear Benny, You should submit a false positive report. The false positive submission form can be foun

Re: [clamav-users] fp Img.Malware.Agent-6499558-0

Dear Benny, You should submit a false positive report. The false positive submission form can be found here: http://www.clamav.net/lang/en/sendvirus/submit-fp/ Sent from my iPhone > On May 6, 2018, at 20:55, Benny Pedersen wrote: > >

Re: [clamav-users] clamsubmit error

Files that come in via the website, for the most part, are processed automatically. There is a lot of automation going on with web submissions. > On May 5, 2018, at 4:29 PM, Benny Pedersen <m...@junc.eu> wrote: > > Joel Esler (jesler) skrev den 2018-05-05 19:56: >> for I

Re: [clamav-users] clamsubmit error

Are you using a current version of clamsubmit? > On May 5, 2018, at 3:21 PM, Walter H. wrote: > > On 05.05.2018 07:38, Arnaud Jacques wrote: >> Hello, >> >> Wanted to send some files to ClamAV using clamsubmit, got this error : >> >> invalid cfduid and/or session

Re: [clamav-users] clamsubmit error

for I in `ls -l /tmp/files/malicious` do clamsubmit $I; done > On May 5, 2018, at 8:30 AM, Benny Pedersen wrote: > > Arnaud Jacques skrev den 2018-05-05 07:38: > >> I did : >> clamsubmit -e webmas...@securiteinfo.com -N Arnaud Jacques -n myfile > > space is new arg ? > >

Re: [clamav-users] clamsubmit error

I like this idea. > On May 5, 2018, at 8:30 AM, Benny Pedersen wrote: > > Arnaud Jacques skrev den 2018-05-05 07:38: > >> I did : >> clamsubmit -e webmas...@securiteinfo.com -N Arnaud Jacques -n myfile > > space is new arg ? > > clamsubmit -e webmas...@securiteinfo.com -N

Re: [clamav-users] Malwarepatrol false positives

That shouldn’t be part of the official ruleset. Sent from my iPhone > On Apr 28, 2018, at 17:32, Alex wrote: > > Hi, > > So I decided to check which MBL hits there were today, and it seems > they're now blocking https://bit.ly > > $ sigtool --find-sigs MBL_6913896

[clamav-users] ClamAV® blog: ClamAV 0.100.0 has been released!

https://blog.clamav.net/2018/04/clamav-01000-has-been-released.html ClamAV 0.100.0 has been released! Join us as we welcome ClamAV 0.100.0 to the family officially. You can grab it, as always, from the downloads page on ClamAV.net. ClamAV 0.100.0 is a

[clamav-users] ClamAV® blog: ClamAV Mirror improvements

of downloads. You may see mirrors fall out of rotation, and new ones inserted. This is intentional. If there are any questions, or issues, please address them on the ClamAV-Mirrors list. Thank you for your patience. -- Joel Esler Manager Open Source, Design, Web, and Education Talos Group http

Re: [clamav-users] [clamav-virusdb] Signatures Published daily - 24446

It was replaced with better detection. On Apr 3, 2018, at 8:26 AM, Al Varnell > wrote: * Osx.Malware.Agent-6453877-0 Not sure why you would drop this as it's clearly part of the OSX.Coldroot RAT VT:

Re: [clamav-users] Errors connecting to mirrors

Inline’ Sent from my iPad > On Mar 28, 2018, at 5:34 PM, Alex wrote: > > Is there a known current problem? Not that I am aware of. Please file a mirror error ticket at bugzilla.clamav.net and I’ll get someone to investigate it? > Is there a site where we can go to >

Re: [clamav-users] Errors connecting to mirrors

Please file errors here: https://bugzilla.clamav.net/enter_bug.cgi?product=Mirror%20Issues With Mirrors? Thanks. -- Joel Esler Manager Open Source, Design, Web, and Education Talos Group http://www.talosintelligence.com On Mar 23, 2018, at 1:41 PM, G.W. Haywood <cla...@jubileegroup.co

[clamav-users] ClamAV® blog: ClamAV 0.100.0-rc has been posted!

http://blog.clamav.net/2018/03/clamav-01000-rc-has-been-posted.html ClamAV 0.100.0-rc has been posted! ClamAV 0.100.0 is a feature release (candidate) which includes many code submissions from the ClamAV community. As always, it can be downloaded from our downloads site on

Re: [clamav-users] Signatures once again 2 days old

We have a new cvd building now. We do have an alert system, but the alert system, for some reason didn’t email us the alert. We’re looking into that. Sent from my iPhone > On Mar 18, 2018, at 12:07, Andy Schmidt wrote: > > This has become a regular occurrence

Re: [clamav-users] ClamAV? blog: ClamAV 0.99.4 has been released!

Okay, let's call an end to this thread, I'll handle it differently. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Mar 8, 2018, at 1:15 PM, G.W. Haywood <cla...@jubileegroup.co.uk<mailto:cla...@jubileegroup.co.uk>> wrote: Hi Joel, On Thu

Re: [clamav-users] ClamAV(R) blog: ClamAV 0.99.4 has been released!

and suggestions unless this is a warm and welcoming community. That's what it needs to be. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Mar 8, 2018, at 4:08 AM, Tilman Schmidt <tschm...@cardtech.de<mailto:tschm...@cardtech.de>> wrote: What def

Re: [clamav-users] ClamAV(R) blog: ClamAV 0.99.4 has been released!

Which is perfectly fine. The mailing lists are the correct place for people to ask for help. Should people read the archives? Yes. Should people read FAQs? Yes. But largely, they won't. So we need to help our community. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:

Re: [clamav-users] ClamAV® blog: ClamAV 0.99.4 has been released!

Can you show us the warning you are receiving? -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Mar 7, 2018, at 12:05 PM, Brian Fluet-Denver Equip of Chlt <d...@dec-clt.com<mailto:d...@dec-clt.com>> wrote: I just subscribed to the

Re: [clamav-users] Blank Signature Updates

Thank you Al. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Mar 4, 2018, at 12:51 AM, Al Varnell <alvarn...@mac.com<mailto:alvarn...@mac.com>> wrote: Seems to be working again with 24361 this evening. -Al- On Sat, Mar 03, 2018 at 02

Re: [clamav-users] ClamAV® blog: ClamAV 0.99.4 has been released!

Understood. Sent from my iPhone > On Mar 2, 2018, at 03:28, lukn wrote: > >> On 02.03.2018 09:21, Al Varnell wrote: >> They just need to update DNS with updated version when they come in. Not a >> big deal. It only results in display of the warning. Should not impact >>

[clamav-users] ClamAV® blog: ClamAV 0.99.4 has been released!

. Thank you to the following ClamAV community members for your code submissions and bug reports! Alberto Garcia Bernhard Vogel Francisco Oca Hanno Böck Jeffrey Yasskin Keith Jones mtowalski Suleman Ali yongji.oy xrym Stay tuned for the upcoming 0.100.0 release candidate! -- Joel Esler

[clamav-users] test

Feel free to ignore this. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us

Re: [clamav-users] Possible FP on Doc.Dropper.Agent-6447876-0?

It is possible, using a service we have here: https://talosintelligence.com/sha_searches <https://talosintelligence.com/sha_searches> To look up some additional details about files, if interested. SHA256 required. -- Joel Esler | Talos: Manager | jes...@cisco.com <mailto:jes...@

Re: [clamav-users] Commercial License

's an idea. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Feb 14, 2018, at 10:25 AM, McRoy, Jeffrey (GE Healthcare) <jeffrey.mc...@ge.com<mailto:jeffrey.mc...@ge.com>> wrote: Hi Everyone, I’ve heard of some malware scanners that have com

Re: [clamav-users] Please guide me

As the community manager for both Immunet and ClamAV, Al is correct. Sent from my iPhone > On Feb 14, 2018, at 02:11, Al Varnell wrote: > > Again, I'll point out that Immunet comes from > the same developer as does ClamAV, so not 3rd party

[clamav-users] Failing Mirrors (or other Mirror issues)

All -- We are looking for bugs for failing mirrors or any issues with mirrors, just to get them all in once place, it would be fantastic if you see failing mirrors, to throw us a ticket here: https://bugzilla.clamav.net/enter_bug.cgi?product=Mirror%20Issues Thank you. -- Joel Esler | Talos

Re: [clamav-users] submitting phish samples - stripped

Generally speaking, it's better for us to have as much detail as possible. Samples that you submit through the website (either one) are not shared with partners (unless you check the "share with partners" checkbox) -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes

Re: [clamav-users] submitting phish samples - stripped

to use. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Feb 8, 2018, at 3:52 AM, Matus UHLAR - fantomas <uh...@fantomas.sk<mailto:uh...@fantomas.sk>> wrote: Hello, when submitting phish samples, should I use the same form as for malware?

[clamav-users] ClamAV® blog: ClamAV 0.100.0 beta has been released!

gt; or via bugzilla<https://bugzilla.clamav.net/> -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listin

Re: [clamav-users] Daily version 24256

Understood the concern. But managing the evil in between an old version of the cvd being used in perpetuity because someone found the link on a clamav-users archive, or working with freshclam to stay current... it's a hard road. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:

Re: [clamav-users] Daily version 24256

This shouldn't be necessary, we're way past that on Daily.cvd files now, and the issue has been corrected. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Jan 30, 2018, at 8:56 AM, Paul Kosinski <clamav-us...@iment.com<mailto:clamav-us...@iment

Re: [clamav-users] GPG key where? (was: Re: GPG signature problem with clamav-0.99.2.tar.gz)

That's the correct one, thank you Scott. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Jan 29, 2018, at 6:13 PM, SCOTT PACKARD <scott.pack...@raytheon.com<mailto:scott.pack...@raytheon.com>> wrote: https://talosintelligence.com/about c

Re: [clamav-users] ClamAV® blog: ClamAV 0.99.3 has been released!

There are outside issues that prevented us from announcing the CVEs at that time. It's not because we were trying to hide something. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Jan 26, 2018, at 2:39 PM, Andreas Schulze <andreas.schu...

[clamav-users] ClamAV® blog: Update on the recent "File Descriptors" issue in ClamAV

this issue from reocurring. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build

Re: [clamav-users] How the bad signature happened - conjecture (was Re: URGENT: Clamd is wedged on multiple installations)

other people to see this action on the list. So while we regret the issue that this signature caused (and we will fix, not only the signature, but the code itself in an upcoming release), I am super proud of the community that came together and solved the problem. -- Joel Esler | Talos: Manager

Re: [clamav-users] Max Open File Descriptors issue found this morning

and are currently building a new daily -- Joel Esler Manager Open Source, Design, Web, and Education Talos Group http://www.talosintelligence.com. ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo

[clamav-users] Max Open File Descriptors issue found this morning

hat? Unfortunately Reindl, from what you reported, and your eloquent description, I'm not sure what the issue is. I'm not seeing that issue on my side. Am 26.01.2018 um 15:40 schrieb Joel Esler (jesler): As previously mentioned, if you downloaded the beta version of ClamAV 0.99.3, you will ne

Re: [clamav-users] ClamAV® blog: ClamAV 0.99.3 has been released!

On Jan 26, 2018, at 9:49 AM, Reindl Harald <h.rei...@thelounge.net<mailto:h.rei...@thelounge.net>> wrote: Am 26.01.2018 um 15:40 schrieb Joel Esler (jesler): As previously mentioned, if you downloaded the beta version of ClamAV 0.99.3, you will need to completely uninstall it an

[clamav-users] ClamAV® blog: ClamAV 0.99.3 has been released!

can download the latest copy of ClamAV from our website ClamAV.net/downloads<http://www.clamav.net/downloads> Please continue the discussion on our mailing lists at http://www.clamav.net/contact#ml -- Joel Esler | Talos: Manager | jes...@cisco.com<ma

Re: [clamav-users] Announcement missing

You're right. That's my fault. I'll correct that here in a second after I read through all the emails in my ClamAV folder. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Jan 26, 2018, at 8:22 AM, Andreas Schulze <andreas.schu...

[clamav-users] ClamAV® blog: ClamAV Version number adjustment

will cause, but we feel this will impact the least number of community members, while allowing us flexibility to quickly address critical bugs or security issues, without undue issues with other work underway. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.

Re: [clamav-users] Whither ClamAV 0.99.2.1 ?

Mark, Yes. I apologize for that. I put out the blog post, but then we retracted it as we are looking into any issues caused by the version numbering we are planning on using. We've been made aware of a couple issues, and are working through them now. -- Joel Esler | Talos: Manager | jes

Re: [clamav-users] Unable to upload a false positive.

We know about this issue and are currently working on fixing the issue. Please bear with us. It’s a specific corner case that some people are running into. For instance, are you uploading the file before you file out the form? Sent from my iPad > On Jan 17, 2018, at 3:53 PM, Ramos Alexiou

[clamav-users] ClamAV® blog: ClamAV List Server Upgrade

a notification via the lists, blog, Twitter, and Facebook when the server is back up. Thanks for your patience during our maintenance! -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> ___ clamav-users mailin

Re: [clamav-users] Recommended workstation usage?

You may want to add “ELF….” To your count. Perhaps even “OSX….” -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Dec 20, 2017, at 7:02 AM, Maarten Broekman <maarten.broek...@gmail.com<mailto:maarten.broek...@gmail.com>> wrote: There ar

Re: [clamav-users] ClamAV(R) blog: ClamAV 0.99.3 beta2 has been released!

Thanks Steve and Tom. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Dec 19, 2017, at 11:33 AM, Steven Morgan <smor...@sourcefire.com<mailto:smor...@sourcefire.com>> wrote: https://bugzilla.clamav.net/show_bug.cgi?id=12000 is the ticket.

Re: [clamav-users] ClamAV® blog: ClamAV 0.99.3 beta2 has been released!

Can you please open a ticket in bugzilla.clamav.net<http://bugzilla.clamav.net>? -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Dec 19, 2017, at 7:29 AM, Andreas Schulze <andreas.schu...@datev.de<mailto:andreas.schu...@datev.de>> wro

[clamav-users] ClamAV® blog: ClamAV 0.99.3 beta2 has been released!

rther testing while we resolve our small list of > known issues in the background as we are prepping for "General Availability". > If you have the ability to download and use beta2 on your network, please > do. Thanks! -- Joel Esler | Talos: Manager | jes...@cisco.com

Re: [clamav-users] Cannot send virus sample through https://www.clamav.net/reports/malware

I’ve adjusted some settings. Please try again. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Dec 11, 2017, at 9:02 AM, Matteo Italia <mat...@mitalia.net<mailto:mat...@mitalia.net>> wrote: Hello Joel, I receive a page containing this info

Re: [clamav-users] Cannot send virus sample through https://www.clamav.net/reports/malware

What is the error you are receiving from Cloudflare? I need some details. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Dec 11, 2017, at 3:48 AM, Matteo Italia <mat...@mitalia.net<mailto:mat...@mitalia.net>> wrote: Hello, I'm trying

Re: [clamav-users] ClamAV - Open Source License

On Nov 29, 2017, at 1:21 PM, Peggy Anstett > wrote: Thanks Kevin! In the code itself there are about 10 different license files (Apache, BSD, etc) with no explanation as to whether they apply to certain parts of the library.

Re: [clamav-users] Virus Malvare not detected

Doc.Dropper.Agent is automated. Sounds like someone submitted the file to Clamav.net<http://Clamav.net> or one my other automated systems that produces detection. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Nov 15, 2017, at 7:09 PM, Al Varn

Re: [clamav-users] Virus Malvare not detected

Please submit malware samples to ClamAV.net Sent from my iPhone On Nov 14, 2017, at 6:36 AM, Emanuel > wrote: Hello, I received two docs files in a email with the Subject "Invoice". The attachment is a malware

Re: [clamav-users] FreshClam - DNS issues since October 31st

Bill, We have taken some recent steps to resolve these issues. Please let us know if they persist. Sent from my iPhone On Nov 13, 2017, at 5:37 PM, Bill Maidment > wrote: I'm still getting a mixed bag of results on db.AU Sometimes it works and other

Re: [clamav-users] Freshclam Fails

Looks like your machine can’t contact database.clamav.net Sent from my iPhone On Nov 9, 2017, at 11:24 PM, Krishnakumar Nair > wrote: Hi Guys, any idea on this, clamav running in aix box. WARNING: Can't get

Re: [clamav-users] FreshClam - DNS issues since October 31st

The team working on these issues is seeing these emails, so it’s good that you are writing in, if you are still experiencing issues. Sent from my iPad On Nov 8, 2017, at 9:05 AM, Simon Mousey Smith > wrote: Maybe not every day but

Re: [clamav-users] fail updates

It would be helpful, if, starting now, deleting mirrors.dat and *then* telling us about failing mirrors…. Cause…. We’ve done many changes in the past month, it would be good to start from a clean slate. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On

Re: [clamav-users] update mirror trouble?

If you have list of mirrors that are broken, it would be helpful to have that list, and what is broken about them. About a month ago, we went through a removed a “ton”* of broken ones. *ton means "a lot”. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@c

Re: [clamav-users] update mirror trouble?

This should be resolving itself as we speak. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Nov 6, 2017, at 4:47 AM, Simon Mousey Smith <simonsmith5...@gmail.com<mailto:simonsmith5...@gmail.com>> wrote: Hi, Same here still having pro

Re: [clamav-users] freshclam broken

This should be resolving itself as we speak. We found a lingering error to some mirrors and it should be fixed. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Nov 5, 2017, at 11:49 PM, Gene Heskett <ghesk...@shentel.net<mailto:ghesk...@shentel

Re: [clamav-users] freshclam broken

bear with us. I will provide another status update later in the day, and again, I apologize for not sending out a note to the users list. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Nov 3, 2017, at 8:54 AM, Reindl Harald <h.rei...@thel

Re: [clamav-users] FreshClam Mirrors - daily.cld stuck at version: 24010, safebrowsing cdiff missing.

), and we’ve ran into a few speed bumps. We should have everything back up and running in the next hour or so, so please bear with us. I will provide another status update later in the day, and again, I apologize for not sending out a note to the users list. -- Joel Esler | Talos: Manager | jes

[clamav-users] Mirror Sync Outage for ClamAV updates

mirrors, this means that currently, ClamAV AV updates are currently not available. Our operations team is currently working on the issue, and we will provide updates as needed. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.

Re: [clamav-users] Win.Exploit.CVE_2017 in user32.dll

These have been fixed. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Oct 30, 2017, at 7:59 AM, JD Ackle <jdali...@yahoo.com.br<mailto:jdali...@yahoo.com.br>> wrote: Hello, A clamscan running from Linux on a Windows disk (mounted

Re: [clamav-users] /home/gene/firefox/browser/omni.ja: Html.Exploit.CVE_2017_8750-6336209-0 FOUND

This has been dropped as well. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Oct 24, 2017, at 5:11 AM, Tsutomu Oyamada <oyam...@promark-inc.com<mailto:oyam...@promark-inc.com>> wrote: Yes, I have submit the file many times. File na

Re: [clamav-users] /home/gene/firefox/browser/omni.ja: Html.Exploit.CVE_2017_8750-6336209-0 FOUND

All — This signature has been dropped. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Oct 20, 2017, at 8:30 AM, Gene Heskett <ghesk...@shentel.net<mailto:ghesk...@shentel.net>> wrote: On Friday 20 October 2017 02:06:38 Al Varnell wrote: I

Re: [clamav-users] Clamav log messge

ptor passing?) WARNING: Error condition on fd 11. Any suggestion /idea. Thanks Bhavin, We’ve received all five of your emails. No need to send it that many times :) -- Joel Esler Manager Open Source, Design, Web, and Education Talos Group http://www.talosinte

Re: [clamav-users] FP Ppt.Exploit.CVE_2017_0199-6336815-1

This signature was fixed this morning. Sent from my iPhone On Oct 5, 2017, at 5:03 PM, Al Varnell > wrote: Please don't include signatures that apply to all file types in your email to the list as the message gets marked as infected. I'm sure some

Re: [clamav-users] Unsubscribe not working

ur mailservers too. also, do those mail come exactly to your address use...@karmasailing.uk<mailto:use...@karmasailing.uk>? It happens sometimes that person lets old account forward mail and can't unsubscribe from new one... That email address is not a member of the list. -- Joel Esler

Re: [clamav-users] question about fale positives

Correct. Although we are currently working on a confirmation system for receipt of and resolution of, false positives. Sent from my iPhone On Sep 30, 2017, at 4:22 PM, Al Varnell > wrote: You won't receive a response unless you subscribe to the

Re: [clamav-users] URL In Freshcalm

This site is permanently down. We are currently refactoring this. Sent from my iPhone On Sep 27, 2017, at 7:09 AM, Jerry > wrote: In the "freshclam.conf" file, there is a URL listed to collect "personal statistics". The URL is:

Re: [clamav-users] OT: mailing list behaviours (Re: Part 2: Dynamic engine module for scanning media files (e.g., MP3, MP4, etc.)?)

I don’t think we need it. The only people that really need to worry about a configuration like that are people that use Mutt/Pine/etc, and generally those people know how to set those particular settings. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com>

Re: [clamav-users] OT: mailing list behaviours (Re: Part 2: Dynamic engine module for scanning media files (e.g., MP3, MP4, etc.)?)

On Sep 19, 2017, at 2:48 PM, Kris Deugau > wrote: Crystalslave wrote: Return-Path: harlequin...@gmail.com First off, my apologies for the confusion. This is my first time posting to a mailing list; I didn't really

[clamav-users] ClamAV® blog: ClamAV Customer Feedback Survey

! -- Joel Esler | Talos: Manager | jes...@cisco.com ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav

Re: [clamav-users] CVE-2017-11241 - Synology DIskStation AV Essentials

This was taken care of already. Thanks! -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Sep 12, 2017, at 3:36 PM, Judd Grayzel <judd_gray...@yahoo.com<mailto:judd_gray...@yahoo.com>> wrote: The MD5 of the false positive fil

Re: [clamav-users] CVE-2017-11241 - Synology DIskStation AV Essentials

Depends on your operating system, but googling “how do I find the md5 of a file” for your OS should turn of plenty of results. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Sep 11, 2017, at 5:42 PM, Judd Grayzel <judd_gray...@yahoo.com<mail

Re: [clamav-users] CVE-2017-11241 - Synology DIskStation AV Essentials

You want to submit some false positives to us via the website, followup here with the md5s of the files you submit, the malware team can take a look. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Sep 11, 2017, at 3:06 PM, Judd Grayzel <

<    1   2   3   4   5   6   7   8   9   10   >