On Wednesday 09 Feb 2005 04:29, Steven Stern wrote:
Clamav-milter (0.82) died this afternoon. As far as I can see, this is the
first error that appears in clamd.log. After that, there are many similar
ones.
LibClamAV Warning: j17LZE5n030858: /var/spool/clamav/msg.sUSLWW: Access
denied.
George Chelidze wrote:
Hello,
I have yesterday upgraded to 0.82 on two servers (RedHat 7.3 kernel
2.4.24) yesterday morning and everything went fine. This morning I
found that on both servers clamd is running but viruses are not
detected. I run freshclam from cron every hour between 15 and 45
On Wed, 09 Feb 2005 at 1:49:30 +0300, Mikhail Ramendik wrote:
My typical use case for ClamAV is for catching a worm on a Windows machine,
which can not be online (because the worm would send spam or propagate). My
Linux machine is not infected and I don't want to install anything on it.
On Tue, 8 Feb 2005 14:47:18 -0500
Cormack, Ken [EMAIL PROTECTED] wrote:
I used ./configure --enable-clamuko in building clamd, and have
There's most likely a bug in the configure script. Please reconfigure it
without any flags.
--
oo. Tomasz Kojm [EMAIL PROTECTED]
Hello Kritof,
Kritof Petr wrote:
George Chelidze wrote:
Hello,
I have yesterday upgraded to 0.82 on two servers (RedHat 7.3 kernel
2.4.24) yesterday morning and everything went fine. This morning I
found that on both servers clamd is running but viruses are not
detected. I run freshclam from
Tomasz,
I first tried without any flags, and got the same result Which is why I
then tried the --enable-clamuko flag. :/
Ken
-Original Message-
From: Tomasz Kojm [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 09, 2005 7:59 AM
To: ClamAV users ML
Subject: Re: [Clamav-users]
On Tue, 08 Feb 2005 16:32:41 +
Francis Stevens [EMAIL PROTECTED] wrote:
Trog wrote:
BTW, all the false positives I've seen so far are also reported as
broken by the showriff utility, which was written specifically to check
these files.
For example:
$ showriff
George Chelidze wrote:
Hello,
I have yesterday upgraded to 0.82 on two servers (RedHat 7.3 kernel
2.4.24) yesterday morning and everything went fine. This morning I found
that on both servers clamd is running but viruses are not detected.
[...]
Same problem here
My log is full of this messages:
On Wed, 9 Feb 2005 08:47:56 -0500
Cormack, Ken [EMAIL PROTECTED] wrote:
Tomasz,
I first tried without any flags, and got the same result Which is
why I then tried the --enable-clamuko flag. :/
Make sure you're executing the proper clamd binary (i.e. not the one
installed from a RPM
On Wed, 9 Feb 2005 09:02:15 +, Nigel Horne [EMAIL PROTECTED] wrote:
I am confused. Your subject says Milter died, yet the only message you send
is
a non fatal warning. Try 0.82c and post the results.
It was the only error I could find. Where can I find .82c? Is that the
snapshot or do I
It was the only error I could find. Where can I find .82c? Is that the
snapshot or do I extract it from CVS?
Either
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Yes, Tomasz. I built it myself, from the tarball, downloaded from the
clamav.net web site. The clamd binary that I am hard-pathing to, is
correctly reporting it's version as 0.82. No clam rpms are installed.
Ken Cormack
Red Hat Certified Engineer
On Wed, 9 Feb 2005 08:47:56 -0500
Cormack,
On Wed, 9 Feb 2005 09:39:13 -0500
Cormack, Ken [EMAIL PROTECTED] wrote:
Yes, Tomasz. I built it myself, from the tarball, downloaded from the
clamav.net web site. The clamd binary that I am hard-pathing to, is
correctly reporting it's version as 0.82. No clam rpms are installed.
Please
On Wednesday 09 February 2005 15:56, Maxim Britov shaped the electrons to say:
On Tue, 08 Feb 2005 16:32:41 +
Francis Stevens [EMAIL PROTECTED] wrote:
Trog wrote:
BTW, all the false positives I've seen so far are also reported as
broken by the showriff utility, which was written
BTW, all the false positives I've seen so far are also reported as
broken by the showriff utility, which was written specifically to check
these files.
For example:
$ showriff virus-2005-02-08-n0009134
Contents of file virus-2005-02-08-n0009134 (18926/0x8926 bytes):
All
On Wed, 09 Feb 2005 08:28:12 -0600, Steven Stern
[EMAIL PROTECTED] wrote:
It was the only error I could find. Where can I find .82c? Is that the
snapshot or do I extract it from CVS?
I rolled back my production machines to 0.81 and have built latest-devel on my
test machine. I'll let you know
Tomasz,
The Configure script does appear to be broken. In the clamav-config.h file,
I manually added a #define CLAMUKO 1, and then recompiled.
Now, after loading clamd, I see the following:
Wed Feb 9 10:17:29 2005 - Clamuko: Correctly registered with Dazuko.
Wed Feb 9 10:17:29 2005 -
Tomasz,
I just confirmed that clamd/clamzuko is now working. Attempting to cat an
EICAR test file, I got an EICAR: operation not permitted error on my
screen, and the clamd.log shows the following:
Wed Feb 9 10:22:43 2005 - Clamuko: /home/hc43/EICAR: Eicar-Test-Signature
FOUND
So it looks
On Wed, 9 Feb 2005 10:22:00 -0500
Cormack, Ken [EMAIL PROTECTED] wrote:
Tomasz,
The Configure script does appear to be broken. In the clamav-config.h
file, I manually added a #define CLAMUKO 1, and then recompiled.
That's strange. Your config.log looks O.K.
--
oo.
P900\Beyonce Knowles - Crazy In Love (2).wav: Exploit.W32.MS05-002 FOUND
p900\Evanescence - Bring Me To Life - Daredevil 2 (2).wav: Exploit.W32.MS05-002
FOUND
p900\robby-feel.wav: Exploit.W32.MS05-002 FOUND
Hello,
I don't suppose these files were submitted for analysis by the clamav
I agree, it is strange.
But to confirm, I completed deleted my build directory, and re-extracted the
original source tarball. I then re-ran the configure and inspected the
clamav-config.h file.
Although that file contains the following:
/* #undef CLAMUKO */
It appears that the needed
On Wed, 9 Feb 2005, Maxim Britov wrote:
P900\Beyonce Knowles - Crazy In Love (2).wav: Exploit.W32.MS05-002 FOUND
I don't know, but size is ~50-100KB.
If they're tiny files, are you sure they're actually wavs?
Maybe someone downloaded these things and instead of funky beats, they're
full of
On Wed, 2005-02-09 at 11:51 -0500, jef moskot wrote:
On Wed, 9 Feb 2005, Maxim Britov wrote:
P900\Beyonce Knowles - Crazy In Love (2).wav: Exploit.W32.MS05-002 FOUND
I don't know, but size is ~50-100KB.
If they're tiny files, are you sure they're actually wavs?
Maybe someone
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
A little bit off topic, but I'd like to ask if M$ is trying to prepare
own AV software ?
I found this : http://www.microsoft.com/security/malwareremove/default.mspx
a tool to remove MyDoom, Zafi,Netsky and a few others.
Best Regards
Boguslaw
Hi,
Well anything is possible. They bought RAV and a few others a while
back. But the 32 cent question I'd have to ask is being M$ would _you_
trust them with anti-virus protection ? Hmmm ?
--Ed
Bogusaw Brandys wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
A little bit off topic,
Just installed 0.82:
# freshclam -V
ClamAV 0.82/702/Wed Feb 9 02:31:34 2005
So ... why would I be getting the warning:
# freshclam -v
Current working dir is /opt/csw/share/clamav
Max retries == 3
ClamAV update process started at Wed Feb 9 07:39:37 2005
Querying current.cvd.clamav.net
TTL: 669
Talking about AV software:
They bought Sybari Antigen today.
Grz. Johan
Op woensdag 9 februari 2005 18:21, schreef Ed:
Hi,
Well anything is possible. They bought RAV and a few others a while
back. But the 32 cent question I'd have to ask is being M$ would _you_
trust them with anti-virus
On February 9, 2005 09:26 am, Bogusaw Brandys wrote:
A little bit off topic, but I'd like to ask if M$ is trying to
prepare own AV software ?
I found this :
http://www.microsoft.com/security/malwareremove/default.mspx
a tool to remove MyDoom, Zafi,Netsky and a few others.
They've been
Hi Bob,
I had the same problem after upgrading to v0.82.
The solution is quite simple:
check for old clamav libs left from former installations (filenames
libclamav.xx) and remove them.
Probably they are in /usr/local/lib/
Good luck!
Grz. Johan
Op woensdag 9 februari 2005 18:44, schreef Bob
On Wed, 9 Feb 2005 07:44:33 -1000 in
[EMAIL PROTECTED] Bob Cunningham
[EMAIL PROTECTED] wrote:
So ... why would I be getting the warning:
You probably have an old freshclam somewhere in your path...
--
Brian Morrison
bdm at fenrir dot org dot uk
GnuPG key ID DE32E5C5 -
Hi
A little bit off topic, but I'd like to ask if M$ is trying
to prepare own AV software ?
Microsoft bought GeCAD (RAV) back in the last summer, then Giant Compny
Software, Inc. in december and two days ago they bought Sybari.
So they are collecting know-how about virus detection, spyware
On Wed, 9 Feb 2005, Steffen Heil wrote:
So, just sit back and relax.
And by the way, it was already asked who would trust microsoft with this.
And yes, I would. Maybe not as the only security solution, just as I now
have McAfee local to my clamav on my server.
You are missing the point
I've been getting those messages too for about a week. I updated to
the devel version on December 26th, after staying with 0.75 for too
long. I do *not* have any old copies of either libclamav or freshclam
anywhere; I've checked carefully with find and locate. clamscan -V
reports ClamAV
I've been getting those messages too for about a week. I updated to
the devel version on December 26th, after staying with 0.75 for too
long. I do *not* have any old copies of either libclamav or freshclam
anywhere; I've checked carefully with find and locate. clamscan -V
reports ClamAV
George Chelidze wrote:
Hello Kritof,
Kritof Petr wrote:
George Chelidze wrote:
When it happens on next time, try to run clamdscan to check the clamd
is running fine
and problem is in clamav-milter itself.
It happened again on database reload. I followed your advice and seems
clamd is ok,
On Wed, 09 Feb 2005 12:10:20 -0600 in [EMAIL PROTECTED]
Graham Toal [EMAIL PROTECTED] wrote:
I've been getting those messages too for about a week. I updated to
the devel version on December 26th, after staying with 0.75 for too
long. I do *not* have any old copies of either libclamav or
jef moskot wrote:
On Wed, 9 Feb 2005, Maxim Britov wrote:
P900\Beyonce Knowles - Crazy In Love (2).wav: Exploit.W32.MS05-002 FOUND
I don't know, but size is ~50-100KB.
If they're tiny files, are you sure they're actually wavs?
My guess is they are ring signals for the Sony Ericsson P900 mobile
At 09:53 AM 2/9/2005, you wrote:
Hi Bob,
I had the same problem after upgrading to v0.82.
The solution is quite simple:
check for old clamav libs left from former installations (filenames
libclamav.xx) and remove them.
Probably they are in /usr/local/lib/
Good luck!
easier - cd to the build
That's it. The old libraries are still there, probably because
I didn't do a proper make uninstall!
On Feb 9, 2005, at 9:26 AM, [EMAIL PROTECTED] wrote:
At 09:53 AM 2/9/2005, you wrote:
Hi Bob,
I had the same problem after upgrading to v0.82.
The solution is quite simple:
check for old clamav
- Original Message -
From: Johan Barelds [EMAIL PROTECTED]
To: ClamAV users ML clamav-users@lists.clamav.net
Sent: Wednesday, February 09, 2005 11:49 AM
Subject: Re: [Clamav-users] M$ preparing AV software ?
Talking about AV software:
They bought Sybari Antigen today.
Grz. Johan
Hrm -
9 2005 01:59 McDonald, Dan (a):
This was discussed at length fairly recently. Basically, you need some
sort of web access (port 80) to copy the files. You can, if you are
satisfied with the md5sum's, copy them into the appropriate directory
yourself. When you restart clamd, or at a
9 2005 12:48 Tomasz Papszun (a):
http://www.mail-archive.com/clamav-users@lists.clamav.net/msg12349.html
Thanks.
I think this should be in the FAQ.
--
Yours, Mikhail Ramendik
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Good management is all about looking forward.
They seem to bet om more horses these days...:-)
Grz. Johan
Op woensdag 9 februari 2005 21:10, schreef Thomas Cameron:
- Original Message -
From: Johan Barelds [EMAIL PROTECTED]
To: ClamAV users ML clamav-users@lists.clamav.net
Sent:
- Original Message -
From: Johan Barelds [EMAIL PROTECTED]
To: ClamAV users ML clamav-users@lists.clamav.net
Sent: Wednesday, February 09, 2005 2:34 PM
Subject: Re: [Clamav-users] M$ preparing AV software ?
Op woensdag 9 februari 2005 21:10, schreef Thomas Cameron:
- Original
Good management is all about looking forward.
They seem to bet om more horses these days...:-)
Grz. Johan
I'm actually viewing it more as a tactic of MS buying and then closing
up shops that sell Linux products. Look at what they did with
VirtualPC. The first release after they bought it you
- Original Message -
From: Thomas Cameron [EMAIL PROTECTED]
To: ClamAV users ML clamav-users@lists.clamav.net
Sent: Wednesday, February 09, 2005 4:13 PM
Subject: Re: [Clamav-users] M$ preparing AV software ?
I'm actually viewing it more as a tactic of MS buying and then closing up
I've been getting those messages too for about a week. I updated to
the devel version on December 26th, after staying with 0.75 for too
long. I do *not* have any old copies of either libclamav or freshclam
anywhere; I've checked carefully with find and locate. clamscan -V
reports
On Wednesday 09 February 2005 23:22, Ed shaped the electrons to say:
Good management is all about looking forward.
They seem to bet om more horses these days...:-)
Grz. Johan
I'm actually viewing it more as a tactic of MS buying and then closing
up shops that sell Linux products.
I downloaded clamav (0.92) and installed it. When I
clamscan clamav-0.82.tar.gz, clamscan says the archive
is OK. However, when I clamscan clamav-0.82/test,
clamscan says ClamAV-Test-File found. So why cant
clamscan detect ClamAV-Test-File virus in
clamav-0.82.tar.gz in the first place ??
At the
Hi
Hrm - MS buys another AV company which sells a Linux product.
I would rather look at it as mircosoft buying a company which creates
valuable ms exchange protection software.
Regards,
Steffen
smime.p7s
Description: S/MIME cryptographic signature
On Wed, 09 Feb 2005 15:40:25 -0600, Graham Toal [EMAIL PROTECTED] wrote:
Can I suggest a mailing list for announcements to
http://clamav.net/ml.html#pagestart
--
Steve
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
On Wed, 9 Feb 2005, Steffen Heil wrote:
Hi
Hrm - MS buys another AV company which sells a Linux product.
I would rather look at it as mircosoft buying a company which creates
valuable ms exchange protection software.
So how do you explain M$ buying RAV and shutting it down (among other
Hi
Hrm - MS buys another AV company which sells a Linux product.
I would rather look at it as mircosoft buying a company
which creates
valuable ms exchange protection software.
So how do you explain M$ buying RAV and shutting it down
(among other competitors/Linux supporters)?
-Original Message-
From: Steffen Heil [mailto:[EMAIL PROTECTED]
Subject: AW: AW: [Clamav-users] M$ preparing AV software ?
Hi
Is that somehow good for the world as a whole?
I also never claimed that microsoft would do good for the world.
(Even though I don't know anyone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Jason
Frisvold
Some would argue that welfare is not good for the world... :P
Only rich people in the northern countries would say that.
--
Jason Frisvold
On Wed, 09 Feb 2005 15:40:25 -0600 in [EMAIL PROTECTED]
Graham Toal [EMAIL PROTECTED] wrote:
Can I suggest a mailing list for announcements to be used for
must do upgrades using the stable source chain;
There is already an announcement list and an RSS feed of that and the
ClamAV news page...
At 02:46 PM 2/9/2005, you wrote:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Jason
Frisvold
Some would argue that welfare is not good for the world... :P
Only rich people in the northern countries would say that.
bollocks. let's not have that
Joanna Roman wrote:
I downloaded clamav (0.92) and installed it. When I
clamscan clamav-0.82.tar.gz, clamscan says the archive
is OK. However, when I clamscan clamav-0.82/test,
clamscan says ClamAV-Test-File found. So why cant
clamscan detect ClamAV-Test-File virus in
clamav-0.82.tar.gz in the
Can I suggest a mailing list for announcements to
http://clamav.net/ml.html#pagestart
Argh. OK, T FM is R'd. I've subscribed there and am unsubscribing
here. So long guys, thanks for the help.
G
___
If you tgz test dir to be test.tar.gz, the clamscan can detect it.
But clamscan cannot detect it in clamav-0.82.tar.gz
I just want to know the reason (e.g. max number of files reached ? max archive level reached ?). Anybody knows the answer ???René Berber [EMAIL PROTECTED] wrote:
Joanna Roman
On Wed, 9 Feb 2005 18:03:30 -0800 (PST)
Joanna Roman [EMAIL PROTECTED] wrote:
If you tgz test dir to be test.tar.gz, the clamscan can detect it.
But clamscan cannot detect it in clamav-0.82.tar.gz
I just want to know the reason (e.g. max number of files reached ? max
archive level reached
advice and seems
clamd is ok, clamav-milter fails. I'll try daily snapshot and reply
back soon.
With clamdscan works OK.
I have tried the nightly snapshot a it's working good.
I have checked devel-20050209 and clamav-milter failed again. downgraded
to 0.81. Any ideas? I can provide more
62 matches
Mail list logo