Re: [clamav-users] can not download updates

Hi there, On Tue, 27 Jul 2021, Matus UHLAR - fantomas wrote: On Tuesday, July 27th, 2021 at 10:46 AM, fxkl47BF wrote: On Tuesday, July 27th, 2021 at 10:28 AM, Joel Esler wrote: Maybe try raising your receivetimeout? i changed the receivetimeout to 300 as described in the article ... ...

Re: [clamav-users] ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

Hi there, On Tue, 27 Jul 2021, Joel Esler wrote: On Jul 27, 2021, at 11:27 AM, Paul Kosinski wrote: On Mon, 26 Jul 2021 11:35:29 Rick Cooper wrote: And what, exactly, is the reason for moving to cmake? I am sure you know it's going to be problematic for thousands of people so I am curious

Re: [clamav-users] clamonsacc not working on centos7

Hi there, On Tue, 27 Jul 2021, Joël Labby via clamav-users wrote: ... I can use clamscan to scan a file but clamonacc return this error : ERROR: ClamClient: Could not connect to clamd, Couldn't connect to server ERROR: Clamonacc: daemon is local, but a connection could not be established

Re: [clamav-users] ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

Hi there, On Sun, 25 Jul 2021, Frans de Boer wrote: I get things compiled etc., but testing clamd keeps on failing. ... ... Any suggestion what data I can provide to find the cause of the failure? The output from the tests would probably be a good start. -- 73, Ged.

Re: [clamav-users] ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

Hi there, On Sun, 25 Jul 2021, Frans de Boer wrote: On 7/25/21 8:44 PM, G.W. Haywood via clamav-users wrote: Hi there, On Sun, 25 Jul 2021, Frans de Boer wrote: I get things compiled etc., but testing clamd keeps on failing. ... ... Any suggestion what data I can provide to find the cause

Re: [clamav-users] ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

Hi there, On Mon, 26 Jul 2021, Frans de Boer wrote: On 7/26/21 9:41 AM, G.W. Haywood via clamav-users wrote: Hi there, On Sun, 25 Jul 2021, Frans de Boer wrote: On 7/25/21 8:44 PM, G.W. Haywood via clamav-users wrote: Hi there, On Sun, 25 Jul 2021, Frans de Boer wrote: I get things

Re: [clamav-users] [OT] ClamAV® blog: ClamAV 0.104.0 Release Candidate is here!

Hi Paul, On Wed, 28 Jul 2021, Paul Kosinski via clamav-users wrote: In my case, I can't simply upgrade to the latest Debian (or any other distro), as one of the systems is our home firewall and gateway -- with iptables, multi-LAN routing (with local DNS), a bit of bridging, encrypted tunnels

Re: [clamav-users] can't cmake 1.0.4rc

Hi Gene, On Wed, 28 Jul 2021, Gene Heskett via clamav-users wrote: The next instruction line from INSTALL.md is: cmake .. -D CMAKE_BUILD_TYPE="Release" Which generates this response: CMake Error: The source directory "/home/gene/src/clamav-0.104.0-rc/build/CMAKE_BUILD_TYPE=Release" does

Re: [clamav-users] what initiates freshclam? [OT]

Hi there, On Fri, 7 Jan 2022, Kenneth Porter wrote: ... One reason to switch to systemd is that you no longer need to implement a random delay in your own script to reduce server load from lots of client scripts slamming the server at the top of the hour. See the RandomizedDelaySec and

Re: [clamav-users] Is clamAV affected by log4j

Hi there, On Wed, 12 Jan 2022, Vishwas Shah via clamav-users wrote: I would like to know if clamAV was impacted by the log4j vulnerability. No. -- 73, Ged. ___ clamav-users mailing list clamav-users@lists.clamav.net

Re: [clamav-users] ClamAV 0.103.5 and 0.104.2 security patch release; 0.102 past EOL

Hi there, On Thu, 13 Jan 2022, Jaspal Singh Sandhu via clamav-users wrote: We are using Docker Image for 1.104 version at Roberthalf Is that image updated too with this patch? I'm not familiar with the image you mention, do you have a pointer to it for me? I'd have thought you'd get better

Re: [clamav-users] Current replacement for --max-ratio?

Hi there, On Fri, 14 Jan 2022, Eric Tykwinski wrote: When did clamav start scanning iso files? https://blog.clamav.net/2013/09/clamav-098-has-been-released.html -- 73, Ged. ___ clamav-users mailing list clamav-users@lists.clamav.net

Re: [clamav-users] help with my system please hybrid os does not update signatures

Hi there, On Sun, 16 Jan 2022, colin course via clamav-users wrote: last installment of log file is this regards colin Thu Jan 6 11:26:43 2022 -> Giving up on https://database.clamav.net... Thu Jan 6 11:26:43 2022 -> ERROR: Update failed for database: daily Thu Jan 6 11:26:43 2022 ->

Re: [clamav-users] help with my system please hybrid os does not update signatures

Hello again, On Mon, 17 Jan 2022, colin course via clamav-users wrote: ... i have recently been changing permisions ... Please do not romp around the operating system changing permissions on things unless you are sure that you know what you're doing and why. At best you will make the system

Re: [clamav-users] is there a kill signal to have freshclam do an update check?

Hi there, On Sun, 13 Feb 2022, Marc wrote: On Sun, 13 Feb 2022, G.W. Haywood wrote: ... the parent forks a child with the right permissions etc. ... Ok so maybe this code is a bit buggy currently? ... The freshclam utility has been around for donkey's years. I know of no serious problems

Re: [clamav-users] is there a kill signal to have freshclam do an update check?

Hi there, On Sun, 13 Feb 2022, Marc wrote: On Wed, 9 Feb 2022, G.W. Haywood wrote: On Wed, 9 Feb 2022, Marc wrote: Is there a command that can make a running freshclam daemon do an update request instantly? SIGUSR1, assuming it's compiled with it enabled. Yes thanks, I was already

Re: [clamav-users] Clamd non recursive MULTISCAN?

Hi there, On Fri, 4 Mar 2022, Jorge Elissalde via clamav-users wrote: ... If I send the command "MULTISCAN c:\windows\system32", the recursive scanning will scan everything including folders, which is not what I want. This scanning must be processed using multi threads ... Can you be more

Re: [clamav-users] Clamd non recursive MULTISCAN?

Hi there, On Fri, 4 Mar 2022, Jorge Elissalde via clamav-users wrote: ... Trying to be more forthcoming I can explain the code I'm making. - I get the full list of files under c:\windows\system32 folder, just files, not folders (4913 files in my case). - I send every file name to clamd using

Re: [clamav-users] Prevent root users from running infected files

Hi there, On Sun, 13 Mar 2022, Mohsen Ghahremani via clamav-users wrote: I run clamd and clamonacc with root user and clamd.conf file is configured as follows:     User root OnAccessIncludePath / home OnAccessExcludeUname root OnAccessPrevention yes This is not sufficient

Re: [clamav-users] SCAN folder does not send OK result via socket?

Hi there, On Mon, 14 Mar 2022, Jorge Elissalde via clamav-users wrote: I'm trying to get the scanning "file OK" result in the socket connection when scanning multiple files using SCAN/CONTSCAN/MULTISCAN commands. The command is: nSCAN c:\folder\n (same for CONTSCAN and MULTISCAN) Scanning

Re: [clamav-users] Support for GPFS / real-time antivirus checks

Hi there, On Thu, 17 Mar 2022, An Schall via clamav-users wrote: we have a server operating RHEL 6.x and which is using GPFS as a file system. We process high volume data on this server and are evaluating whether clamAV / clamd is a feasible solution to run AV scans against the processed data.

Re: [clamav-users] ClamAV 0.105 release candidate

Hi there, On Wed, 16 Mar 2022, Bowie Bailey via clamav-users wrote: On 3/16/2022 10:09 AM, Joel Esler via clamav-users wrote: On Mar 16, 2022, at 5:35 AM, Gary R. Schmidt wrote: On 16/03/2022 20:19, Christoph Moench-Tegeder via clamav-users wrote: ## Joel Esler via clamav-users

Re: [clamav-users] LibClamAV Warning: fmap_readpage: pread fail

Hi there, On Thu, 17 Mar 2022, Stephen Scotter via clamav-users wrote: I noticed Clamd has unexpectantly died on two [VMs] ... System1 Virtual Machine CPU : 1 socket / 2 cores RAM : 2GB Ram ... OS : Debian 10 / buster Clam : ClamAV 0.103.5/26484/Thu Mar 17 08:28:38 2022 Mar 13 13:14:27

Re: [clamav-users] human friendly signatures

Hi there, On Tue, 15 Mar 2022, Laurent S. via clamav-users wrote: On Tuesday, March 15th, 2022 at 00:36, Micah Snyder wrote: Starting with our own new language would let us maintain do that but make it easier for new analysts to train up on ClamAV. I don't see at all the advantage of using

Re: [clamav-users] SCAN folder does not send OK result via socket?

Hello again, On Mon, 14 Mar 2022, Jorge Elissalde via clamav-users wrote: If I use INSTREAM (which I already use for other scanning task) I need to open every file manually and send the contents to clamd. This is a recursive scanning with about 5000 files. Using INSTREAM is slower than the

Re: [clamav-users] DNS request if an external server is specified in the file name

Hi there, On Thu, 10 Mar 2022, di82wal wrote: we had a penetration test of our application (moodle) a few weeks ago and in the background we use CLAM-AV as antivirus. During this test the following behavior was observed with Clam-AV: If an external server is specified as part of the filename

Re: [clamav-users] Virus database not updated since 14th July 2021

Hi there, On Tue, 8 Mar 2022, Jerzy Witwinowski via clamav-users wrote: ... I realized today that my virus database on my personal computer at home (an old PC running the last version of KDE Neon) hasn't been updated since 14th July 2021. ... As Mr. Broekman suggests I'm sure your ClamAV

Re: [clamav-users] Amazon/SpoofedDomain FP

Hi there, On Thu, 17 Mar 2022, Alex via clamav-users wrote: The link description is a URL and apparently doesn't match the link itself, resulting in email from Amazon Business being marked as malicious. Do I just add this to some kind of allow/bypass list? How do I go about doing that? Micah

Re: [clamav-users] SSL Authentication Error

Hi there, On Mon, 7 Mar 2022, Maarten Broekman via clamav-users wrote: On Mon, Mar 7, 2022 at 11:32 AM Jonah McElfatrick via clamav-users wrote: ... none of the provided solutions seem to have resolved the issue. ... I did not mention in my previous email but the operating system this is

Re: [clamav-users] clamdscan: Output detailed scan results to STDOUT or to configurable file?

Hi there, On Thu, 17 Feb 2022, An Schall via clamav-users wrote: When using clamdscan, I would like to have verbose output logged to a file. Specifically, the timestamp, file path and file name as well as the scan results should be logged to a specified file. In comparison, clamscan outputs

Re: [clamav-users] clamdscan: Output detailed scan results to STDOUT or to configurable file?

Hi there, On Mon, 21 Feb 2022, An Schall via clamav-users wrote: ... my issue is that when scanning folders recursively with clamdscan, I merely receive an aggregated result on the entire folder ... My aim is to log the per-file information to a configurable log file. You could use the

Re: [clamav-users] clamdscan: Output detailed scan results to STDOUT or to configurable file?

Hi there, On Mon, 21 Feb 2022, An Schall via clamav-users wrote: Yes, I am using exactly this approach at the moment. However, I execute clamdscan from within a custom bash script. This bash script logs several messages to a defined log file. As part of this information the verbose clamdscan

Re: [clamav-users] clamdscan: Output detailed scan results to STDOUT or to configurable file?

Hi there, On Mon, 21 Feb 2022, An Schall via clamav-users wrote: Thanks for the response. The main reason why I use clamdscan is performance: I need to scan in a multi-threaded manner (in contrast to clamscan). I guess using 'find' will go against this aim. It was just one suggestion. If

Re: [clamav-users] Scan log parsing

Hi there, On Sun, 20 Feb 2022, Eliya Voldman via clamav-users wrote: I'm completely new to ClamAV I am setting up ClamAV on one laptop located behind VLAN and I don't have the option to monitor result. Please provide more information. Try to make me less suspicious. -- 73, Ged.

Re: [clamav-users] Disk space utilization ever increasing until I kill clamonacc

Hi there, On Mon, 21 Feb 2022, Stephen Scotter via clamav-users wrote: ... when deploying new virtual machines which are built to use ClamAV’s on access features disk space is “consumed” over a period of many days until it eventually consumes all disk space and the server becomes non

Re: [clamav-users] --exclude semantic issue ?

Hi there, On Thu, 24 Feb 2022, Eliya Voldman via clamav-users wrote: I did a test scan and decided to exclude some files from scanning Since files were located in a few directories I did not want to provide only file name hence I provided the absolute path for each file. The issue is that

Re: [clamav-users] Minor bug or working as intended?

Hi there, On Thu, 24 Feb 2022, Kris Deugau wrote: After chasing docs back and forth and trying small variations, I think I've found what's arguably a bug in Clam's YARA implementation. ... You too, huh? In my experience ClamAV's Yara implementation is absolutely riddled. It's so bad (and

Re: [clamav-users] Running scan after GUI crash 'ClamTK"

Hi there, On Wed, 16 Feb 2022, Ronald via clamav-users wrote: ... I ran a scan through ClamTK on Ubuntu, the GUI crashed and needed to xkill it, though the "clamscan" is still running on a 1TB hdd (windows 7 OS), which I can see through system services on Ubuntu. Now my question is... can I

Re: [clamav-users] Minor bug or working as intended?

Hi there, On Fri, 25 Feb 2022, Laurent S. via clamav-users wrote: I've had the same issue. In the last two years, I was regularly writing YARA sigs in ClamAV and finding that it behaves in strange ways... Especially the regex integration. I specifically remember that counting regex wasn't

Re: [clamav-users] freshclam cert problems with new install

Hi there, On Fri, 25 Feb 2022, fergus mcmenemie wrote: Hi - first posting here Welcome. :) Brand new install of clamav ... Exactly which version, installed from what (package, tarball, ...)? first thing I ran was "sudo freshclam" which gave the following. So I assume it's Linux, but

Re: [clamav-users] Scan log parsing

Hi there, On Mon, 21 Feb 2022, Eliya Voldman via clamav-users wrote: ... found this line in the log: C:\Windows\SysWOW64\sechost.dll: Win.Trojan.Pemalform-9786579-0 FOUND You should take positive action to investigate anything which gives a result like this. It may mean that the computer

Re: [clamav-users] Scan log parsing

Hi there, On Tue, 22 Feb 2022, Eliya Voldman via clamav-users wrote: Your response is extremely valuable I'm very glad if it's helped. :) Btw what tool is 'time sigtool'? Should I try it on my Linux machine or Windows? That's two tools. One (sigtool) is from the ClamAV suite, and is as

Re: [clamav-users] allowlist/fixing false positive

Hi there, On Tue, 1 Mar 2022, Alex via clamav-users wrote: I have a fedora34 system with clamd-0.103.5 and amavisd/SA/postfix. I have a newsletter from ncua.gov that keeps getting blocked because it The providers of Fedora do some IMHO slightly odd things with ClamAV packaging which

Re: [clamav-users] Minor bug or working as intended?

Hi Micah, On Tue, 1 Mar 2022, Micah Snyder (micasnyd) via clamav-users wrote: ... Perhaps we should be asking the development team for readable LDB rules? :) Creating a new "human readable", or "human friendly", signature language is something that I've brought up many times this past 6

Re: [clamav-users] Minor bug or working as intended?

Hi there, On Wed, 2 Mar 2022, Kris Deugau wrote: Micah Snyder (micasnyd) via clamav-users wrote: ... some examples from my short time spent brainstorming this a few months back. // example logical signature [snip] TBH that looks almost identical to the Yara rule syntax at a quick look.

Re: [clamav-users] SSL Authentication Error

Hi there, On Wed, 2 Mar 2022, Jonah McElfatrick via clamav-users wrote: I am trying to mirror the definitions database using the recommended cvdupdate python script, however I am getting the following error code: ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify

Re: [clamav-users] INSTREAM + eicar not well detected?

Hi there, On Wed, 2 Mar 2022, Jorge Elissalde via clamav-users wrote: I'm using clamd to make a large data scanning using INSTREAM ... If I send only one INSTREAM chunk with EICAR inside it is correctly detected, but if I send several chunks plus EICAR string, it is not ... char *eicarTest =

Re: [clamav-users] allowlist/fixing false positive

Hi there, On Thu, 3 Mar 2022, Alex via clamav-users wrote: The cld version was dated Sept 19th (since manually deleted) and the cvd version is dated Sept 22nd. I'll have to see if it returns. I suspect that the cld version was created when you updated the ClamAV utilities from the

Re: [clamav-users] INSTREAM + eicar not well detected?

Hi there, On Thu, 3 Mar 2022, G.W. Haywood wrote: ... Perhaps you can post the output of 'clamconf -n' ... On Thu, 3 Mar 2022, Kris Deugau wrote: ... There are quite the proliferation of hash signatures, but ... The only one that would match within a larger file or datastream is the

Re: [clamav-users] INSTREAM + eicar not well detected?

Hi there, Sorry, I should have spent more time looking into this. On Fri, 4 Mar 2022, Tuomo Soini via clamav-users wrote: That is incorrectly detecting it. They must not detect signature in the middle. That's clearly in specification. Long time ago there was big discussion about eicar

Re: [clamav-users] Reservations towards clamAV

Hi there, On Mon, 14 Feb 2022, Marc wrote: I keep running into reservations about clamAV. It is often claimed that clamAV has a poor detection rate compared to other solutions. I then often lack an answer based on hard facts. Do you also have this problem? If so, is there good data somewhere

Re: [clamav-users] Minor bug or working as intended?

Hi there, On Fri, 25 Feb 2022, Joel Esler via clamav-users wrote: Pretty sure you can write what you’re trying to look for with an ldb signature anyway. One can write an LDB signature which might look like this: 8<--

Re: [clamav-users] human friendly signatures

Hi Micah, On Wed, 16 Mar 2022, Micah Snyder (micasnyd) wrote: (1) a plea for a way to test rules before they go live; If you mean "for personal use" then I'd say, "What Maarten said." Er, no. Not "scan to make sure it detects things". What I meant was "do something to make sure it won't

Re: [clamav-users] human friendly signatures

Hi there, On Mon, 21 Mar 2022, Kris Deugau wrote: TBH I'd prefer if Clam *did* continue, just skipping malformed rules (and also whinging loudly in the log). I could live with that if it didn't *also* crash. Either would be better than just exiting (it's not a hard *crash*, it's "just"

Re: [clamav-users] Inquiry about ClamAV's usage within sandbox

Hi there, On Tue, 22 Mar 2022, Yang, Jiayi via clamav-users wrote: ... I’m writing to inquire about the proper usage of ClamAV and whether it’s suggested to run ClamAV within a sandbox to avoid infecting other files/applications in the host if a malware is detected. Vulnerabilities have been

Re: [clamav-users] Virus not detected

Hi there, On Mon, 21 Mar 2022, Christopher Marczewski wrote: Ideally, please submit the sample via the following form: https://www.clamav.net/reports/malware Or you can create a signature and submit it, but see https://lists.clamav.net/pipermail/clamav-users/2022-March/012519.html for

Re: [clamav-users] clamav-daemon do not start after upgrade

Hi there, On Fri, 25 Mar 2022, Jean-Claude VERGEROLLE wrote: After an apt upgrade, clamav-daemon do not start System : debian buster 4.19.232-1 clamav version : 0.103.5+dfsg-0+deb10u1 amd64 I got this in the log /var/log/clamav/clamav.log ... ... Fri Mar 25 13:00:11 2022 -> ERROR: Unknown

Re: [clamav-users] Detection glitch on series of Excel files

Hi Kris, On Fri, 25 Mar 2022, Kris Deugau wrote: I've been seeing a series of Excel files recently that seem to be triggering a bug of some kind. ... What version of ClamAV? ... clamscan -d test.hdb on one of these files produces a result like this: Invoice 251064533 QT8094914.xls:

Re: [clamav-users] --config-file= bug

Hi there, On Wed, 30 Mar 2022, Gabriel via clamav-users wrote: As it seems clamdscan always load the default clamAV config file and ignore --config-file= (if passed) e.g. I tried clamdscan --verbose --config-file=/usr/local/test/clamd_custom.conf /home/files/* I tried to change various

Re: [clamav-users] Inquiry about ClamAV's usage within sandbox

Hi there, On Wed, 30 Mar 2022, Yang, Jiayi via clamav-users wrote: ... what will happen if ClamAV is compromised? I'm guessing ... It doesn't help to guess. If *anything* is compromised then you should probably treat the entire computer to be under the control of criminals and act

Re: [clamav-users] how to exclude windows signatures when doing a clamscan ?

Hi there, On Mon, 28 Mar 2022, sp339 via clamav-users wrote: I'm on linux and I would like to exclude all signatures of Windows when doing a clamscan. Can this be done? Not easily. If you can tell us your problem instead of asking how you might solve it we might be able to manage your

Re: [clamav-users] FreshClam is unable to access Mirror sites in our production...

Hi there, On Tue, 1 Feb 2022, Sandhu, Jaspal (HQP) via clamav-users wrote: Freshclam is unable to access the mirror site. We are planning to upgrade in the coming sprints to the 0.104 version. Which version are you using? See https://docs.clamav.net/faq/faq-eol.html -- 73, Ged.

Re: [clamav-users] problem for freshclam

Hi there, On Sat, 29 Jan 2022, Dorian ROSSE via clamav-users wrote: I was added freshclam on the Cron job, The freshclam utility can run in two ways. It can run and then stop, or it can run indefintely (then it is what we call a 'daemon'). The configuration and the commands you give

Re: [clamav-users] 【BCPWEB】BCPWEBシステムでエラーが発生

Hi there, On Wed, 2 Feb 2022, 外谷信之 / TOYA，NOBUYUKI wrote: 【Query】 〇Fleshclam will fail from February 1 　・ERROR: Can't download daily.cvd from database.clamav.net 　・ERROR: getfile: Unknown response from database.clamav.net 　　 (IP:104.16.218.84): HTTP/1.1 403 　・ERROR: getpatch: Can't download

Re: [clamav-users] problem for freshclam

Hi there, On Sun, 30 Jan 2022, colin course via clamav-users wrote: i see i should have read your email with more care well done you now if i could only get mine to download some signatures but it wont do that as its out of date Perhaps you should have read my email with more care too:

Re: [clamav-users] clamav milter + sendmail, sendmail not reporting reject

Hi there, On Mon, 7 Feb 2022, Marc wrote: Normally when a client connection is reject by my sendmail server, the client is notified of the Reject message and the client server is generating a NDR. This is listed in my log as [1] however when I send a virus it looks like sendmail is not

Re: [clamav-users] Locating clamav-milter to match v0.104.2

Hi there, On Tue, 8 Feb 2022, Hall, Michael H. (GSFC-423.0)[RAYTHEON COMPANY] via clamav-users wrote: I am hoping to find a clamav-milter to match the current version of clamav. The current link on website seems to go to GitHub. GitHub then says that you need to get software from ClamAV. If

Re: [clamav-users] clamav milter + sendmail, sendmail not reporting reject

Hi there, On Tue, 8 Feb 2022, Marc wrote: ... the frontend servers know what can be relayed. Hmm. Do you have multiple MTAs processing mail in some kind of chain? Can you describe your setup more fully? ... I noticed somewhere in clamav or clamav-milter there was a '--bounce' option. And

Re: [clamav-users] reloading database problem

Hi there, On Wed, 9 Feb 2022, Matus UHLAR - fantomas wrote: I have clamav 0.103.5 installed on debian 11 and I'm getting too often errors when reloading database. looking back this problem started appearing on: Mon May 10 11:51:15 2021 -> Database correctly reloaded (12721518 signatures) Mon

Re: [clamav-users] Unable to mirror ClamAV database

Hi there, On 9 Feb 2022, at 00:45, Roy Cohen wrote: This is my first post ... Welcome. :) ... ClamAV 0.103.0/26063 ... mirror updates using ... /usr/local/bin/clamavmirror ... Well, you might have told us what 'clamavmirror' is, and from where you got it. :) The problem I have that

Re: [clamav-users] is there a kill signal to have freshclam do an update check?

Hi there, On Wed, 9 Feb 2022, Marc wrote: Is there a command that can make a running freshclam daemon do an update request instantly? SIGUSR1, assuming it's compiled with it enabled. -- 73, Ged. ___ clamav-users mailing list

Re: [clamav-users] CLAMAV update error

Hi there, On Mon, 7 Feb 2022, 外谷信之 / TOYA，NOBUYUKI wrote: 【Query】 In the clamav update, do the following (1)install.sh (2)update.peal The following error occurs in (2) 【error】 [root@ip-10-0-55-104 clamav-update-2.2.7]# ./clamav-update.pl Can't exec "host": No such file or directory at

Re: [clamav-users] reloading database problem

Hi there, On Thu, 10 Feb 2022, Matus UHLAR - fantomas wrote: ... I think most of it comes from securiteinfo.com feed, which I have subscribed into. I have this machine for personal use. it seems their signatures are the most commonly catched: % zgrep -Fih FOUND `ls -1tr clamav.log*` | awk

Re: [clamav-users] help with my system please hybrid os does not update signatures

Hello again, On Mon, 17 Jan 2022, colin course via clamav-users wrote: one more thing ged who is this user 121 ?is that normal to see on process properties and its only on clam it was root and thats when the scan worked but i have seen it being user 121 before In a Linux system, each user

Re: [clamav-users] Current replacement for --max-ratio?

Hi there, On Fri, 14 Jan 2022, Kris Deugau wrote: I've just come across a presumed-malicious .zip file of about 500K that contains a ~315M ISO image, which in turn appears to contain a ~315M executable file. After a bit of searching and testing I see the --max-ratio option has been removed

Re: [clamav-users] help with my system please hybrid os does not update signatures

Hi there, On Tue, 18 Jan 2022, colin course via clamav-users wrote: ... i do not like the look of what that cron file is saying looks bad ... cron tab The 'cron' system is usually part of the core of more or less any Linux installation. There are alternatives to it but they function in

Re: [clamav-users] help with my system please hybrid os does not update signatures

Hi Colin, On Fri, 21 Jan 2022, colin course via clamav-users wrote: ... memory 483 .4 mib ... Your typing leaves a lot to be desired but I guess you've done your best to give me the information that I asked for. If we're meant to read that as four hundred and eighty-three point 4 Mebibytes

Re: [clamav-users] help with my system please hybrid os does not update signatures

Hi there, On Wed, 19 Jan 2022, colin course via clamav-users wrote: i dont like the cron job because it saying as far as i can tell its excluding those directories not scanning them . It's only excluding some directories, but if you wish you can just remove those exclusions. However it is

Re: [clamav-users] problem for freshclam

Hi there, On Sun, 23 Jan 2022, Dorian ROSSE via clamav-users wrote: i have do the command line following for repair freshclam ... ... chown root:root /var/log/clamav/freshclam.log ... root@ubuntu-ThinkPad-X250:~# chmod 755 /var/log/clamav/freshclam.log

Re: [clamav-users] Does ClamAV scan attachments embedded in .msg files

Hi there, On Fri, 14 Jan 2022, Andreas Wittig wrote: I'd like to know, whether ClamAV scans attachments embedded in .msg files. ClamAV can and will scan anything. It is a Unix-style application, by which I mean it is coded in ways which are unlike many (most?) Windows applications where the

Re: [clamav-users] Does ClamAV scan attachments embedded in .msg files

Hi there, On Fri, 14 Jan 2022, colin course via clamav-users wrote: i would like to get mine to be able to work will not update signatures zero signatures Please do not hijack an existing thread for an unrelated question. Please start a new thread with a subject line describing your

Re: [clamav-users] why is clamscan excluding home directory ?

Hi there, On Fri, 8 Apr 2022, Bob Power via clamav-users wrote: [root@fedora bob]# cat clamscan.conf ... [root@fedora bob]# xargs -a clamscan.conf clamscan / > ... Kinda creative and unnecessary, I think, to use xargs in this way and the result goes against the 'man' page for clamscan

Re: [clamav-users] Is the signature "Win.Tool.Hoax-9939325-0" really problematic ?

Hi there, On Mon, 11 Apr 2022, alex via clamav-users wrote: Recently, ClamAV sent us the following alert "Win.Tool.Hoax-9939325-0" on one of our executables. This software was developed by our teams and has not been modified since 2014. And suddenly, an alert is lifted... On a point of

Re: [clamav-users] On access scanning causes system lockup with certain directories

Hi there, On Wed, 13 Apr 2022, Oorschot, R. van (IVO Rechtspraak) via clamav-users wrote: I'm setting up a test environment with ClamAV and on access scanning and came across some problems. When I add the directories /etc and /usr to the OnAccessIncludePath list, the machine totally locks

Re: [clamav-users] SAP - CLAMSAP vs McAfee

Hi there, On Thu, 7 Apr 2022, Almeida, Nuno wrote: In our current project, we are using SAP Linux Suse 15.2 with MCafee EPO. In order to activate the AV config for SAP (SAP Linux does not support Mcafee) we're thinking implementing the ClamSAP AV. MY question is: * Is there any problem to

Re: [clamav-users] DoD/IL4/Federal use case

Hi there, On Tue, 19 Apr 2022, Enver Bahar via clamav-users wrote: I tried before but didn't get a response, any directions would be great: I read on some forums that ClamAV is approved for federal use and approved by DoD for IL4 - is that correct? If so, where can I find such information?

Re: [clamav-users] Update problem today

Hi there, On Sat, 23 Apr 2022, Paul Smith via clamav-users wrote: Hi, I'm using ClamAV 104.2 (for Windows) and am getting an update problem which looks like one of the mirrors isn't updated properly. It's been doing this all day. It's seeing that the latest version is 26521, but the file it's

Re: [clamav-users] clamav/safebrowsing updates?

Hi there, On Mon, 25 Apr 2022, Alex via clamav-users wrote: Is the clamav-safebrowsing repository still maintained? https://blog.clamav.net/2020/06/the-future-of-clamav-safebrowsing.html -- 73, Ged. ___ clamav-users mailing list

Re: [clamav-users] clamav "Can't unlink file ERROR"

Hi there, On Tue, 17 May 2022, An Schall via clamav-users wrote: we are trying to get clamscan / clamdscan functional on a RHEL with GPFS as a filesystem. Is the operating system also on GPFS or is this a separate filesystem? Do you have any examples of clamdscan actually being able to

Re: [clamav-users] ClamAV Queries on Maximum file size

Hi there, On Thu, 19 May 2022, Deenadhayalan Natarajan via clamav-users wrote: I would like to get some details about the maximum file size clamAV can support. As we got to know from the documentation that it supports upto 4GB of maximum file size but would like any possibilities of extending

Re: [clamav-users] rust on IBM i PASE environment - a must ?

Hi there, On Thu, 19 May 2022, Zvi Kave via clamav-users wrote: We have ClamAV 0.104.1 compiled from sources and working  fine in IBM i PASE environment - which is quite same architecture like IBM AIX binaries. We have a problem to compile ClamAV 0.105.0 because at present we have not rust

Re: [clamav-users] Heuristics.Phishing.Email.SpoofedDomain false positive desjardins.com

Hi there, On Mon, 30 May 2022, Mathieu Morier via clamav-users wrote: desjardins.com is a Québec Canada Coop Bank Institution and for a couple weeks, all their email to our email server as flag my CLAM for Heuristics.Phishing.Email.SpoofedDomain ... They probably did

Re: [clamav-users] How often can I run cvdupdate?

Hi there, On Wed, 25 May 2022, Orion Poplawski via clamav-users wrote: We're starting to run clamav on more local hosts and were starting to see rate limiting messages. So I've setup a local private mirror with cvdupdate ... I'm starting to see warnings like: Received signal: wake up

Re: [clamav-users] Uninstall macos universal package

Hi there, On Wed, 1 Jun 2022, Ismael via clamav-users wrote: I installed the clamav-0.105.0.macos.universal.pkg and I want to remove whatever was installed on my system but I can't find anything when searching. How can I remove and find what was installed? This is less a question about

Re: [clamav-users] ClamAV 0.105.0 service deployed as a Docker container on AWS ECS seem to stop abruptly on startup

Hi there, On Wed, 11 May 2022, John Varghese via clamav-users wrote: ... Tue May 10 20:14:59 2022 -> Reading databases from /var/lib/clamav I need help understanding why the clamav service seems to hang after the container starts. Using clamd with Docker is a bit new. I never tried it - I

Re: [clamav-users] false positives for firefox add-ons?

Hi there, On Sat, 25 Jun 2022, Christian wrote: ... Archive.Test.Agent2-9953724-0 FOUND/ ... A false positive, as it turns out this is a signature which should never have been published: https://lists.clamav.net/pipermail/clamav-users/2022-June/012731.html It should go away on the next

Re: [clamav-users] Clamav high resource usage

Hi there, On Fri, 8 Jul 2022, Asier Gomez via clamav-users wrote: We are trying to run Clamav in some instances what not more than 1Gb of free memory, so when Clamscan runs the scan, the instance dies. This is to be expected. You really should read the documentation. See "Recommended

Re: [clamav-users] Permanently banned from clamav

Hi there, On Sun, 3 Jul 2022, Calogero Di Legami via clamav-users wrote: ... i am the guy who started the discussion... Yes, we know. Hello again. :) ... i download the database trough clamwin ... You could have saved us a lot of time by mentioning that earlier. :/ The current version

Re: [clamav-users] Permanently banned from clamav

Hi Grant, On Sat, 2 Jul 2022, Grant Taylor via clamav-users wrote: ... the questions are somewhat academic ... https://en.wikipedia.org/wiki/How_many_angels_can_dance_on_the_head_of_a_pin%3F :) I assume you are saying that "regularly" specifies what the cadence is. No. My "Yes, it

Re: [clamav-users] Permanently banned from clamav

Hi Grant, On Sat, 2 Jul 2022, Grant Taylor via clamav-users wrote: On 7/2/22 7:50 AM, G.W. Haywood via clamav-users wrote: Regular downloading of the entire daily database is not acceptable. Please clarify what "regularly" means in this case? I think Mr. Broekman has answered w

<    3   4   5   6   7   8   9   >