Actually it appears that only "part" of AVG detects it.
Virustotal indicates that AVG cleared the file as being "clean" however
the second site (garyshood.com) seemed to use AVG "command line"
Given the reputation of some of the scanners referenced by Virustotal,
not to mention the sheer
Tomasz Kojm wrote:
Your signature will only match Dear Paypal Members\n (0a == new
line) and
not Dear Paypal Members.
Thanks for the reply.
I knew that when I set it up. I figured if I can't get a simple word
match to work, trying to get complex with it wouldn't be much use.
But alas, It
I decoded the hex string and it actually matches Dear PayPal Member\n
(PayPal instead of Paypal)
Yea, I caught that, it doesn't make any difference
___
http://lurker.clamav.net/list/clamav-users.html
I'm trying to add a couple of custom phishing signatures using .ndb
files within clamav's database directory
For testing purposes I've used a simple phrase Dear Paypal Members and
created a hex key for it
Email.Phishing.Paypal.Test.0227001:0:*:446561722050617950616c204d656d6265720a
I've also
I've been seeing this on a lot of servers as well but the time/date on
the servers are correct. Many of them are even timing out trying to grab
the dns record occasionally. Anyone else seeing this?
Here too, and server time is correct though the log entries seem to
point to DNS issues.
Im
Derek Lamparty wrote:
I didn't know that was possible. Huh? Doesn't that really make RBLs
pointless?
No, it makes reporting based only on headers pointless.
___
http://lurker.clamav.net/list/clamav-users.html
Anyone happen to know what happened to http://www.rainingfrogs.co.uk ?
___
http://lurker.clamav.net/list/clamav-users.html
Joanna Roman wrote:
ClamAV team, I wonder how your finance is going ? Are
you guys in the black or red right now ? I think you
are great guys. I just hate to see this great project
gets interrupted because of financial issue. John
If you're concerned, feel free to make a donation ;) and
Bart Silverstrim wrote:
It was. It was an insult. I think it is understandable given that to
me it was provoked, and not necessarily aimed personally at you but
instead to all on the list that were giving a virtual flick-off. As
an observer the response he got wasn't really well deserved
List wrote:
Have you restarted the clamd processes?
I had the machine rebooted after I upgraded clamav
Just updated 2 boxes w/ no problem on my end..
?? I'm assuming you remembered to run make install ??
___
Bart Silverstrim wrote:
Please no...please please no
___
http://lurker.clamav.net/list/clamav-users.html
LMAO!
That was exactly what I was thinking when I opened the question ;)
___
Bart Silverstrim wrote:
I had a number of hits showing up within the Windows/system directory.
Heh, didn't Norton detect windows as a virus at one time?
A subsequent scan with a standalone utility from an AV vendor showed
no sign of the viruses in that directory.
This doesn't necessarily mean
Bart Silverstrim wrote:
I was just wondering if anyone else had resources to try running the
scan via a bootable Linux CD (like the INSERT CD) and scan a Windows
system to see if they were getting oddball false hits.
I've got Knoppix lying around.
Either tonight or tomorrow morning I'll load it,
Bart Silverstrim wrote:
Personally, my gripe is that the product is called ClamAV. If it's
expanding it's mission to protect people from everything called
malware, I'd change the name to something that indicates it's a
malware detector and not a virus detector. Phishing scams are *not*
Julian Mehnle wrote:
I can't believe you still didn't get the point.
This is NOT about removing ClamAV's capacity for detecting phishing
attacks, little yellow rubber ducks in PNG images, or whatever else. This
is about making it _optional_, for those people who don't want certain
types of
[EMAIL PROTECTED] wrote:
um, reread what you just wrote. 'any item regardless of it's delivery
method that has the potential to do harm financially or otherwise'.
let's see, little old ladies emailing their bank account information
to MRS. MIRIAM SESE SEKO, LATE OF THE CHIEF PETROLEUM RESERVES
hai
Does any one know how to filter mails using clamAV milter using with
sendmail
I don't want to use spamassassin it will only mark as junk I don't want to
send
it to users i want to move it to a perticular mail box
thanks
This is rather simple with spamassassin err I should say
On Tue, 22 Feb 2005 09:38:20 -0600 (CST)
Ken Jones [EMAIL PROTECTED] wrote:
When I go to the address http://www.clamav.net/ the latest version is
still .82.
0.83 is listed under stable downloads, as it should be.
I may be wrong here, but I believe 0.83 was more or less just a bug fix,
Frank Elsner wrote:
On Tue, 15 Feb 2005 08:54:09 -0500 akshat wrote:
Why not possible, earlier it was updated
automatically. An entry is made in
crontab.
Don't mix up a) update of database
b) update of the software (binaries)
This appears to be a common
[EMAIL PROTECTED] wrote:
easier:
change the text from:
WARNING: Your ClamAV installation is OUTDATED - please update
immediately!
WARNING: Local version: 0.81 Recommended version: 0.82
to
WARNING: A new version of the ClamAV program is available! Your
version: 0.82
WARNING: New version
Tomasz Papszun wrote:
http://www.clamav.net/faq.html#pagestart
Surprise, surprise ;-) .
LOL
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
You know, this gets old real quick!
Back when this debate first started (around November or so) I never
thought it would stop.
In November I decided to do 2 things 1 log what virus's were being
caught, where they were going, and what virus was detected.
Out of 446 detected viruses, 167 were
Is this a joke? licensed under the GPL not free for commercial
use.
As far as I can tell there is nothing wrong with this. In fact I've seen
this quite alot.
The GPL does not prevent anyone from making money.
___
Joe Maimon wrote:
I'm certainly *very* happy that ClamAV team have added more phishing
detections (thanks Trog et all).
Yes, you're correct it's social engineering but it doesn't stop
users clicking on the links
and downloading the keylogging trojan, from the remote site that the
phish email
Jo Mills wrote:
On Wed, Sep 01, 2004 at 02:20:37PM +0200, Maurizio Marini wrote:
as subscriber to Modssl-users, i'm receiving by yestarday many copies of an
email with subject: foto
coming from engelschall
i think some of them have received it , too
In my opinion the modssl users list has
25 matches
Mail list logo