Re: [clamav-users] Max Open File Descriptors issue found this morning

2018-01-26 Thread Jason J. W. Williams
Hi Joel, Appreciate you chiming in. For what its worth, I can confirm David Shrimpton's suggestion of adding Vbs.Downloader.Generic-6431223-0 to local.ign2 stops the problem. -J On Fri, Jan 26, 2018 at 7:38 AM, Joel Esler (jesler) wrote: > There are a bunch of threads going

Re: [clamav-users] Problem with Max Open desciptor Files limit

2018-01-26 Thread Jason J. W. Williams
Good find David. Thank you very much. -J On Fri, Jan 26, 2018 at 7:18 AM, David Shrimpton wrote: > I found adding Vbs.Downloader.Generic-6431223-0 to local.ign2 and > restarting clamd fixed the problem. > > This sig turned up in an update at 11:51AM GMT+10 26/1/2018

Re: [clamav-users] ClamAV(R) blog: ClamAV 0.99.3 has been released!

2018-01-26 Thread Jason J. W. Williams
Hi Joel & Micah, Is anyone from Cisco going to be commenting on the signatures issue everyone is seeing with daily.cld 24256+? -J On Fri, Jan 26, 2018 at 7:13 AM, Micah Snyder (micasnyd) wrote: > Tobi, > > Yup this is correct. We are planning to get an 0.100.0 beta out

Re: [clamav-users] How the bad signature happened - conjecture (was Re: URGENT: Clamd is wedged on multiple installations)

2018-01-26 Thread Jason J. W. Williams
HI Marcus, Any chance you'd be willing to share your copy of 24255? -J On Fri, Jan 26, 2018 at 7:07 AM, Marcus Schopen <li...@localguru.de> wrote: > Am Freitag, den 26.01.2018, 07:02 -0800 schrieb Jason J. W. Williams: > > How does one manually download an old daily.cld? &g

Re: [clamav-users] How the bad signature happened - conjecture (was Re: URGENT: Clamd is wedged on multiple installations)

2018-01-26 Thread Jason J. W. Williams
How does one manually download an old daily.cld? -J On Fri, Jan 26, 2018 at 7:00 AM, Paul wrote: > On 26/01/2018 14:56, Marcus Schopen wrote: > > Am Freitag, den 26.01.2018, 07:48 -0700 schrieb Rafael Ferreira: >> >>> Nope, latest is still >>> >>> File: daily.cvd >>>

Re: [clamav-users] How the bad signature happened - conjecture (was Re: URGENT: Clamd is wedged on multiple installations)

2018-01-26 Thread Jason J. W. Williams
We started seeing this problem last night as well. Reading through the thread, it doesn't appear that ClamAV has fixed the signatures yet (as of 24257), or am I wrong? -J On Fri, Jan 26, 2018 at 6:24 AM, Dianne Skoll wrote: > On Fri, 26 Jan 2018 13:50:27 +0100 > Ralf

[clamav-users] daily-23474 & daily-23475 updates are failing to load

2017-06-15 Thread Jason J. W. Williams
Hi Guys, Earlier this evening all of our healthchecks for the freshness of our ClamAV servers' databases started to go off indicating all of them were 2 versions behind. Investigating the freshclam logs, all of the servers are reporting the same error loading the daily cdiffs: freshclam daemon

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

2016-06-03 Thread Jason J. W. Williams
Manager, Talos Group. > > Sent from Janet's iPad > > -Al- > > On Mar 17, 2016, at 1:09 PM, "Jason J. W. Williams" < > jasonjwwilli...@gmail.com> wrote: > > Does anyone that's chimed in work on the signatures team? > > > > -J > > >

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

2016-05-17 Thread Jason J. W. Williams
cld (e.g. file permissions, > path difference) that would be the culprit. > > Hope this helps, > > Dave R. > > > On Tue, May 17, 2016 at 4:33 PM, Jason J. W. Williams < > jasonjwwilli...@gmail.com> wrote: > > > Yessir: > > > > # sigtool -u /var/lib/cla

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

2016-05-17 Thread Jason J. W. Williams
ojan.Trojan-605' daily.ign > main:42:Win.Trojan.Trojan-605 > > > Same on your end? > > - Alain > > On Tue, May 17, 2016 at 4:22 PM, Jason J. W. Williams < > jasonjwwilli...@gmail.com> wrote: > > > We do. > > > > -J > > > > On Tue, Ma

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

2016-05-17 Thread Jason J. W. Williams
ou have both main.cvd and daily.cvd. Please confirm. > > Thanks, > > - Alain > > > > On Tue, May 17, 2016 at 4:11 PM, Jason J. W. Williams < > jasonjwwilli...@gmail.com> wrote: > > > No ClamAV 0.98.7. > > > > -J > > > > On Mon, May 16, 2016 at

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

2016-05-17 Thread Jason J. W. Williams
2002573 > > > > > fake_dont_remove_this_line > ... > Win.Trojan.Trojan-605 > > I wonder if it’s engine specific? Are you using 0.99.x > > -Al- > > On Mon, May 16, 2016 at 01:45 PM, Jason J. W. Williams wrote: > > > > Lo

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

2016-05-16 Thread Jason J. W. Williams
f > until you have the new mail.cvd v57 and daily.cvd v21466 before getting too > excited about this. > > -Al- > > On Wed, Mar 16, 2016 at 08:49 PM, Jason J. W. Williams wrote: > > > > As of the latest daily update, running ClamAV against the EICAR test > string

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

2016-03-19 Thread Jason J. W. Williams
t; > /Users/avarnell/Desktop/•Download/clamav-0.99.1/test/.split/split.clam_IScab_ext.exeaa > Win.Trojan.Trojan-476 > >>> > /Users/avarnell/Desktop/•Download/clamav-0.99.1/test/.split/split.clamjol.isoaa > Win.Trojan.Trojan-476 > >>> > >&

[clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

2016-03-19 Thread Jason J. W. Williams
As of the latest daily update, running ClamAV against the EICAR test string reports Win.Trojan.Trojan-605 instead of Eicar-Test-Signature. -J ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

2016-03-19 Thread Jason J. W. Williams
, Mar 16, 2016 at 8:54 PM, Al Varnell <alvarn...@mac.com> wrote: > The new database was just made available, so I recommend you hold off > until you have the new mail.cvd v57 and daily.cvd v21466 before getting too > excited about this. > > -Al- > > On Wed, Mar 16, 2

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

2016-03-19 Thread Jason J. W. Williams
ank in order to force you to download the entire daily.cvd. > Give it plenty of time as the main.cvd is 109MB. > > Technical details: < > http://blog.clamav.net/2016/03/clamav-signature-interface-maintenance.html > > > > -Al- > > On Wed, Mar 16, 2016 at 08:56 PM, Jason J.

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

2016-03-19 Thread Jason J. W. Williams
’t find any Win.Trojan.Trojan > signatures in the ClamAV Official database or listed in clamav-virusdb > e-mail list. > > > > Nor can I confirm your results using my own EICAR. > > > > Are you using any Unofficial signatures from a different source? > > > &g

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

2016-03-18 Thread Jason J. W. Williams
res from a different source? > > -Al- > > On Wed, Mar 16, 2016 at 09:06 PM, Jason J. W. Williams wrote: > > > > Pulled down 21466 (and force restarted clamd) but it's still classifying > > EICAR as Win.Trojan.Trojan: > > > > https://gist.github.com/williamsjj/b8