ClamAV 0.93.3/7877/Tue Jul 29 12:43:08 2008 Output of clamconf is: # clamconf /etc/clamd.conf: clamd directives ------------------------------ LogFile not set LogFileUnlock = no LogFileMaxSize = 1048576 LogTime = no LogClean = no LogVerbose = no LogSyslog = yes LogFacility = "LOG_MAIL" PidFile = "/var/lib/clamav/clamd.pid" TemporaryDirectory not set ScanPE = yes ScanELF = yes DetectBrokenExecutables = no ScanMail = yes MailFollowURLs = no PhishingSignatures = yes PhishingScanURLs = yes PhishingAlwaysBlockCloak = no PhishingAlwaysBlockSSLMismatch = no PhishingRestrictedScan = yes DetectPUA = no AlgorithmicDetection = yes ScanHTML = yes ScanOLE2 = yes ScanPDF = no ScanArchive = yes MaxScanSize = 104857600 MaxFileSize = 26214400 MaxRecursion = 16 MaxFiles = 10000 ArchiveLimitMemoryUsage = no ArchiveBlockEncrypted = no DatabaseDirectory = "/var/lib/clamav" TCPAddr = "127.0.0.1" TCPSocket = 3310 LocalSocket = "/var/lib/clamav/clamd-socket" MaxConnectionQueueLength = 15 StreamMaxLength = 10485760 StreamMinPort = 1024 StreamMaxPort = 2048 MaxThreads = 10 ReadTimeout = 300 IdleTimeout = 30 MaxDirectoryRecursion = 15 FollowDirectorySymlinks = no FollowFileSymlinks = no ExitOnOOM = no Foreground = no Debug = no LeaveTemporaryFiles = no FixStaleSocket = yes User = "vscan" AllowSupplementaryGroups = no SelfCheck = 600 VirusEvent not set ClamukoScanOnAccess not set ClamukoScanOnOpen not set ClamukoScanOnClose not set ClamukoScanOnExec not set ClamukoIncludePath not set ClamukoExcludePath not set ClamukoMaxFileSize = 5242880 DevACOnly not set DevACDepth not set
/etc/freshclam.conf: freshclam directives ------------------------------ LogFileMaxSize = 1048576 LogTime = no LogVerbose = no LogSyslog = yes LogFacility = "LOG_MAIL" PidFile = "/var/lib/clamav/freshclam.pid" DatabaseDirectory = "/var/lib/clamav" Foreground = no Debug = no AllowSupplementaryGroups = no DatabaseOwner = "vscan" Checks = 12 UpdateLogFile = "/var/log/freshclam.log" DNSDatabaseInfo = "current.cvd.clamav.net" DatabaseMirror = "db.uk.clamav.net" MaxAttempts = 3 ScriptedUpdates = yes CompressLocalDatabase = no HTTPProxyServer = "wwwcache.wmin.ac.uk" HTTPProxyPort = 3128 HTTPProxyUsername not set HTTPProxyPassword not set HTTPUserAgent not set NotifyClamd = "/etc/clamd.conf" OnUpdateExecute not set OnErrorExecute not set OnOutdatedExecute not set LocalIPAddress not set ConnectTimeout = 30 ReceiveTimeout = 30 Engine and signature databases ------------------------------ Engine version: 0.93.3 Database directory: /var/lib/clamav main db: Format: .inc, Version: 46, Build time: Sun Apr 6 19:57:08 2008 daily db: Format: .cvd, Version: 7877, Build time: Tue Jul 29 12:43:08 2008 We are encounering problem with UPS (phishing or virus) e-mail and for a long time it was unable to catch it. A folder containg eicar test virues produced the following results: # clamscan . ./eicar.com: Eicar-Test-Signature FOUND ./eicar.com.txt: Eicar-Test-Signature FOUND ./eicar_com.zip: Eicar-Test-Signature FOUND ./eicarcom2.zip: Eicar-Test-Signature FOUND ----------- SCAN SUMMARY ----------- Known viruses: 403172 Engine version: 0.93.3 Scanned directories: 1 Scanned files: 4 Infected files: 4 Data scanned: 0.00 MB Time: 2.644 sec (0 m 2 s) Sujit Choudhury ISLS University of Westminster This e-mail and its attachments are intended for the above named only and may be confidential. If they have come to you in error you must not copy or show them to anyone, nor should you take any action based on them, other than to notify the error by replying to the sender. -- The University of Westminster is a charity and a company limited by guarantee. Registration number: 977818 England. Registered Office: 309 Regent Street, London W1B 2UW, UK. _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
