Disregard, I found it here after they got the new main.cvd: <http://clamav-du.securesites.net/cgi-bin/clamgrok?virus=Win.Trojan.Trojan-605&search-type=contains&case-sensitivity=No&database=daily&database=main&display=database&display=virus&display=signature&.submit=Submit&.cgifields=database&.cgifields=search-type&.cgifields=case-sensitivity&.cgifields=display>
I’ll see what I get once my main.cvd finishes. -Al- On Wed, Mar 16, 2016 at 09:32 PM, Al Varnell wrote: > > I’m still looking, but so far I can’t find any Win.Trojan.Trojan signatures > in the ClamAV Official database or listed in clamav-virusdb e-mail list. > > Nor can I confirm your results using my own EICAR. > > Are you using any Unofficial signatures from a different source? > > -Al- > > On Wed, Mar 16, 2016 at 09:06 PM, Jason J. W. Williams wrote: >> >> Pulled down 21466 (and force restarted clamd) but it's still classifying >> EICAR as Win.Trojan.Trojan: >> >> https://gist.github.com/williamsjj/b8104402e80f44475df5 >> >> Databases are up to date now: >> main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: >> amishhammer) >> Empty script daily-21465.cdiff, need to download entire database >> Downloading daily.cvd [100%] >> daily.cvd updated (version: 21466, sigs: 83889, f-level: 63, builder: >> amishhammer) >> Empty script bytecode-275.cdiff, need to download entire database >> Downloading bytecode.cvd [100%] >> bytecode.cvd updated (version: 275, sigs: 45, f-level: 63, builder: >> amishhammer) >> Database updated (4302724 signatures) from db.local.clamav.net (IP: >> 193.1.193.64) >> >> >> >> On Wed, Mar 16, 2016 at 9:00 PM, Al Varnell <alvarn...@mac.com> wrote: >> >>> Those are normal messages for an update of this kind. The 21465.cdiff was >>> purposely blank in order to force you to download the entire daily.cvd. >>> Give it plenty of time as the main.cvd is 109MB. >>> >>> Technical details: < >>> http://blog.clamav.net/2016/03/clamav-signature-interface-maintenance.html >>>> >>> >>> -Al- >>> >>> On Wed, Mar 16, 2016 at 08:56 PM, Jason J. W. Williams wrote: >>>> >>>> Thanks. Hopefully it'll sync up soon. I'm getting weird download errors >>> out >>>> of freshclam: >>>> >>>> WARNING: getfile: Error while reading database from db.local.clamav.net >>>> (IP: 200.236.31.1): Operation now in progress >>>> WARNING: getpatch: Can't download daily-21465.cdiff from >>> db.local.clamav.net >>>> nonblock_recv: recv timing out (30 secs) >>>> WARNING: getfile: Error while reading database from db.local.clamav.net >>>> (IP: 194.186.47.19): Operation now in progress >>>> WARNING: getpatch: Can't download daily-21465.cdiff from >>> db.local.clamav.net >>>> Empty script daily-21465.cdiff, need to download entire database >>>> >>>> On Wed, Mar 16, 2016 at 8:54 PM, Al Varnell <alvarn...@mac.com> wrote: >>>> >>>>> The new database was just made available, so I recommend you hold off >>>>> until you have the new mail.cvd v57 and daily.cvd v21466 before getting >>> too >>>>> excited about this. >>>>> >>>>> -Al- >>>>> >>>>> On Wed, Mar 16, 2016 at 08:49 PM, Jason J. W. Williams wrote: >>>>>> >>>>>> As of the latest daily update, running ClamAV against the EICAR test >>>>> string >>>>>> reports Win.Trojan.Trojan-605 instead of Eicar-Test-Signature. >>>>>> >>>>>> -J
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
