[clamav-users] Does ClamAV detect stalkerware?

[Alessandro Vesely via clamav-users]

Hi all,

first of all, what is stalkerware?
https://stopstalkerware.org/about/what-is-stalkerware/

Kaspersky, for one, detect it since April:
https://www.vice.com/en_us/article/vbw9g8/kaspersky-lab-alert-stalkerware-domestic-abuse

Now, I don't even know whether ClamAV runs on Android (I'm the proud user of a 
Nokia 2760).  However, I'd like to be able to catch any stalkerware in email 
attachments or shared files.  That's why I'm asking.


Best
Ale
-- 













___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Does ClamAV detect stalkerware?

[Al Varnell via clamav-users]

On Nov 23, 2019, at 00:29, Alessandro Vesely via clamav-users 
 wrote:
> 
> Now, I don't even know whether ClamAV runs on Android (I'm the proud user of 
> a Nokia 2760).  However, I'd like to be able to catch any stalkerware in 
> email attachments or shared files.  That's why I'm asking.
> 
> 
> Best
> Ale

I am reasonably certain that it doesn't run on your Nokia and don't see any 
third party adaptations or tools at the bottom of this page available for your 
phone
>

But there are 358,990 signatures that identify all types of Android malware. 
You would therefore need to run it on a computer subscribed to your email 
account to catch any attachments and if your phone is backed up to the 
computer, it should also report the presence of any malicious apps that you 
have installed on the phone.

There could also be some 3rd party UNOFFICIAL signature available for android, 
but I'm not familiar enough with them to know.

-Al-
ClamXAV user
___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] clamonacc loop

[Frans de Boer]

LS,

I noticed a significant degradation of the performance on my systems, 
which ended when I stopped clamonacc.


As I looked further, it seems that clamonacc is constantly looping 
around the same file. As far as I can tell, the last file it scanned - 
but not sure about that. I can easily reproduce that by using .bash_history.
After a command, say top, I stopped that and clamonacc keeps on 
displaying 'performing scan'.


As another process is also running and updating a file - which I have 
excluded but is not (.BOINC Manager) - it displays the scanning of that 
other file, and resumes by scanning .bash_history over and over again.


This happens also with any other file.

Remedy: disable clamonacc or go back to 0.101.5.

Regards, Frans.


___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Why does clamscan take so long searching?

[Rick Graham via clamav-users]

>> can't really suggest anything.

That's why I made the suggestion.


>>
>> > Perhaps a useful feature would be an extra verbose option ("-vv") that
>> > would print more clamscan status, like loading signatures.
>>
>>
>

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Why does clamscan take so long searching?

[Ralph Seichter via clamav-users]

* Grscripts via clamav-users:

> unluckly clamdscan does not honor --config-file=

Since clamdscan leaves scanning to the server (which is properly
configured), I have never tried to use "clamdscan --config-file=...",
but according to the man-page, the option should be supported.

-Ralph

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] OfficialDatabaseOnly yes ignored

[G.W. Haywood via clamav-users]

Hi there,

On Fri, 22 Nov 2019, Grscripts via clamav-users wrote:


ok I set

debug yes

in my clamd.conf and executed again

# clamdscan --verbose --config-file=clamd.conf /spam/*

but where can I see clamdscanner debug log ?


Try

man clamd.conf

--

73,
Ged.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Why does clamscan take so long searching?

[G.W. Haywood via clamav-users]

Hi there,

On Sat, 23 Nov 2019, Ralph Seichter via clamav-users wrote:


* Grscripts via clamav-users:


unluckly clamdscan does not honor --config-file=


Since clamdscan leaves scanning to the server (which is properly
configured), I have never tried to use "clamdscan --config-file=...",
but according to the man-page, the option should be supported.


I use it daily, version 0.102.x

--

73,
Ged.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml