On 6/29/11 3:29 PM, Török Edwin wrote:
(gdb) backtrace full
(gdb) backtrace full
#0 0x0008018baf4a in __error () from /lib/libthr.so.3
No symbol table info available.
#1 0x0008018bac3b in __error () from /lib/libthr.so.3
No symbol table info available.
#2 0x0008018b66c5 in pthre
On 6/29/11 3:29 PM, Török Edwin wrote:
Interesting. That appears to be some kernel lock.
Can you run:
procstat -k 20021
Best regards,
--Edwin
too late for that.. I put 0.97.1_1 (0.97.1 portrevsion 1. without wdt
patch) on it.
getting the rest of it for you now.
--
Michael Scheidell, CTO
On 2011-06-29 22:12, Michael Scheidell wrote:
> On 6/29/11 2:33 PM, Mark Martinec wrote:
>> It may be possible to have two instances of clamd running on
>> separate sockets, and when one fails switch over and restart
>> amavisd on the other, while leaving the first for experimentation.
> I have thi
On 6/29/11 2:33 PM, Mark Martinec wrote:
It may be possible to have two instances of clamd running on
separate sockets, and when one fails switch over and restart
amavisd on the other, while leaving the first for experimentation.
I have this.. sorta.
all of my amavisd.conf (2.6.4) have a backup
On 6/29/11 2:48 PM, Michael Scheidell wrote:
(gdb)
|
ok, got a core dump by using gdb to tell it to do a core dump.
Ill give access to it to clamav personal.
generate-core-file
Saved corefile core.20021
(gdb) quit
^CThe program is running. Quit anyway (and detach it)? (y or n) y
Detachin
On 6/28/11 2:49 PM, Török Edwin wrote:
SOMETHING changed from 0.97 to 0.97.1 that affects 64bit, and/or amd64.
If you still have one of those hung 0.97.1 (or come across in the future) can
you run
$ gcore
This should generate a core file of the hung process that can be investigated
later
(a
* Török Edwin :
> On 2011-06-29 17:01, Michael Scheidell wrote:
> >
> >
> > On 6/29/11 9:24 AM, Michael Scheidell wrote:
> >> Ok, so not just me.
> >>
> >> I am going to ask Ralf Hildebrandt what version of os he is using.
> >> maybe we can track this down.
> >>
> > so, its not just on amd64, fre
On 6/29/11 10:32 AM, Török Edwin wrote:
Can you ask him to attach gdb to it?
Or to run gcore?
That way we could get a stacktrace and have some idea on where the bug is.
Best regards,
--Edwin
___
already did.
we, who appreciate all the work the clamav team does for us will always
do
On 2011-06-29 17:01, Michael Scheidell wrote:
>
>
> On 6/29/11 9:24 AM, Michael Scheidell wrote:
>> Ok, so not just me.
>>
>> I am going to ask Ralf Hildebrandt what version of os he is using.
>> maybe we can track this down.
>>
> so, its not just on amd64, freebsd 7.3.
> he answered this:
>
>>
On 6/28/11 3:23 PM, Török Edwin wrote:
Maybe this one:
http://git.clamav.net/gitweb?p=clamav-devel.git;a=commitdiff;h=bbfe830c935837cfc357541cb307a7b863394abb;hp=d9ff9e65080d7c70de722e174d365d3b2cb312d3
But it survived a full regression test here (Linux/amd64).
Will go through the code again
On 6/29/11 9:24 AM, Michael Scheidell wrote:
Ok, so not just me.
I am going to ask Ralf Hildebrandt what version of os he is using.
maybe we can track this down.
so, its not just on amd64, freebsd 7.3.
he answered this:
freebsd? amd64? what version of Freebsd?
Debian Linux Testing, i38
> On Wed, 29 Jun 2011 12:45:37 +0300
> Henrik K wrote:
> So your users receive lot of legimate exes?
Nope, exes are zipped
--
RMA.
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
> Seriously! Why not have the user shut down his mail system entirely.
> That would pretty much ensure that no Virus or Malware is delivered via
> SMTP.
>
> Your suggest is only feasible if the user never wants to receive any
> executable or archived file formats. Assuming that they do, a better
>
Ok, so not just me.
I am going to ask Ralf Hildebrandt what version of os he is using.
maybe we can track this down.
Original Message
Subject:Re: AV timeout?
Date: Wed, 29 Jun 2011 09:36:20 +0200
From: Ralf Hildebrandt
To:
* Michael Scheidell:
Is there
On 2011 Jun 29, at 12:49 , Joel Esler wrote:
> If you have a sample of the file, submitting it through ClamAV's submission
> interface makes it "bubble up" so the rule writers can get to it faster.
Or if you're lucky and it's the exact same file every time, you can trivially
create your own sign
I think he should demand all his money back.
--
Michael Scheidell, CTO
SECNAP Network Security
-Original message-
From: Joel Esler
To: ClamAV users ML
Sent: Wed, Jun 29, 2011 10:50:25 GMT+00:00
Subject: Re: [clamav-users] Virus not detected by Clamav
If you have a sample of the file,
On Jun 29, 2011, at 7:58 AM, polloxx wrote:
> On Wed, Jun 29, 2011 at 12:49 PM, Joel Esler wrote:
>> If you have a sample of the file, submitting it through ClamAV's submission
>> interface makes it "bubble up" so the rule writers can get to it faster.
>>
>> (instead of waiting for it to come
On Wed, Jun 29, 2011 at 12:49 PM, Joel Esler wrote:
> If you have a sample of the file, submitting it through ClamAV's submission
> interface makes it "bubble up" so the rule writers can get to it faster.
>
> (instead of waiting for it to come through Virustotal)
>
Joel,
I did that yesertday.
On Wed, 29 Jun 2011 13:12:30 +0300
Török Edwin articulated:
> On 2011-06-29 13:04, polloxx wrote:
> > On Wed, Jun 29, 2011 at 11:45 AM, Henrik K wrote:
> >> On Wed, Jun 29, 2011 at 12:27:46PM +0300, Mihamina Rakotomandimby
> >> wrote:
> On Wed, 29 Jun 2011 11:24:24 +0200
> polloxx wrot
If you have a sample of the file, submitting it through ClamAV's submission
interface makes it "bubble up" so the rule writers can get to it faster.
(instead of waiting for it to come through Virustotal)
J
On Jun 29, 2011, at 5:24 AM, polloxx wrote:
> Dear,
>
> One of our customers got a viru
On Jun 29, 2011, at 6:04 AM, polloxx wrote:
> On Wed, Jun 29, 2011 at 11:45 AM, Henrik K wrote:
>> On Wed, Jun 29, 2011 at 12:27:46PM +0300, Mihamina Rakotomandimby wrote:
On Wed, 29 Jun 2011 11:24:24 +0200
polloxx wrote:
>>>
Are there other user with the same problem? Any solut
On 2011-06-29 13:04, polloxx wrote:
> On Wed, Jun 29, 2011 at 11:45 AM, Henrik K wrote:
>> On Wed, Jun 29, 2011 at 12:27:46PM +0300, Mihamina Rakotomandimby wrote:
On Wed, 29 Jun 2011 11:24:24 +0200
polloxx wrote:
>>>
Are there other user with the same problem? Any solution?
>>>
>>
Hi there,
On Wed, 29 Jun 2011 Jerry wrote:
> I have a FreeBSD-8.2/amd64 that runs the latest version of Clamav
> without any serious problems. From time to time it does suddenly
> die...
Would you share with us your definition of "serious problems"?
--
73,
Ged.
___
On Wed, Jun 29, 2011 at 11:45 AM, Henrik K wrote:
> On Wed, Jun 29, 2011 at 12:27:46PM +0300, Mihamina Rakotomandimby wrote:
>> > On Wed, 29 Jun 2011 11:24:24 +0200
>> > polloxx wrote:
>>
>> > Are there other user with the same problem? Any solution?
>>
>> I have the same problem.
>> I manage a m
On Wed, Jun 29, 2011 at 12:27:46PM +0300, Mihamina Rakotomandimby wrote:
> > On Wed, 29 Jun 2011 11:24:24 +0200
> > polloxx wrote:
>
> > Are there other user with the same problem? Any solution?
>
> I have the same problem.
> I manage a mail server used by a vendor of DHL.
>
> Pretty annoying a
> On Wed, 29 Jun 2011 11:24:24 +0200
> polloxx wrote:
> Are there other user with the same problem? Any solution?
I have the same problem.
I manage a mail server used by a vendor of DHL.
Pretty annoying as far as all emails from DHL are sensible and
important for the suers :-)
Unfortunately, I
Dear,
One of our customers got a virus not detected by
Clamav:dhl-express-prtcopy-Delivery-Failure-Notification-HXZsVlN[...].exe
A fake DHL non-delivery report.
Other engines do detect it:
BitDefender 7.2 2011.06.27 Trojan.Zbot.1911
F-Secure 9.0.16440.0 2011.06.27 Trojan.Zbot.1911
Kaspersky
27 matches
Mail list logo
