Re: [clamav-users] Trouble with foxhole

2015-10-14 Thread Steve Basford
, here's a sample I received 8 hours ago... https://www.virustotal.com/en/file/bb35fa3b86bef9b8ede7bb1690c8aaf486405392538a8f9edff2195158f73e2c/analysis/1444814562/ Currently: 4 out of 54 scanners find it (this was 8 hours later) Was automatically added to rogue.hdb (within the hour of rece

Re: [clamav-users] Trouble with foxhole

2015-10-14 Thread Hartmann, Jan
HI rajesh, thanks for the rules, solved it for me Mit freundlichen Grüßen / Best Regards i. A. Jan Hartmann IT Administrator Groupware phone: +49 2371 820 298 fax: +49 2371 211 443 e-mail: j.hartm...@kirchhoff-automotive.com KIRCHHOFF Witte GmbH c/o KIRCHHOFF Automotive GmbH Stefanstrasse

Re: [clamav-users] Trouble with foxhole

2015-10-14 Thread Gene Heskett
On Wednesday 14 October 2015 04:27:08 Rajesh M wrote: > steve > > i am writing this on the basis of the experience of over 18500 > corporate users -- and they have no complaints at all. > > basically people sending all these different file exe, jar and other > forbidden extensions directly or with

Re: [clamav-users] Trouble with foxhole

2015-10-14 Thread Rajesh M
steve i am writing this on the basis of the experience of over 18500 corporate users -- and they have no complaints at all. basically people sending all these different file exe, jar and other forbidden extensions directly or within zip rar etc are 99.999 percent spammers / botnet the only peo

Re: [clamav-users] Trouble with foxhole

2015-10-14 Thread Hartmann, Jan
The maleware is not known atm only 12 ‎virusscanner on Virus total detect it. The spam wave hit us yesterday and caused a massiv internal spamwave. Gesendet von meinem BlackBerry 10 Mit freundlichen Grüßen / Best Regards i. A. Jan Hartmann IT Administrator Groupware phone: +49 2371 820 298

Re: [clamav-users] Trouble with foxhole

2015-10-14 Thread Al Varnell
Just a quick reminder that the foxholedb is unofficial and not something that should normally be discussed in this e-mail list. Steve is kind enough to intercept these request, but they really should be brought to his attention directly . That being said, I

Re: [clamav-users] Trouble with foxhole

2015-10-14 Thread Steve Basford
On Wed, October 14, 2015 7:37 am, Rajesh M wrote: > > Sanesecurity.Foxhole.7z:CL_TYPE_7Z > Sanesecurity.Foxhole.Rar:CL_TYPE_RAR etc.. Hi rajesh, Yep, the above will work... but could cause high FP's for some people which they might find unacceptable, depending on their setup. If anyone has a ni

Re: [clamav-users] Trouble with foxhole

2015-10-14 Thread Steve Basford
On Wed, October 14, 2015 7:23 am, Hartmann, Jan wrote: > > > Hi, > Today we had a lot problems with exe files hidden in zip archives > > > I tried to add the foxholedb to our clamav, but sadly it didn’t > recognize the exe in the zip. > > > clamscan --database=/var/lib/clamav/foxhole_generic.cd