On Wed, Jul 12, 2017 at 3:02 PM, Alain Zidouemba
wrote:
> Signature will be going out shortly.
It's now detected thanks to the amazing work by Steve from
sanesecurity. Also appreciate your help - perhaps his sig just hits
first.
I've also just submitted another unrelated to investigate.
$ sha1s
Signature will be going out shortly.
On Wed, Jul 12, 2017 at 2:52 PM, Alex wrote:
> Hi, we've received a word virus that isn't currently being detected by
> any scanners. I've submitted the FN, but would like to see if we can
> get that pushed out as soon as possible.
>
> $ sha1sum Invoice_SKMBT
Hi, we've received a word virus that isn't currently being detected by
any scanners. I've submitted the FN, but would like to see if we can
get that pushed out as soon as possible.
$ sha1sum Invoice_SKMBT_20170501.doc
6cc1dd12fbc79311ebaf59e19e562ff63141f457 Invoice_SKMBT_20170501.doc
It's not c
and what about "You can also use sigtool --find-sigs to find the
signature that it's reporting and isolate it"? why does it need 5 emails
for everything piece by piece?
Am 12.07.2017 um 15:50 schrieb Srinivasreddy R:
Hi Maarte,
Thank you for the reply .
I have extracted the tar file ,checked
Hi Maarte,
Thank you for the reply .
I have extracted the tar file ,checked for md5 hash of the infected file in
the hash DB but its not present .
clamscan -i ./
./newdat3.log: Win.Exploit.Shellcode-2 FOUND
./malware.zip: Eicar-Test-Signature FOUND
./scan19.tar.gz: Win.Exploit.Shellcode-2 FOUND
Sorry for the double reply...
You can also use sigtool --find-sigs to find the signature that it's
reporting and isolate it.
On Wed, Jul 12, 2017 at 8:59 AM, Maarten Broekman <
maarten.broek...@gmail.com> wrote:
> If the tarball doesn't match the MD5 hash then it's likely that a file
> within th
If the tarball doesn't match the MD5 hash then it's likely that a file
within the tarball matches the malicious MD5. ClamAV looks at all the files
within tarballs and zip files individually as well as the tarball as a
whole.
--Maarten
On Wed, Jul 12, 2017 at 8:44 AM, Srinivasreddy R <
srinivasred
Hi All,
I have converted main.cvd to md5 hash database.
I have downloaded a file : wget
http://old.honeynet.org/scans/scan19/scan19.tar.gz
and when i scan with clamscan it is detecting threat in the tar file .
I am not able to find md5 hash of the tar file downloaded in md5 hash
database create
On Wed, 12 Jul 2017 10:54:25 +0200
Reindl Harald wrote:
> Am 12.07.2017 um 10:09 schrieb Bob Williams:
> > I installed clamav from the openSUSE repositories. Every few days,
> > the openSUSE update repository offers an updated version of the
> > clamav-database
>
> that packages are pretty non
On Wed, 12 Jul 2017 01:45:29 -0700
Al Varnell wrote:
> > Which update method is best, and if it's freshclam, how do I get it
> > to notify clamd?
> >
> > Regards, Bob
>
> There are normally three updates per day (every 8 hours) so running
> freshclam at least daily will clearly be best if you
Am 12.07.2017 um 10:09 schrieb Bob Williams:
I installed clamav from the openSUSE repositories. Every few days, the openSUSE
update repository offers an updated version of the clamav-database
that packages are pretty nonsense when you have freshclam running and
only useful on setup without i
On Wed, Jul 12, 2017 at 01:09 AM, Bob Williams wrote:
>
> I installed clamav from the openSUSE repositories. Every few days, the
> openSUSE update repository offers an updated version of the clamav-database,
> which I download.
>
> OTOH, I see that freshclam also runs, but the logs say:
>
> 08
I installed clamav from the openSUSE repositories. Every few days, the openSUSE
update repository offers an updated version of the clamav-database, which I
download.
OTOH, I see that freshclam also runs, but the logs say:
08:59 bob@blackbox:~> journalctl -u freshclam
-- Logs begin at Wed 2017-0
13 matches
Mail list logo
