Re: [clamav-users] ERROR: VirusEvent: fork failed.

2020-02-16 Thread Ángel via clamav-users
On 2020-02-11 at 16:57 +, Mickey Sola (micksola) via clamav-users wrote: > Wanted to add a bit of insight to this convo from the dev side of > things: > > VirusEvent currently works by forking the existing clamd process into > a new, short-lived process that handles execution of the user's > s

Re: [clamav-users] Input Stream Scanning for very large files

2019-02-03 Thread Ángel
On 2019-01-25 at 18:43 -0800, Dennis Peterson wrote: > You can easily use the unix split command and cat to scan files of any size. > Or > use perl to break stream file segments to the stream. The first file in a > split > or segment contains the file time and will need to be concatenated to th

Re: [clamav-users] Disable MaxFileSize and MaxFileSize to scan the whole system

2018-12-04 Thread Ángel
On 2018-12-03 at 09:58 -0800, Dennis Peterson wrote: > If it is a big concern you can use the split command to create > "splits" of the suspect file. Split accepts various size arguments > (bytes, lines...) and will create as many files as it takes to split > the entire large file. These can be sca

Re: [clamav-users] TCP FIN Packet Received Before Data

2017-05-09 Thread Ángel
On 2017-05-09 at 11:43 -0400, Cory Parrish wrote: > After analyzing the pcap file I realized that NodeJs is sending the FIN > packet behind the scenes when it has finished streaming the data to the > socket. In an attempt to rule out any issues with clamav, I removed > streaming and read the entire

Re: [clamav-users] Swf.Exploit.CVE_2015_3102 FP

2015-08-21 Thread Ángel González
Al Varnell wrote: > I’ve had three users report browser cache files indicating > Swf.Exploit.CVE_2015_3102 infection. All were logging into PayPal at > the time. > My first doubt was wether they were logging into the legitimate PayPal site,

Re: [clamav-users] Malware in an Icedove profile of mine cannot be located

2015-08-21 Thread Ángel González
ame...@amenex.com wrote: > The generation of these phantoms is also associated with password > changes recorded in emails received and moved to file folders. A > search on the Internet for "password 12/31/1969" reveals that > 12/31/1969 is the zero date for the linux perpetual calendar, Act