Re: [clamav-users] clamd taking too long to restart?

2013-08-14 Thread A K Varnell
On Aug 14, 2013, at 1:54 PM, Joel Esler wrote: > On Aug 14, 2013, at 2:34 PM, Steve Basford > wrote: > >>> We'll also review if code changes are appropriate, but given how the tree >>> operates, I don't immediately expect that to be the case. >> >> Out of interest are there any "roadmaps"/futu

Re: [clamav-users] clamd socket permissions

2013-07-31 Thread A K Varnell
On Jul 31, 2013, at 1:22 PM, Bob Miller wrote: > > I realize seeing this that the list rules are not to top post, yet my > very first reply to this list that is exactly what I did. What list rules would that be? -Al- -- Al Varnell Mountain View, CA ___

Re: [clamav-users] Janicab Definitions

2013-07-26 Thread A K Varnell
Thanks, I'm seeing them at this time. -Al- On Jul 25, 2013, at 7:25 AM, Alain Zidouemba wrote: > Updated signatures with the coverage you are looking for will be released > shortly. > > Thanks, > > - Alain > > > On Thu, Jul 25, 2013 at 2:50 AM, A K Varnel

[clamav-users] Janicab Definitions

2013-07-24 Thread A K Varnell
A definition was added today (Wednesday) for Win.Trojan.Janicab which I assume is based on the malware described by F-Secure on Tuesday . The OS X version of Janicab was announced by F-Secure over a week before on July 15

[clamav-users] Fwd: clamav-mirror.sonic.net

2013-07-08 Thread A K Varnell
Ryan, A couple of us have been dealing with the 69.12.162.28 mirror. It doesn't seem to be included on the mirror status page and it often fails and appears to be off-line. Joel once said that it was not in the rotation, but it keeps showing up in mine. The OP I referred to has posted a link t

Re: [clamav-users] clamav-mirror.sonic.net

2013-07-02 Thread A K Varnell
On Oct 12, 2012, at 7:49 AM, Joel Esler wrote: > On Oct 11, 2012, at 3:45 AM, Al Varnell wrote: >> I think it may be time to decommission this US Mirror, which is located only >> a few miles away from my location and has been a problem for years. It >> doesn't seem to be listed any more on the s

Re: [clamav-users] It's Clamav free for comercial use

2013-06-11 Thread A K Varnell
On Jun 11, 2013, at 4:32 PM, david oberti wrote: > I everyone I just want to know if it's free to use in a company thanks!. >> ClamAV User Manual, ⃝c 2007 - 2013 Sourcefire, Inc. Authors: Tomasz Kojm >> This document is distributed under the terms of the GNU General Public >> License v2. >> >

[clamav-users] OSX.Trojan.KitM

2013-05-23 Thread A K Varnell
Subject definition appeared in a update a day or two ago and but I could not find any announcement of it on the ClamAV VirusDB list. Now it seems to have disappeared, despite this article in today's SANS Newsletter: > Title: Mac spyware found at Oslo freedom forum > Description: During a demonst

Re: [clamav-users] Investigating false positive

2013-05-13 Thread A K Varnell
On May 13, 2013, at 9:47 AM, Lee Graber wrote: > I am investigating a document which seems to be getting flagged by clamav > as having a virus but I am not sure this is accurate. It is actually a > document about a virus and I am wondering if there is something in it that > perhaps describes the

Re: [clamav-users] Many virus/malware samples for ClamAV

2013-04-17 Thread A K Varnell
On Apr 17, 2013, at 1:56 AM, Stanislav Petr wrote: > Hello, > > We are a wen hosting company and we are using clamav to detect malware on > customers websites (PHP trojans, remote shells, …). Now we try to manually > scan all domains (over 20 000) with other antivirus software (AVG, F-PROT) > an

Re: [clamav-users] Help with clamscan 0.97.7 and mbox files

2013-04-10 Thread A K Varnell
On Apr 10, 2013, at 4:59 PM, A K Varnell wrote: > On Apr 10, 2013, at 4:41 PM, Scott Ehrlich wrote: > >> You may be correct, though recalling my command-line options, including >> verbose mode, the mbox file is very large, yet the scan took just a few >> seconds.

Re: [clamav-users] Help with clamscan 0.97.7 and mbox files

2013-04-10 Thread A K Varnell
On Apr 10, 2013, at 4:41 PM, Scott Ehrlich wrote: > You may be correct, though recalling my command-line options, including > verbose mode, the mbox file is very large, yet the scan took just a few > seconds. Then you'll need to change: --max-filesize=#n Extract and scan at mo

[clamav-users] Mirror Issues

2013-04-10 Thread A K Varnell
In the past I've addressed most of my ClamAV® Database mirror issues directly with luca. Is there someone else I should be working with or post to the list? And speaking of Luca, he's still listed as administrator at the bottom of all the ClamAV Mailing Lists

Re: [clamav-users] W32/Autorun.worm.aaeh not found in ClamAV ?

2013-04-08 Thread A K Varnell
I'm sure it would help the team if you could provide the file name and MD5 hash of what you submitted. -Al- -- Al Varnell Mountain View, CA On Apr 8, 2013, at 1:45 AM, Zvi Kave wrote: > > Hi, > > I can not understand why the dangerous virus called W32/Autorun.worm.aaeh by > McAfee > can