>> [root@fantastic Test]# clamscan ../Virus/Purchase\ Order123.iso
>> ../Virus/Purchase Order123.iso: Purchase Order123.com.UNOFFICIAL FOUND
>
> You are using some unofficial signatures, and this one has already
detected that file as infected, so no additional signatures will be checked.
If you
> What do you mean by missing? It's still in my database...
>
> $ sigtool -fWin.Trojan.Agent-6480597-0
> [daily.hsb]
4c26f2d46400405f253c26e85ceadd51:507904:Win.Trojan.Agent-6480597-0:73
>
> Added by daily 24409 on or about 21 March.
This is the file which is being detected before. Now it is not
Hi,
I noticed that signatures are missing. Is this normal?
An example.
Purchase Order123.iso: Win.Trojan.Agent-6480597-0 FOUND
Regards
nic
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mai
>
> http://www.rarlab.com/rar/unrarsrc-5.0.7.tar.gz
>
> ignorants
Calling yourself?
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Hmmm. Isn't there a libunrar?
Regards
Nic
On 9 Jul, 2013, at 11:34 PM, "Joel Esler" wrote:
> We're just going to have to recommend that you build from source on Fedora.
> We'll have to put something on the website about it. The maintainers for
> Fedora will not build unrar into Fedora as it
Hi,
Just putting across that rar is not a requirement and it is not supported. Only
unrar is, and it is not incorporated in the 0.97.8 epel build.
Thanks
Nic
Regards
Nic
On 8 Jul, 2013, at 11:49 PM, "Dennis Peterson" wrote:
> On 7/8/13 8:39 AM, Nicholas Chua wrote
removed by the package maintainer (even though support for rar is still
> included in the clamav code) after we released 0.97.8 and the package
> maintainer updated the package
> 11:32 < nirik> until recently there was no rar support in fedora or epel.
>
>
> On Mon, Jul 8,
> > It is not built in the Fedora RPMBuild process as a result. I build
> > my own RPM files and don't include it either.
Would you share your rpm or src with me?
> unrar is free, rar is paid, why the heck rpm have precompiled problems
> is beyong me
I wonder why epol Packager does not enabled
> > Don't seem to have that library
>
> compiled from source ?
>
> its part of clamav this lib
>
> maybe just have an old lib that is not working with 0.97.8 installed ?
>
> clamconf shows imho compile options, cant remember if it can be
> disabled, since i use gentoo where it works
installed
> > > Did i missed out anything?
> >
> > clamconf output ?
> >
> > search for libunrar
Don't seem to have that library
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.cl
Hi,
I had recently upgrade to 0.97.8 and having problem scanning a virus within rar
clamscan test.rar
test.rar: OK
If i uncompress it.
clamscan Label_test.exe
test.exe: Win.Trojan.PSW-13 FOUND
I have enabled the below in clamd.conf
ScanArchive yes
ScanPE yes
Did i missed out anything?
regar
>I'm sorry to hear that you totally ignored that really important thing
>to us, Nicholas. I have the last question to you: Why did you buy
>www.clamav.org and what was your intention in doing it ?
I am not kidding. Certain parts of Malaysia are still in thick jungles. The
place i am in has electr
> On Thu, 11 Dec 2003 at 0:47:57 +0800, Nicholas Chua wrote:
> > The domain clamav.org is not registered anymore. I did not mantain the
> > domain since a few months back after I was posted to Malaysia 2 months
ago.
> >
>
> It's a pity that you didn't infor
> At 08:47 AM 12/10/2003, Nicholas Chua wrote:
> >The domain clamav.org is not registered anymore. I did not mantain the
> >domain since a few months back after I was posted to Malaysia 2 months
ago.
>
> well, clearly the domain *is* registered, as it's reachable and the
The domain clamav.org is not registered anymore. I did not mantain the
domain since a few months back after I was posted to Malaysia 2 months ago.
regards
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or
W.D. McKinney wrote:
> Is the MSBlast worm in clamav db2 yet ?
> http://clamav.elektrapro.com/cgi-bin/sendvirus.cgi does not show it ?
If i am not wrong, it is been detected as Worm.Blaster.A
---
This SF.Net email sponsored by: Free pre-built
>Anybody can detect this virus using clamscan command >line?
This virus is Worm.Sobig.C which is already detected by ClamAV. You might be
interested in amavisd-new.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional
someone help me
to verify it?
thanks & regards
nicholas chua
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
> I actually use spamassasin. This is the shell script in
> qmail-queue:
> #!/bin/sh
> /opt/spamassassin/bin/spamc -f | /var/qmail/bin/qmail-queue.orig
>
> It works like a charm. But now, I want to use clamav. It´s installed
> and the daemon is running.
>
What i did was to install clamav and spamm
Hi Jason,
> > After removing the signature for Worm.Nicehello.A everthing works again
> > as before.
>
> I don't know why that might happen, but try this one instead:
>
> Worm/NiceHello
(Clam)=c142d43b0b6f6c612cd3200d51df54126f20656c20b667d1d7ba6f096675656e16710
61d70ad8af606816574692925dededeba61
> deferral: 1.2.3.4_failed_after_I_sent_the_message./Remote_host_said:_451
> _qq_temporary_problem_(#4.3.0)/
> I am using clamscan 0.54 with qmail and qmailscanner:
> X-Qmail-Scanner-1.15:[] clam_scanner: corrupt or unknown ClamAV
> scanner/resource problems - exit status 50
The solution for this
> What is your clamav version ? Do you know the exact date when that
happened ?
I think its 23rd June .
Checking for a new database - started at Mon Jun 23 10:16:21 2003
viruses.db is up to date.
ERROR: The checksum of viruses.db2 database isn't ok. Please check it
yourself o
r try again.
> Jun 30 10:13:14 mail X-Qmail-Scanner-1.16:
[mail.mydomain.com10569823944261775] clam_scanner: corrupt or unknown ClamAV
scanner error or
> memory/resource/perms problem - exit status 50
If i am not wrong, this question should be asked in the qmail maillist.
Anyway, increase your softlimit to a
> I caught it in my Antivirus/File blocking procmail filters, which is how I
> know it got through.
Have you updated your virus def/sig using freshclam? The sig was added some
days back.
> Since I have NO idea how to write an effective signature rule, any chance
> one of you more knowledgeable ty
> Looks like it is catching it today!
> Thanks
If you like, sign up [EMAIL PROTECTED] maillist. Whenever a new
sig is added, you will be informed.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [E
> my qmail just went down this morning
> and it leave this error msgs at smtp log:
>
> @40003ef654c7299bb1fc
X-Qmail-Scanner-1.16:[ns.ck-pttuntex.com10563309394263276] clam_scanner:
corrupt or unknown ClamAV scanner error or memory/resource/perms problem -
exit status 50
>
> and in the clie
> If I already have clamav installed and want to install a new snapshot, do
> i just install it like normal and it will overwrite old files? Thanks.
>
That will be alright.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For addi
The files which i submitted to the virus ml. These files are detected by
norton as Js.Fortnight.
regards
Steven J. Reilly writes:
What files??
Steve
On Tue, 2003-06-17 at 10:32, Nicholas Chua wrote:
> I'm not totally convinced.
>
> The files reporting the Exploit.IFRAME
> I'm not totally convinced.
>
> The files reporting the Exploit.IFRAME.Generic virus are Mozilla cache
> files from Dec 2001 (archived data) and were "OK" last week.
> Now I have over a dozen of them.
> Norton does not find a virus in the same files.
I still do have the files. If you want, i can
> I appear to be getting a large number of false reports of
> Exploit.IFRAME.Generic in old Mozilla and Netscape cache files after the
> db update on Friday.
That means you are hit by the JS.FORTNIGHT virus. Norton Antivirus picked
them up on my emails when that sig was not added into the db.
--
> It's a bit confused here, from the http://www.clamav.org/snapshot/
> the most recent seem to be clamav-20030317.tar.gz, but I have here a
> snapshot clamav-20030331.tar.gz.
>
Please use the snapshot clamav-20030605.tar.gz from
http://clamav.elektrapro.com. I am in the mist of updating clamav.or
use the lastest snapshot. 0.54 and below do not have the mirror.txt
- Original Message -
From: "Ed Greenberg" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, June 11, 2003 12:35 AM
Subject: Re: [clamav-users] mirrors.txt
> My /usr/local/share/clamav contains only viruses.db
Well, I have the same problem too.
Symantec Email Proxy deleted the following email message:
From: "Diego d'Ambra" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: RE: [clamav-users] FortNight virus
I got this reply from norton after i enable email scanning immediately after
Fajar wrote his
Please ignore the previous email. i found the
solution in the archives. sorry.
regards
Hi list
had tried to make version 0.54 and encountered the following error.
In file included from
zziplib/zzip-dir.c:15:zziplib/zzip-file.h:20:18: zlib.h: No such file or
directorymake[1]: *** [zzip-dir.lo] Error 1make[1]: Leaving directory
`/var/src/clamav-0.54/libclamav'make: *** [all-
any idea?
[EMAIL PROTECTED] root]# freshclamChecking for a new
database - started at Fri Oct 11 19:00:42 2002Current working dir is
/usr/local/share/clamavConnected to clamav.elektrapro.com.Reading md5
sum (viruses.md5): ERROR: Malformed md5 checksum detected.ERROR: Can't get
viruses.md5 s
Tomasz Kojm wrote:
>> can anyone tell if the 0.51 works with qmail-scanner 1.14?
>
> Yes, it works. The softlimit should be about 10 Mb.
I realised as the database gets bigger it requires more. I am using 16mb now
with about "Known viruses: 2146"
-
37 matches
Mail list logo
