On Tue, 31 May 2005 at 9:57:13 -0700, Todd Lyons wrote:
> Odhiambo Washington wanted us to know:
>
> >> Please, set the "Debug" flag in your clamd.conf, rescan the sample, and
> >> send
> >> us the logs.
> >I cannot do that on the box where this phenomena is manifesting itself
> >because it's a
* [EMAIL PROTECTED] <[EMAIL PROTECTED]> [20050531 20:09]: wrote:
> Todd Lyons wrote:
> > Odhiambo Washington wanted us to know:
> >
> >>> Please, set the "Debug" flag in your clamd.conf, rescan the sample,
> >>> and send us the logs.
> >> I cannot do that on the box where this phenomena is manifes
* Todd Lyons <[EMAIL PROTECTED]> [20050531 21:19]: wrote:
> Odhiambo Washington wanted us to know:
>
> >Someone said I have disabled ScanPE, which is correct. It's apparent
> >that this was a major factor. It also appears that restarting clamd
> >was necessary. I however don't understand why it sh
Odhiambo Washington wanted us to know:
>Someone said I have disabled ScanPE, which is correct. It's apparent
>that this was a major factor. It also appears that restarting clamd
>was necessary. I however don't understand why it should be, since
>freshclam does notify it...
Notify it of a new data
* Fajar A. Nugraha <[EMAIL PROTECTED]> [20050531 18:52]: wrote:
> Odhiambo Washington wrote:
>
> >tried it though, and I have the file - image.zip, and some output
> >from the debug file - current.txt, posted here:
> >
> >http://ns2.wananchi.com/~wash/Clamav/
> >
> >
> >
> It's OK here. clamdscan
* Securiteinfo.com <[EMAIL PROTECTED]> [20050531 19:33]: wrote:
> Le mardi 31 Mai 2005 17:29, Odhiambo Washington a écrit :
> > * Securiteinfo.com <[EMAIL PROTECTED]> [20050531 16:27]: wrote:
> > > Le mardi 31 Mai 2005 14:58, Odhiambo Washington a écrit :
> > > > * Christopher X. Candreva <[EMAIL P
Todd Lyons wrote:
> Odhiambo Washington wanted us to know:
>
>>> Please, set the "Debug" flag in your clamd.conf, rescan the sample,
>>> and send us the logs.
>> I cannot do that on the box where this phenomena is manifesting
>> itself because it's a production box, processing large volumes of
>>
Odhiambo Washington wanted us to know:
>> Please, set the "Debug" flag in your clamd.conf, rescan the sample, and send
>> us the logs.
>I cannot do that on the box where this phenomena is manifesting itself
>because it's a production box, processing large volumes of mail. I'll
Very quickly, do t
Le mardi 31 Mai 2005 17:29, Odhiambo Washington a écrit :
> * Securiteinfo.com <[EMAIL PROTECTED]> [20050531 16:27]: wrote:
> > Le mardi 31 Mai 2005 14:58, Odhiambo Washington a écrit :
> > > * Christopher X. Candreva <[EMAIL PROTECTED]> [20050531 15:31]: wrote:
> > > > On Tue, 31 May 2005, Odhiamb
Odhiambo Washington wrote:
tried it though, and I have the file - image.zip, and some output
from the debug file - current.txt, posted here:
http://ns2.wananchi.com/~wash/Clamav/
It's OK here. clamdscan detects both (0.85.1 on Gentoo x86).
Have you tried restarting clamd (perhaps it's not
* Securiteinfo.com <[EMAIL PROTECTED]> [20050531 16:27]: wrote:
> Le mardi 31 Mai 2005 14:58, Odhiambo Washington a écrit :
> > * Christopher X. Candreva <[EMAIL PROTECTED]> [20050531 15:31]: wrote:
> > > On Tue, 31 May 2005, Odhiambo Washington wrote:
> > > > I am just wondering why clamscan right
Le mardi 31 Mai 2005 14:58, Odhiambo Washington a écrit :
> * Christopher X. Candreva <[EMAIL PROTECTED]> [20050531 15:31]: wrote:
> > On Tue, 31 May 2005, Odhiambo Washington wrote:
> > > I am just wondering why clamscan rightly detects the trojan in the mail
> > > while clamdscan doesn't.
> >
> >
* Christopher X. Candreva <[EMAIL PROTECTED]> [20050531 15:31]: wrote:
> On Tue, 31 May 2005, Odhiambo Washington wrote:
>
> > I am just wondering why clamscan rightly detects the trojan in the mail
> > while clamdscan doesn't.
>
> Check the output of clamscan -V and clamdscan -V -- make sure the
On Tue, 31 May 2005, Odhiambo Washington wrote:
> I am just wondering why clamscan rightly detects the trojan in the mail
> while clamdscan doesn't.
Check the output of clamscan -V and clamdscan -V -- make sure they report
the same database version number.
==
* Fajar A. Nugraha <[EMAIL PROTECTED]> [20050531 14:57]: wrote:
> Odhiambo Washington wrote:
>
> >Am I simply asking dumb questions??? Perhaps it would be better if
> >someone told me so. I need to figure out why these Trojans are getting
> >past clamd!!
> >
> >
> >
> Of course it's not dumb :)
>
Odhiambo Washington wrote:
Am I simply asking dumb questions??? Perhaps it would be better if
someone told me so. I need to figure out why these Trojans are getting
past clamd!!
Of course it's not dumb :)
What does the online scanner says?
Is the virus (preferably in the original mail forma
Am I simply asking dumb questions??? Perhaps it would be better if
someone told me so. I need to figure out why these Trojans are getting
past clamd!!
* Wash <[EMAIL PROTECTED]> [20050531 10:11]: wrote:
> 0.85.1 here ... Isn't this just interesting?
>
>
> 87$ clamdscan girls.zip
> /home/wash/
0.85.1 here ... Isn't this just interesting?
87$ clamdscan girls.zip
/home/wash/girls.zip: OK
--- SCAN SUMMARY ---
Infected files: 0
Time: 0.148 sec (0 m 0 s)
88$ clamscan girls.zip
girls.zip: Trojan.W32.PWS.Prostor.A FOUND
--- SCAN SUMMARY ---
Known viruses:
18 matches
Mail list logo
