Sample Submitted.
thanks
David
>
> Please submit a sample at http://www.clamav.org/sendvirus/
>
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
David Shrimpton wrote:
> Hi,
>
> Some viruses eg WScr.Unsafe.D for which a hexdump signature exists and
> which used to be detected by 0.91.2 are no
> longer detected by 0.93 .
Hi,
Please submit a sample at http://www.clamav.org/sendvirus/
> Thanks,
>
> This quote from the bugzilla posts is qui
A signature that detects WScr.Unsafe.D under 0.93 is below
HTML.WScr.Unsafe.D:3:*:22293b7362663d666c2e737562666f6c646572733b666f72287661726d79653d6e6577656e756d657261746f7228736266293b216d79652e6174656e6428293b6d79652e6d6f76656e6578742829296964643d6d79652e6974656d28293b6964733d6e65
create by:
0
Thanks,
This quote from the bugzilla posts is quite amusing:
"As for the official clamav signatures, please stand assured that when the new
code will be in the stable release, all the broken signatures will be properly
fixed."
--
David Shrimpton
On Fri, 2 May 2008, Steve Basford wrote:
>
>
> The implication of the above is that clamav 0.93 would now
> no longer detect many once prevalent viruses for which it
> only has hexdump signatures.
The whitespace change will cause slightly lower detection rates on some
Third Party sigs too (depending on the sig type)... unless the old sigs
a
Paul Bijnens wrote:
On 2007-03-07 02:16, Dennis Peterson wrote:
Paul Bijnens wrote:
On 2007-03-05 20:07, Dennis Peterson wrote:
Paul Bijnens wrote:
Be careful about using clamav with the MSRBL image-spams database!!
It seems to me like detecting the image spams with clamav signatures
are no
On 2007-03-07 02:16, Dennis Peterson wrote:
> Paul Bijnens wrote:
>> On 2007-03-05 20:07, Dennis Peterson wrote:
>>> Paul Bijnens wrote:
>>>
Be careful about using clamav with the MSRBL image-spams database!!
It seems to me like detecting the image spams with clamav signatures
a
Paul Bijnens wrote:
On 2007-03-05 20:07, Dennis Peterson wrote:
Paul Bijnens wrote:
Be careful about using clamav with the MSRBL image-spams database!!
It seems to me like detecting the image spams with clamav signatures
are not really an improvement. In fact, it is probably dangerous!
The p
On 2007-03-05 20:07, Dennis Peterson wrote:
> Paul Bijnens wrote:
>
>>
>> Be careful about using clamav with the MSRBL image-spams database!!
>>
>> It seems to me like detecting the image spams with clamav signatures
>> are not really an improvement. In fact, it is probably dangerous!
>>
>> The pr
Dennis Peterson wrote:
How did you determine they were false positives? Their website does not
provide a context so you can't know if what you are seeing is a web
beacon image or a spacer.
I determine false positives very simply - If neither the sender nor the
intended recipient do not com
Paul Bijnens wrote:
Be careful about using clamav with the MSRBL image-spams database!!
It seems to me like detecting the image spams with clamav signatures
are not really an improvement. In fact, it is probably dangerous!
The programs generating these spams make unique images with
variations
On 2007-03-03 05:52, Dennis Peterson wrote:
> This is an interesting list for what it shows. It is a list from the
> last 10,000 "viruses" caught here where there were 10 or more of a
> particular virus caught. Clearly most of them are not viruses at all but
> image spam and penny stock scams. Migh
Henrik Krohns wrote:
On Fri, Mar 02, 2007 at 09:28:13PM -0800, MrC wrote:
An upcoming amavisd-new release provides the ability to consider Phishing
scams, etc. as spam rather than viruses.
And it works great! Now the statistics look silly, so little real viruses
coming in..
Don't forget we'r
> This is an interesting list for what it shows. It is a list
> from the last 10,000 "viruses" caught here where there were
> 10 or more of a particular virus caught. Clearly most of them
> are not viruses at all but image spam and penny stock scams.
> Might be time to re-word the way the info
On Mon, 2005-08-01 at 23:52 +0530, Lingeshwar Pothani wrote:
> Dear All,
> We have installed and configured Clamscan in 2004. when i run
> /usr/local/bin/freshclam --quiet -l /var/log/clam-update.log
> it gives the following error in above log file
> ERROR: md5 sum not found on remote server
Lingeshwar Pothani said:
> Dear All,
> We have installed and configured Clamscan in 2004. when i run
> /usr/local/bin/freshclam --quiet -l /var/log/clam-update.log
> it gives the following error in above log file
> ERROR: md5 sum not found on remote server
> ERROR: Can't get viruses.md5 sum fro
Lingeshwar Pothani wrote:
Dear All,
We have installed and configured Clamscan in 2004. when i run
/usr/local/bin/freshclam --quiet -l /var/log/clam-update.log
it gives the following error in above log file
ERROR: md5 sum not found on remote server
ERROR: Can't get viruses.md5 sum from
clam
Hi!
13-Янв-2005 14:28 [EMAIL PROTECTED] (Jason Hammerschmidt) wrote to
"'ClamAV users ML'" :
>> How and to whom I may submit this [virus] collection (some
>> archives) through email?
-^
JH> You submit virus samples through the website, see
JH> http://clamav.catt.com/cgi-bi
On Thu, 2005-01-13 at 20:42 +0300, Arkady V.Belousov wrote:
> Hi!
>
> I have small collection of some viruses (including some old ones, like
> Jerusalem and OneHalf). How and to whom I may submit this collection (some
> archives) through email?
If you need to send them through email specific
> How and to whom I may submit this [virus] collection (some
> archives) through email?
You submit virus samples through the website, see
http://clamav.catt.com/cgi-bin/sendvirus.cgi
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
On Wed, 28 Jan 2004 at 10:09:29 -0500, Jim Maul wrote:
>
> I am running clamav using the setup from www.qmailrocks.org.
> ClamAV 0.65
[...]
> I have a /var/spool/qmailscan/quarantine Maildir with about 50 emails in
> it all containing attachments of some sort. Manually looking at them, i
> can se
Jim Maul wrote:
I hope that there is someone that can help me with this, i have been going
quite crazy trying to figure it out myself.
I am running clamav using the setup from www.qmailrocks.org.
[...]
I have a /var/spool/qmailscan/quarantine Maildir with about 50 emails in
it all containing att
Hello Jim,
Wednesday, January 28, 2004, 10:09:29 PM, you wrote:
> I hope that there is someone that can help me with this, i have been going
> quite crazy trying to figure it out myself.
> I am running clamav using the setup from www.qmailrocks.org.
> ClamAV 0.65
> FreshClam output:
> ClamAV u
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:clamav-users-
> [EMAIL PROTECTED] On Behalf Of Jesse Guardiani
> Sent: 22. oktober 2003 15:43
> To: [EMAIL PROTECTED]
> Subject: [Clamav-users] viruses that forge from: and/or envelope
sender
> addresses
>
> Howdy list,
>
> Is there a
On Wed, 22 Oct 2003 at 9:42:34 -0400, Jesse Guardiani wrote:
>
> Is there a database anywhere that lists all the viruses
> that forge addresses?
>
> I'd like to prevent my server from sending out false
> notification messages.
>
Not all, just the most frequently met:
$viruses_that_fake_sender
Generally un-neccesary. Just check if the sending SMTP host matches the
from address for the domain. IN general practice, it would be a bad idea
to bounce messages back to a non-matching address.
Sundie...
Jesse Guardiani said:
> Howdy list,
>
> Is there a database anywhere that lists all the
-Original Message-
From: Jesse Guardiani
>Is there a database anywhere that lists all the viruses
>that forge addresses?
There may be, but can you react quickly to a new one?
>I'd like to prevent my server from sending out false
>notification messages.
I've come to the conclusion that i
27 matches
Mail list logo
