[clamav-users] Fwd: [clamav-virusdb] Signatures Published daily - 21467

Not sure exactly what this update was about (suspect a test), and perhaps I don’t have the correct Clamav.Text.File (s) but scanning the 0.99.1 source file I am still getting the following: > File Name Infection Name Status > /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam_cach

Re: [clamav-users] Is ClamAV Community Threat Tracking System down?

Subject line was URL links on 3/17/2016. That was when Joel suggested the stats link should be removed. dp On 3/18/16 3:38 PM, Al Varnell wrote: Check the archives as I believe that was reported/discussed earlier. Sent from Janet's iPad -Al- On Mar 18, 2016, at 2:50 PM, Yuri Voinov wrote:

Re: [clamav-users] Is ClamAV Community Threat Tracking System down?

Afaik, this hasn't been up in a long time. We took it down, I thought, when we redid the website. -- Joel Esler iPhone On Mar 18, 2016, at 6:30 PM, Dennis Peterson mailto:denni...@inetnw.com>> wrote: Subject line was URL links on 3/17/2016. That was when Joel suggested the stats link should

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

Those are normal messages for an update of this kind. The 21465.cdiff was purposely blank in order to force you to download the entire daily.cvd. Give it plenty of time as the main.cvd is 109MB. Technical details: -

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

Sorry - didn't intend to send this to the list. On 3/17/16 12:02 AM, Dennis Peterson wrote: sigtool --unpack=main.cvd rm -f main.cvd grep EICAR main.* main.hdb:44d88612fea8a8f36de82e1278abb02f:68:Win.Test.EICAR_HDB-1 main.hsb:275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f:68:

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

I’m still looking, but so far I can’t find any Win.Trojan.Trojan signatures in the ClamAV Official database or listed in clamav-virusdb e-mail list. Nor can I confirm your results using my own EICAR. Are you using any Unofficial signatures from a different source? -Al- On Wed, Mar 16, 2016 a

Re: [clamav-users] FYI clamdmon not working - due to change in Eicar name

Hopefully this is just a bug as the eicar test file isn't really a "win" test; it's just a text file. I imagine many people will have scripts and test routines set up which expect the name "Eicar-Test-Signature" - I know I do! Is there any way this can be changed back or does everyone have to u

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

I don’t know why sanesecurity-porcupine.ndb is causing this, but I can now see that the signatures for Win.Test.EICAR_LDB-1 and Win.Trojan.Trojan-605 are identical, so this is an FP situation which would be reported.

Re: [clamav-users] no new signatures

On 03/18/2016 10:01 AM, Steve Basford wrote: > > On Fri, March 18, 2016 2:05 pm, Helmut Hullen wrote: >> Hallo, polloxx, >> >> >> Du meintest am 18.03.16: >> >> >>> Fri Mar 18 14:34:15 2016 -> ClamAV update process started at Fri Mar >>> 18 14:34:15 2016 >>> Fri Mar 18 14:34:15 2016 -> WARNING: Yo

[clamav-users] Is ClamAV Community Threat Tracking System down?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi gents, http://www.stats.clamav.net is not responding either via HTTP or HTTPS. Is ClamAV Community Threat Tracking System down? WBR, Yuri -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJW7HgJAAoJENNXIZxhPexGxEcIAJTx9xq/

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

Yeah, the sanesecurity sigs. Moving them out, causes Win.Test.EICAR_NDB-1 FOUND to be found. Which I assume is the new name. Not sure why the update is suddenly causing the SaneSecurity sigs to get checked first. I'll track it down. -J On Wed, Mar 16, 2016 at 9:32 PM, Al Varnell wrote: > I’m

Re: [clamav-users] New ClamnAV database....test results for Clamwin

Thanks for the feedback! -- Joel Esler iPhone On Mar 17, 2016, at 4:55 AM, Groach mailto:groachmail-stopspammin...@yahoo.com>> wrote: For your info: I run Clamwin, with the additional Clamd, and supplemented with Sane security definitions. I was VERY apprehensive about today and the pessami

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

Culprit seems to be sanesecurity-porcupine.ndb ( http://sanesecurity.com/usage/signatures/). Moving it out causes Win.Test.EICAR_NDB-1 FOUND to be found, moving it back in triggers the Win.Trojan.Trojan-605 FP. Since the Win.Trojan.Trojan sig isn't in the DB I'm not sure why that is. -J On Wed, M