Am 29.12.2016 um 07:30 schrieb demonhunter:
Samples can be easily generated by creating a blank Word or Excel document,
creating an empty macro module with a single empty subroutine, and saving the
Word/Excel file as a .docm or .xlsm file. Scanning one of these brand new files
against a saved
Am 29.12.2016 um 03:54 schrieb Al Varnell:
Over 11,000 of them were dropped several days ago, but a few were added at the
same time. I have no idea what the status of those new ones are and maybe I've
lost track, but I believe only one of the new ones has been brought up here.
Since all sign
Am 29.12.2016 um 10:21 schrieb Reindl Harald:
Am 29.12.2016 um 03:54 schrieb Al Varnell:
Over 11,000 of them were dropped several days ago, but a few were
added at the same time. I have no idea what the status of those new
ones are and maybe I've lost track, but I believe only one of the new
o
How does one find out if there are multiple viruses in a single file?
The problem is to avoid a possibly harmless virus to mask severe infections.
Another problem, for users of older library versions, is how to know if the
pointer returned is an array of strings or a single string. Is this the
On Thu, December 29, 2016 9:32 am, Reindl Harald wrote:
>
>i would love to be able to *completly* exclude
>"daily.cld", "daily.cvd" and "main.cvd" and only update
>"safebrowsing.cvd"
daily.cvd and main.cvd are compressed versions of multiple databases...
eg. sigtool --unpack-current=daily
29/
I'm not dismissing anything. (Except the notion that I am dismissing things).
I know one of our guys is monitoring the list during the holiday. I'll ping
him.
--
Sent from my iPhone
> On Dec 29, 2016, at 7:07 AM, Groach
> wrote:
>
>> On 29/12/2016 09:32, Reindl Harald wrote:
>>
>>> Am 2
We are showing that all Toa signatures have been dropped. Please run freshclam
to drop the sigs.
--
Sent from my iPhone
> On Dec 29, 2016, at 8:03 AM, Joel Esler (jesler) wrote:
>
> I'm not dismissing anything. (Except the notion that I am dismissing things).
> I know one of our guys is m
Hello Alex,
> Wed Dec 28 19:05:52 2016 -> Downloading securiteinfo.hdb [*]
> Wed Dec 28 19:05:54 2016 -> WARNING: [LibClamAV] cli_loadhash: Problem
> parsing database at line 3416821
> Wed Dec 28 19:05:54 2016 -> WARNING: [LibClamAV] Can't load
> /var/lib/clamav/clamav-a0e1b3646bf0af582c18764ec2fd
Noted. Confirmed FP's no longer being reported.
(Still looking forward to the new improved QA system, and one that
doesnt require a mailing list uproar before the issues get identified).
On 29/12/2016 13:14, Joel Esler (jesler) wrote:
We are showing that all Toa signatures have been droppe
> On 29 Dec 2016, at 12:06 pm, Steve Basford
> wrote:
>
> In clamscan there is:
>
> --official-db-only[=yes/no(*)] Only load official signatures
>
> in clamd.conf there is:
>
> OfficialDatabaseOnly#Only loading official signatures.
>
> I suppose there could be a:
>
> --3rd-party-
On Thu, December 29, 2016 1:40 pm, Mark Allan wrote:
> It seems a little overkill to add a new feature for this. Couldn't you
> just delete the cvd/cld file and prevent freshclam from running? Or
> better yet, write a wrapper around freshclam so the update still takes
> place and then unpack the
On December 29, 2016 13:06:51 "Steve Basford"
wrote:
https://bugs.clamav.net/show_bug.cgi?id=11708
still ssl error
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us b
Am 29.12.2016 um 13:06 schrieb Steve Basford:
On Thu, December 29, 2016 9:32 am, Reindl Harald wrote:
i would love to be able to *completly* exclude
"daily.cld", "daily.cvd" and "main.cvd" and only update
"safebrowsing.cvd"
daily.cvd and main.cvd are compressed versions of multiple datab
Am 29.12.2016 um 14:40 schrieb Mark Allan:
On 29 Dec 2016, at 12:06 pm, Steve Basford
wrote:
In clamscan there is:
--official-db-only[=yes/no(*)] Only load official signatures
in clamd.conf there is:
OfficialDatabaseOnly#Only loading official signatures.
I suppose there could
Groach wrote:
> If I could exclude the Clam default
> signatures and just continue to use Sane then I would and then I could
> turn back on quarantining to make our systems safe again.
You can; turn off freshclam and delete the stock signature files.
Also make sure that you don't use the --off
On Thursday 29 December 2016 07:06:38 Groach wrote:
> On 29/12/2016 09:32, Reindl Harald wrote:
> > Am 29.12.2016 um 10:21 schrieb Reindl Harald:
> >> state of the official sgnatures is that clamav don't catch many
> >> real malware all over the time without sanesecurity 3rd party
> >> signatures
Am 29.12.2016 um 16:15 schrieb Kris Deugau:
Groach wrote:
If I could exclude the Clam default
signatures and just continue to use Sane then I would and then I could
turn back on quarantining to make our systems safe again.
You can; turn off freshclam and delete the stock signature files.
Because the address is bugzilla.clamav.net.
This will be fixed by removing the bugs.clamav.net dns entry. But I don't
want to remove it until the links inside the tarball + any documentation has
been adjusted to say bugzilla.
--
Sent from my iPhone
> On Dec 29, 2016, at 10:05 AM, Benny P
On 29/12/2016 09:32, Reindl Harald wrote:
>
> Am 29.12.2016 um 10:21 schrieb Reindl Harald:
>>
>> state of the official sgnatures is that clamav don't catch many real
>> malware all over the time without sanesecurity 3rd party signatures and
>> the official
>
I'd like to add these 3rd party signat
Am 29.12.2016 um 23:54 schrieb Mark Foley:
On 29/12/2016 09:32, Reindl Harald wrote:
Am 29.12.2016 um 10:21 schrieb Reindl Harald:
state of the official sgnatures is that clamav don't catch many real
malware all over the time without sanesecurity 3rd party signatures and
the official
I'
20 matches
Mail list logo
