Re: [clamav-users] False Positive - Osx.Exploit.Iosjailbreak

I'll defer that decision to Alain, or the person that wrote the detection. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire On Thursday, February 14, 2013 at 11:13 AM, Matus UHLAR - fantomas wrote: > On 14.02.13 10:57, Joel Esler wrote: > > Mo

Re: [clamav-users] False Positive - Osx.Exploit.Iosjailbreak

In any case. This signature was dropped a couple days ago, and beyond that, users can ignore it on their end. -- Joel Esler Senior Research Engineer, VRT Open Source Community Manager On Thursday, February 14, 2013 at 11:28 AM, Daniel McDonald wrote: > On 2/14/13 10:13 AM, "Mat

Re: [clamav-users] False Positive - Osx.Exploit.Iosjailbreak

your feedback and again, apologize for any inconvenience it has caused. -- Joel Esler Sent from my iPhone  On Feb 16, 2013, at 6:26 AM, Peter Bonivart wrote: > On Sat, Feb 16, 2013 at 1:29 AM, Tilman Schmidt > wrote: >> Am 14.02.2013 14:17, schrieb Daniel McDonald: >>>

Re: [clamav-users] False Positive - Osx.Exploit.Iosjailbreak

We dropped the original signature, and have replaced it with a much more accurate one. -- Joel Esler Sent from my iPhone  On Feb 16, 2013, at 1:48 PM, Jim Preston wrote: > Note: I have combined too messages for clarity > > On 02/14/2013 09:50 AM, Joel Esler wrote: >> In

Re: [clamav-users] ZEUS virus

$ sigtool -fZbot | wc -l 38480 If that adds anything. On Feb 21, 2013, at 1:49 PM, Zvi Kave wrote: > Thank you Chuck (and Alain as well) for the list. > > Zvi > > - Original Message - From: "Chuck Swiger" > To: "ClamAV users ML" > Sent: Thursday, February 21, 2013 8:33 PM > Subject

Re: [clamav-users] Fw: Freshclam: Error creating socket

Thanks for letting us know how you fixed it. Surprising how many people don't do that! -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire On Thursday, March 7, 2013 at 5:30 PM, Massimo Rossi wrote: > Dott. Massimo Rossi > > Via Meucci 22 – Fra

[clamav-users] ClamAV 0.97.7 has been released!

Dear ClamAV users, "ClamAV 0.97.7 addresses several reported potential security bugs. Thanks to Felix Groebert, Mateusz Jurczyk and Gynvael Coldwind of the Google Security Team for finding and reporting these issues." Download: http://downloads.sourceforge.net/clamav/clamav-0.97.7.tar.gz PGP

Re: [clamav-users] ClamAV 0.97.7 available?

All, This is MY fault. No one else's. I was tied up in another project yesterday and didn't get a chance to send the announce blog post/email post out like I usually do. Sorry about that all, it won't happen again. Thanks. -- Joel Esler Senior Research Engineer, VRT OpenS

Re: [clamav-users] New Version of ClamAV

y release announcement on the mailing list. 97.7's release announcement was my fault. Olney is talking about future future features. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire ___ Help us build a comp

Re: [clamav-users] Strange error with freshclam

ed too many times with an outdated > version) Dear Rick, Thanks for your email. I believe you will find what you are looking for here: http://blog.clamav.net/2013/02/resolving-issues-with-freshclam.html -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire

Re: [clamav-users] Mirror Issues

Thanks Al. Yes, you can work with Ryan Steinmetz on mirror issues. I see where Luca is still listed as the admin on the archive site. Thanks. -- Joel Esler Sent from my iPhone  On Apr 10, 2013, at 5:58 PM, A K Varnell wrote: > In the past I've addressed most of my ClamAV® Databas

[clamav-users] ClamAV 0.97.8 has been released!

Dear ClamAV users, "ClamAV 0.97.8 addresses several reported potential security bugs. Thanks to Felix Groebert of the Google Security Team for finding and reporting these issues." Download: http://downloads.sourceforge.net/clamav/clamav-0.97.8.tar.gz PGP sig: http://downloads.sourceforge.net/

Re: [clamav-users] ClamAV 0.97.8 has been released!

On Apr 23, 2013, at 1:42 PM, Steve Basford wrote: > The PGP sig should be: > > http://sourceforge.net/projects/clamav/files/clamav/0.97.8/clamav-0.97.8.tar.gz.sig/download Sorry about that, I had it right in my post, but when the email went out, it didn't take. Thanks. __

Re: [clamav-users] errors on clamav.net

Jon, Thanks for writing in, I'll get someone to take a look. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire On Apr 29, 2013, at 9:12 AM, "Bendtsen, Jon" wrote: > Hi > > I was trying to report what I believe is a false positive t

Re: [clamav-users] scanning on demand

he ClamAV lists. That's perfectly fine. That way anyone involved can help out, and you help out others by providing the information to the list. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire __

Re: [clamav-users] Removal

red it would be easier to just put > his e-mail address in the form to unsubscribe and pressed "send me a > confirmation" > > So, all he has to do is properly respond back to the e-mail. Meh. Which he did. He's gone now. -- Joel Esler Senior Research Engineer,

Re: [clamav-users] freshclam can't download daily.cvd

e: https://github.com/vrtadmin/clamav-faq/blob/master/mirrors/MirrorProblems.md I'll remove it from Clamav.net shortly. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire ___ Help us build a comprehensive ClamAV gui

Re: [clamav-users] OSX.Trojan.KitM

On May 24, 2013, at 1:56 AM, A K Varnell wrote: >> ClamAV: OSX.Trojan.KitM > > Any idea what's going on with that? Looks like the original was pulled and there is now OSX.Trojan.KitM-1. I'm pushing it live right now. -- Joel Esler Senior Research Engineer, VRT OpenSo

Re: [clamav-users] Virus pattern grammar license

The code is licensed GPLv2. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire On Jun 13, 2013, at 5:50 AM, Yoon-Chan Jhi wrote: > Hello, > > I am wondering if anyone can give me an answer on this. What is the > license for ClamAV's virus sig

Re: [clamav-users] Availability of virus pettern for solaris

There are patterns for almost all operating systems in the ClamAV db. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire On Jun 13, 2013, at 7:56 AM, Toni Habich wrote: > i don't know. and that's the point. so I ask again - are there any virus &

Re: [clamav-users] Availability of virus pettern for solaris

On Jun 18, 2013, at 3:22 PM, Dennis Peterson wrote: > On 6/18/13 8:08 AM, Alain Zidouemba wrote: >> As Joel Esler mentioned before, there are signatures for UNIX malware in >> the official ClamAV DB. >> >> - Alain > > > You would think such a simple quest

Re: [clamav-users] Availability of virus pettern for solaris

On Jun 18, 2013, at 3:53 PM, Dennis Peterson wrote: > Does "almost all operating systems" include Solaris 10? If I would have written back and said "ClamAV's db includes detection for malware on all operating systems" someone would have wrote back and said "all operating systems? srsly? 4rea

Re: [clamav-users] Why can't I send in false positives?

; I try occasionally to submit these files, and they never seem to be > accepted. I also check "Notify me" but the ClamAV team never gets back > to me about this. Anyone know why the form hasn't accepted my > submissions in months? Can you send us the md5's of the file

Re: [clamav-users] Clam 0.97.8 not scanning rar

Win.Trojan.PSW-13 FOUND > > Will be sticking to this version until someone build it with rar support for > 0.97.8. Instead of me having the scour the internet, can someone pass me the email address for the package maintainer here, and I’ll try and coordinate with them to fix this

Re: [clamav-users] Clam 0.97.8 not scanning rar

l freshclam instaed > > > -- > senders that put my email into body content will deliver it to my own > trashcan, so if you like to get reply, dont do it > __**_ > Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net >

Re: [clamav-users] Clam 0.97.8 not scanning rar

Okay, I don't think this discussion will get us anywhere. Let's close it down. :) Sent from my iPhone > On Jul 10, 2013, at 12:02 AM, Nicholas Chua wrote: > > >> >> http://www.rarlab.com/rar/unrarsrc-5.0.7.tar.gz >> >> ignorants > > Calling yourself? > > _

Re: [clamav-users] Details with full explanation of Virus infection

On Jul 20, 2013, at 4:23 AM, Al Varnell wrote: > On Jul 20, 2013, at 1:09 AM, Kaushal Shriyan wrote: > >> If any virus is infected on the linux desktop or server, can ClamAV spew >> out details with full explanation of Virus infection and the remedy > > No. You will be notified of the path to t

Re: [clamav-users] news: Cisco Announces Agreement to Acquire Sourcefire

http://blog.clamav.net/2013/07/a-continued-commitment-to-open-source.html Hopefully this will help out :) -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire On Jul 24, 2013, at 8:55 AM, Greg Folkert wrote: > I seriously hope they don't screw up this. L

Re: [clamav-users] Can't submit statistics.

f infrastructure problem and as it wasn't > affecting getting new signature files I didn't worry too much. > > -- > > Brian Morrison > _______ > Help us build a comprehensive ClamAV guide: visit http://wiki

Re: [clamav-users] Can't submit statistics.

Hey all, this should be fixed. Please try. Thanks. -- Joel Esler Sent from my iPad On Jul 24, 2013, at 3:03 PM, Joel Esler wrote: > I forwarded this thread onto the appropriate parties here. > > Thanks. > > > On Wed, Jul 24, 2013 at 1:52 PM, Brian Morrison wrote:

Re: [clamav-users] R: engine outdated error

definition): > > http://www.gnu.org/philosophy/free-sw.html > > The problem with libunrar isn't the cost, but the license. > > ___ > Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net > http://www.cl

Re: [clamav-users] clamd socket permissions

dults here. Do what's best. -- Joel Esler > On Jul 31, 2013, at 8:44 PM, Al Varnell wrote: > >> On Jul 31, 2013, at 7:31 PM, Bob Miller wrote: >> >> Hello, >> >>>> I realize seeing this that the list rules are not to top post, yet my

Re: [clamav-users] clamd taking too long to restart?

ClamAV > that are being discussed, as the last changelog update was May (before the > takeover)? Steve, Just to clarify, at this time we’ve just announced Cisco acquiring Sourcefire. It takes time for the deal to be approved and go through. I’ll let Matt speak to the specifics of

Re: [clamav-users] False positive reporting

You should receive an email when the FP is dealt with from our system. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire On Aug 23, 2013, at 9:32 AM, Hugo Deprez wrote: > Hello, > > thank you for the information. > > In my own opinion, the i

[clamav-users] Reminder: New Main.cvd is scheduled to be pushed tomorrow, September 17

f you have any questions: http://blog.clamav.net/2013/09/maincvd-scheduled-for-tuesday-september.html -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire signature.asc Description: Message signed with OpenPGP using GP

[clamav-users] Main.cvd has been pushed

You may notice that the new Main.cvd has been pushed. You will notice a significant difference in load on the servers and traffic while everyone is updating to the new version. Thank you for your patience. -- Joel Esler Open Source Community Manager Senior Research Engineer, VRT SOURCEfire

[clamav-users] ClamAV®: ClamAV 0.98 has been released!

http://blog.clamav.net/2013/09/clamav-098-has-been-released.html ClamAV 0.98 has been released! ClamAV 0.98 includes many new features, across many different components of ClamAV. There are new scanning options, extensions to the libclamav API, support for additional filetypes, and internal upgra

Re: [clamav-users] ClamAV®: ClamAV 0.98 has been released!

Fixing now Al. Thanks. Sent from my iPhone > On Sep 19, 2013, at 3:32 PM, Al Varnell wrote: > >> On Sep 19, 2013, at 12:04 PM, Joel Esler wrote: >> http://blog.clamav.net/2013/09/clamav-098-has-been-released.html >> >> ClamAV 0.98 has been released! > >

Re: [clamav-users] ClamAV®: ClamAV 0.98 has been released!

It should be fixed now. Thanks Christoph. On Sep 19, 2013, at 4:07 PM, Christoph Moench-Tegeder wrote: > ## Al Varnell (alvarn...@mac.com): > >>> ClamAV 0.98 has been released! >> >> As usual, it was not linked to the main ClamAV® web page yet, but I was able >> to track it down here: >>

Re: [clamav-users] ClamAV®: ClamAV 0.98 has been released!

which page? I’m seeing .98 On Sep 19, 2013, at 3:21 PM, Dennis Peterson wrote: > On 9/19/13 12:04 PM, Joel Esler wrote: >> http://blog.clamav.net/2013/09/clamav-098-has-been-released.html >> >> ClamAV 0.98 has been released! >> > > The link on the clamav

Re: [clamav-users] False positive

Siméon, Thanks for writing in, those are the right links, the guys may have not gotten the chance to take a look at that particular FP yet. I’ll ask someone to take a look. Thanks. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire On Sep 20, 2013, at 9:48

Re: [clamav-users] VirusTotal & Malware Submissions

It’s beneficial for you to both. It indicates to us that you care enough to send us a sample individually and we can work with that, it always helps when the community provides us with samples! -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire On Sep 21, 2013

Re: [clamav-users] VirusTotal & Malware Submissions

On Sep 24, 2013, at 2:42 PM, Daniel Quintiliani wrote: > > OK, good to know I'm not annoying you or being ignored by you. I know a > lot of those spam messages are similar. A lot of times my e-mail > provider removes the attachment from the message after a few days. No, I’ve just had a ton of em

Re: [clamav-users] 0.98 and PUA

On Sep 30, 2013, at 6:03 AM, Martin Hepworth wrote: > Thanks > was looking at the PUA page on the main www site and it's still got the > 2007 advice of "here be monsters tread carefully" ;-) Looking for this page, and I can’t find it? Where do you see this? -- Jo

Re: [clamav-users] 0.98 and PUA

aps > there are > changes still to come. Thanks Paul, I’ll see if we can’t get a blog post up describing our naming conventions, etc. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml

Re: [clamav-users] 0.98 and PUA

them and we’ll take a look and approve! -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire On Sep 30, 2013, at 10:26 AM, Martin Hepworth wrote: > Joel > > this one when you search on the g-search for clamav pua.. > > http://www.clamav.net/lan

Re: [clamav-users] ClamAV on small memory computers

umably more powerful) machines? I agree with your statement in principle (in that you say “vast majority”) but we do publish protection in ClamAV for all platforms. Not just Windows. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire __

Re: [clamav-users] Max Open File Descriptors issue found this morning

r side and are currently building a new daily -- Joel Esler Manager Open Source, Design, Web, and Education Talos Group http://www.talosintelligence.com. ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailma

Re: [clamav-users] False Positive not being corrected

being marked as a virus. In testing it against other scanners Clam is the only one picking it up as a virus. They will need the MD5 hash value of the file in order to easily find it in their database. Yup. We’ll need the MD5! Thanks Al. -- Joel Esler AEGIS Intelligence Lead OpenSource M

Re: [clamav-users] lost

What is this “daily interruption of Console” that you are referring to? Can you give us a screenshot or something so we can reference? Also, ClamXav is probably one of the best GUI clients for ClamAV that I’ve seen so far. -- Joel Esler Intelligence Lead Open Source Manager Vulnerability

Re: [clamav-users] some questions about malware statistics

> On Dec 23, 2013, at 10:58, "黄海涛" wrote: > > 1.http://www.clamav.net/rss/clamsigs-top10.rss, what's statistical duration? > one month? Not sure. This was left over from the old ClamAV team and we haven't redone it yet. Yes, we have plans to. > 2.can I get all rankings but not top 10. >

Re: [clamav-users] 0.98-exp / LibClamAV Warning

> On Dec 23, 2013, at 11:23, "gin(e)" wrote: > > But why "file" programm doesn't say that? I have pasted the output for > that reason. File only looks at certain parts of a file to determine the type of file. For flash it only has to look at the first three characters of the file. _

Re: [clamav-users] Debian packaging

> On Dec 17, 2013, at 5:28, "Simon Hobson" wrote: > > Well since no-one's come back with something like "the package maintainer's > gone AWOL" or similar, I'll keep bumping that bug ticket. Does seem strange, > I don't recall such a long delay in the past. > Updating from source isn't really a

Re: [clamav-users] ClamAV v0.98.1

Thanks Steve. I was having an email issue yesterday and my announcement email was stuck in the queue. -- Joel Esler Intelligence Lead Open Source Manager Vulnerability Research Team On Jan 15, 2014, at 8:07 AM, Steve Basford mailto:steveb_cla...@sanesecurity.com>> wrote: Looks like 0.9

Re: [clamav-users] Virus update notices from month's ago.

Rick, That was me. There were a bunch stuck in the queue, and I cleared it out. Sorry about that. On Jan 15, 2014, at 1:31 PM, Rick Macdougall wrote: > Hi, > > I'm getting all sorts of virus update notifications that are months old and > huge in size. > > Headers for one at http://pasteb

[clamav-users] Vote for ClamAV as the Sourceforge Project of the Month!

-the-month-voting/ And you can cast your vote here: https://sourceforge.net/p/potm/discussion/vote/thread/7d522915/ Thanks to everyone who supports the ClamAV project, get out and vote! (Note: You must be a member of Sourceforge, and must be logged in, to vote.) -- Joel Esler Intelligence

Re: [clamav-users] request for feature

Because these are two separate systems. In two different parts of the network. We haven't consolidated everything that we took over when the original clam team left yet. -- Joel Esler Sent from my iPhone > On Jan 31, 2014, at 14:59, "Gene Heskett" wrote: > > On F

Re: [clamav-users] request for feature

On Feb 2, 2014, at 9:39 AM, Gene Heskett mailto:ghesk...@wdtv.com>> wrote: On Sunday 02 February 2014 09:37:59 Joel Esler (jesler) did opine: Because these are two separate systems. In two different parts of the network. We haven't consolidated everything that we took over when t

[clamav-users] ClamAV®: ClamAV Mailing List Maintenance, Monday, February 10th, 2014

starting at 10am EST, the ClamAV Mailing lists will be moving to new server hardware. We anticipate this outage to last approximately four (4) hours. We will be notifying everyone when the new server is up and operational. Thank you for your patience. Joel Esler Threat Intelligence Team Lead

Re: [clamav-users] [Clamav-announce] ClamAV®: ClamAV Mailing List Maintenance, Monday, February 10th, 2014

On Feb 6, 2014, at 8:19 PM, Dennis Peterson mailto:denni...@inetnw.com>> wrote: On 2/6/14, 3:12:09PM, Joel Esler (jesler) wrote: http://blog.clamav.net/2014/02/clamav-mailing-list-maintenance-monday.html ClamAV Mailing List Maintenance, Monday, February 10th, 2014 This notice is f

[clamav-users] Introducing OpenSSL as a dependency to ClamAV

On Friday last week I put a blog post up about introducing OpenSSL into the ClamAV ecosystem. I wanted to make sure everyone saw it, so please have a look at the blog post here: http://blog.clamav.net/2014/02/introducing-openssl-as-dependency-to.html -- Joel Esler | Threat Intelligence Team

Re: [clamav-users] Introducing OpenSSL as a dependency to ClamAV

to be using OpenSSL in future features we have planned for ClamAV, so this is the best option. -- Joel Esler | Threat Intelligence Team Lead | Open Source Manager | Vulnerability Research Team ___ Help us build a comprehensive ClamAV guide: h

Re: [clamav-users] as unsubscribe from list ?

http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Bottom of the page. -- Joel Esler | Threat Intelligence Team Lead | Open Source Manager | Vulnerability Research Team On Mar 3, 2014, at 9:06 AM, Erwin Castillo wrote: thanks ___ Help us

[clamav-users] Snort.org Blog: Open Source Community Webinar

Register Now<https://cisco.webex.com/ciscosales/k2/j.php?MTID=tc6ff6d5fd9a1eab5e6e5966b96c914ca> for the webinar. We look forward to seeing you and hearing from you then! -- Joel Esler Open Source Manager Threat Intelligence Team Lead Vulnerability Researc

[clamav-users] ClamAV®: ClamAV 0.95 Engine End of Life Announcement

http://blog.clamav.net/2014/03/clamav-095-engine-end-of-life.html ClamAV 0.95 Engine End of Life Announcement ClamAV Community, This notice is to inform you that effective immediately ClamAV 0.95 (and all minor versions) is no longer supported in accordance with ClamAV's EOL policy which can b

Re: [clamav-users] Mass sample submission

Bohdan, I'd be glad to set you up with a submission method. I'll email you separately offlist. -- Joel Esler Sent from my iPhone > On Apr 5, 2014, at 5:53, "Bohdan Turkynewych" wrote: > > Hi everyone, > > I have up to several thousand already detected

Re: [clamav-users] git repository

ack to you all on this. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Vulnerability Research Team ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml

[clamav-users] ClamAV®: ClamXAv in the top ten free Apps in the Mac OSX App Store!

http://blog.clamav.net/2014/04/clamxav-in-top-ten-free-apps-in-mac-osx.html ClamXAv in the top ten free Apps in the Mac OSX App Store! Congratulations to Mark Allan, developer of the ClamXav project (the OSX GUI front-end to ClamAV) for making the top ten list in the fr

[clamav-users] ClamAV®: ClamAV 0.98.2 has been released!

http://blog.clamav.net/2014/05/clamav-0982-has-been-released.html ClamAV 0.98.2 has been released! ClamAV 0.98.2 has been released, and is available here: http://sourceforge.net/projects/clamav/files/clamav/0.98.2/, below are the highlighted changes and fixes from this release! 0.98.2 --

[clamav-users] ClamAV 0.98.2

ClamAV Community, As some of you may have noticed, ClamAV 0.98.2 has been pulled down from the site temporarily due to unforeseen issues. More news will be forthcoming and it should be fixed soon. Thanks for your patience in the meantime. -- Joel Esler Open Source Manager Threat Intelligence

[clamav-users] ClamAV®: ClamAV 0.98.3 has been released!

http://blog.clamav.net/2014/05/clamav-0983-has-been-released.html ClamAV 0.98.3 has been released, and is available here: http://sourceforge.net/projects/clamav/files/clamav/0.98.3/, below are the highlighted changes and fixes from this release! 0.98.3 -- Here are the new features and im

Re: [clamav-users] Clamav is not finding any viruses

We exchange samples with many groups, companies, and people. Bringing in over 650,000 unique samples a day. Which highlights the "understaffed" issue. -- Joel Esler Sent from my iPhone > On May 9, 2014, at 4:59, "Al Varnell" wrote: > > Thorvald, > >

Re: [clamav-users] Version 0.98.3 fails on Solaris

ything. It depends on each individuals definition of “proper Solaris Sparc” environment is I guess. The vast majority of our user base is not Solaris, so we focus the primary chunk of our efforts on other platforms. Let Shawn do his testing. -- Joel Esler Open Source Manager Threat Intelligenc

Re: [clamav-users] Version 0.98.3 fails on Solaris

Understood. I’ll talk to the guys to see if we have a home for them in the lab. We’re currently planning on the expansion of our lab, so it’s a possibility. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Vulnerability Research Team _

Re: [clamav-users] Support question.

hat you upgrade to the most current version. “ -- Joel Esler Open Source Manager Threat Intelligence Team Lead Vulnerability Research Team ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml

Re: [clamav-users] clamav-0.98.3 make error Mac OSX 10.5.8

On May 12, 2014, at 3:08 PM, Gary mailto:o...@ibsltd.ca>> wrote: I have been using ClamAV for years and never had any issues!! Oh well... - a good run indeed. Mac OSX 10.5.8 You realize that Apple’s support for that OS ended, probably 4 years ago? -- Joel Esler Open Source Manager

[clamav-users] ClamAV®: ClamAV 0.98.4rc1 is now available!

http://blog.clamav.net/2014/05/clamav-0984rc1-is-now-available.html ClamAV 0.98.4rc1 is now available for download. Shown below are the notes concerning this release: 0.98.4rc1 -- ClamAV 0.98.4 is a bug fix release. The following issues are now resolved: - Various build problems on Solar

Re: [clamav-users] Version 0.98.3 fails on Solaris

Otherwise, whatever. This is not something to argue about I guess. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Vulnerability Research Team ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www

Re: [clamav-users] ClamAv updates not being published properly?

Thanks all. We'll take a look! -- Joel Esler Sent from my iPhone > On May 28, 2014, at 6:34, "Jim Popovitch" wrote: > > On Wed, May 28, 2014 at 4:39 AM, Randal, Phil > wrote: >> Oops, left off the latest version of patterns - 19041, allegedly, yet we'

Re: [clamav-users] Bitcoin : Chainstate : Virii

Thanks Ellan. What is your question here? -- Joel Esler Open Source Manager Threat Intelligence Team Lead Vulnerability Research Team On Jun 10, 2014, at 10:49 AM, ellanios82 mailto:ellanio...@gmail.com>> wrote: Hello List i notice link : https://bitcointalk.org/index.php?topic=57

Re: [clamav-users] Bitcoin : Chainstate : Virii [SEC=UNOFFICIAL]

From: clamav-users-boun...@lists.clamav.net > [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Joel Esler > (jesler) > Sent: Wednesday, 11 June 2014 8:52 AM > To: ClamAV users ML > Subject: Re: [clamav-users] Bitcoin : Chainstate : Virii > > Thanks Ellan. &g

[clamav-users] ClamAV®: ClamAV 0.98.4 has been released!

, and provide us any feedback on our mailing lists<http://www.clamav.net/lang/en/ml/>. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Vulnerability Research Team ___ Help us build a comprehensive ClamAV guide: https://github.com/vr

Re: [clamav-users] FN with unknown virus attachment

Thanks Alex, We'll have a look. -- Joel Esler Sent from my iPhone > On Jun 21, 2014, at 9:00, "Alex" wrote: > > Hi, > I'm using clamav-0.98.4 on fedora20 with the sanesecurity and safebrowsing > sigs and still seeing an unknown virus pass through our

Re: [clamav-users] Bad detection rate

Always, as a reminder, we have the ClamAV Community sigs list, which anyone in the world can submit signatures to us, which we’ll put through the system and they’ll go out in the official list. http://blog.clamav.net/2014/02/introducing-clamav-community-signatures.html -- Joel Esler Open

Re: [clamav-users] Bad detection rate

by a Sanesecurity unofficial signature. Correct. Steve, If SaneSecurity wants to push the sig into the official set, you can get in touch with us at any time, which we’ll give you and your team full credit for. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Vulnerabil

Re: [clamav-users] Bad detection rate

> On Jun 25, 2014, at 1:40, "Dennis Peterson" wrote: > >> On 6/24/14, 9:16 PM, Al Varnell wrote: >> That’s certainly a valid question and deserves a ClamAV® answer, but I’ll >> throw this comment out. >> >> The signature team has always been overwhelmed by the number of new samples >> it rece

Re: [clamav-users] Bad detection rate

On Jun 25, 2014, at 2:34, "Al Varnell" wrote: >> Tue, Jun 24, 2014 at 10:40 PM, Dennis Peterson wrote: >> >> It wouldn't hurt to have a youtube video that shows admins how to generate >> simple day 0 check sum sigs that they can deploy locally while waiting for a >> Cisco/SourceFire signature

Re: [clamav-users] Bad detection rate

> On Jun 25, 2014, at 0:17, "Al Varnell" wrote: > > The signature team has always been overwhelmed by the number of new samples > it receives every day and even though the team is bigger today, so is the > input. Right. We have several people working on malware full time. But we receive well

Re: [clamav-users] Malformed database?

> On Jun 25, 2014, at 5:22, "Steve Basford" > wrote: > > >> On Wed, June 25, 2014 9:57 am, Paul Smith wrote: >> Using ClamAV 0.97.2, since yesterday's update Freshclam gives this when >> trying to download a fresh database: > > Hi Paul, > > Much newer binaries here (0.98.4), does it work ok

Re: [clamav-users] Malformed database?

On Jun 25, 2014, at 7:15 AM, Paul Smith mailto:p...@pscs.co.uk>> wrote: Oh? The FAQ says that the latest two major versions (0.97 and 0.98 ?) are tested against the DB, so it should work as far as I can see. You’re right. I’m sorry. My brain must have transposed “0.97.2” to “0.92.7” ___

Re: [clamav-users] Bad detection rate

fcac0e7) Are you sure you submitted these files? We don’t have them. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Vulnerability Research Team signature.asc Description: Message signed with OpenPGP using GPGMail ___ Help us build

Re: [clamav-users] Reporting false positives fails

Thank you for brining it to our attention Michael, I’ll take a look. On Jun 27, 2014, at 1:49 PM, Michael Graham wrote: > I think google is linking to an old version of the page. > > I googled "clamav report" and clicked the top link: > http://cgi.clamav.net/sendvirus.cgi > > But if I got to t

Re: [clamav-users] Win.Trojan.Zwangi-432 / Osx.Exploit.CVE_2006_0848 / PHP.Shell-29

> On Jul 8, 2014, at 5:11, "DUCARROZ Birgit" wrote: > > Platform: You mean the platform where clamav is installed, not the platform > the virus is for, just? Yes. The platform where ClamAV is. > What do you mean I must attach with "raw message"? The output of the > virus-scan? Or the file

[clamav-users] ClamAV®: ClamAV 0.98.5 beta has been posted!

ClamAV 0.98.5 beta has been posted! The ClamAV team is proud to announce the availability of ClamAV 0.98.5 beta ready for testing! http://blog.clamav.net/2014/07/clamav-0985-beta-has-been-posted.html -- Joel Esler Open Source Manager Threat Intelligence Team Lead Vulnerability Research Team

[clamav-users] ClamAV®: Compiling OpenSSL For Windows

ctory. This article will teach you how to compile OpenSSL on a Microsoft Windows system and how to link ClamAV against OpenSSL. Read More here: http://blog.clamav.net/2014/07/compiling-openssl-for-windows.html <http://blog.clamav.net/2014/07/compiling-openssl-for-windows.html> -- Joel

[clamav-users] ClamAV®: ClamAV 0.96 Engine End of Life Announcement

> http://blog.clamav.net/2014/07/clamav-096-engine-end-of-life.html > > ClamAV 0.96 Engine End of Life Announcement > > ClamAV Community, > > This notice is to inform you that effective immediately ClamAV 0.96 (and all > minor versions) is no longer supported in accordance with ClamAV's EOL po

Re: [clamav-users] false positive sample

hould I submit it again? Providing the MD5 of the submitted file will allow the team to locate it quickly. md5sum: 04f34a0597ab21ce25f4fc6bc84cc5d4 I see this on the server side and the hash is assigned to an analyst to take a look. -- Joel Esler Open Source Manager Threat Intelligenc

Re: [clamav-users] false positive sample

e’re having a server problem that I haven’t seen yet and we need to get that fixed. If people would like to contribute their own signatures to the ruleset, we’d be happy to take a look at that as well: http://blog.clamav.net/2014/02/introducing-clamav-community-signatures

Re: [clamav-users] false positive sample

my blood pressure up, over what is really, just a form of communication. I don’t need that undue stress in my life. What I am going to do? Start banning people for top posting? Nope. That used to be a “requirement” on the list, and no one followed it anyway, so I removed it. -- Joel Esler

[clamav-users] ClamAV®: The new ClamAV.net is here!

http://blog.clamav.net/2014/08/the-new-clamavnet-is-here.html For the past several months we've been working diligently on a complete refresh of several Open Source websites, designs and logos. The first website we rolled out a refresh of was Snort.org back in June. At the s

<    1   2   3   4   5   6   7   8   9   10   >