Re: [clamav-users] False positive for sure

That's a PUA alert. That's not on by default. -- Joel Esler Sent from my iPhone > On Sep 3, 2014, at 6:40, "Gene Heskett" wrote: > > Greetings; > > This report from last nights clamscan is absolutely a false positive: > /home/gene/Downloads

Re: [clamav-users] ClamAV®: The new ClamAV.net is here!

clamav-0.98.4-win32.msi which > isn't very useful for an of my unix flavors. > > On 8/31/2014 6:35 AM, Alessandro Vesely wrote: >> On Tue 26/Aug/2014 20:56:27 +0200 Joel Esler (jesler) wrote: >>> >>> http://blog.clamav.net/2014/08/the-new-clamavnet-is-here.

Re: [clamav-users] Where can I download the daily.cvd and main.cvd files

ucture, and you can distribute it from your machine. We don’t want people downloading them directly from our local mirror. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos ___ Help us build a comprehensive ClamAV guide: https://gith

Re: [clamav-users] Warning in ClamAV update process

mirrors.html perhaps also not available anymore. The mirrors page and the stats page we’re working on (phase 2) for the site. We have a different way we’re going to be displaying the stats and mirrors, and it isn’t ready yet. Sorry for the inconvenience for anyone affected. -- Joel Esler Open So

Re: [clamav-users] Warning in ClamAV update process

ne “systematically trying to destroy clamav”, and take issue with that statement. What can I do better to communicate to you? My statistics on usage and downloads don’t illustrate what you are complaining about, so what can I do to make it better for you? -- Joel Esler Open Source Manager Threat

Re: [clamav-users] Warning in ClamAV update process

> On Sep 11, 2014, at 4:36 PM, Bowie Bailey wrote: > > On 9/11/2014 4:25 PM, Joel Esler (jesler) wrote: >> On Sep 11, 2014, at 7:15 AM, Gene Heskett >> mailto:ghesk...@wdtv.com>> wrote: >> >> On Thursday 11 September 2014 05:10:52 Tommy Berglund did opin

Re: [clamav-users] Warning in ClamAV update process

he end of the tunnel will make it all worth it. It’s costing us millions of dollars, but we’re going to do it, and we’re going to do it right. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos On Sep 11, 2014, at 5:39 PM, Gene Heskett mailto:ghesk...@wdtv.com>>

Re: [clamav-users] daily.cvd file.

Georges, You should be using the freshclam tool provided with ClamAV to download updates from our mirror infrastructure. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos On Sep 15, 2014, at 2:03 PM, Volcy, Georges mailto:georges.vo...@pseg.com>> wrote: I've

Re: [clamav-users] daily.cvd file.

Correct. We plan on removing these after teaching people how to set up their own private mirror. > On Sep 15, 2014, at 2:07 PM, Ed Christiansen MS wrote: > > They hide them really really well - like they don't want you to know they are > there. > > http://www.clamav.net/index.html -> Downlo

Re: [clamav-users] daily.cvd file.

The CVD is updated roughly every four hours. Chances are, you are getting a new one ;) -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos On Sep 16, 2014, at 3:10 PM, Volcy, Georges mailto:georges.vo...@pseg.com>> wrote: Thank you so much for your help! Ver

Re: [clamav-users] Daily.cvd file

s a substantial impact on the mirror infrastructure, we have to let the mirrors know before we do it. As you can imagine, the 7M+ users of ClamAV all downloading a main.cvd from a mirror is quite heavy on bandwidth if you aren’t expecting it. -- Joel Esler Open Source Manager Threat Intell

Re: [clamav-users] daily.cvd vs main.cvd

02:53 PM, Paul Kosinski wrote: >> >> On Thu, 18 Sep 2014 12:00:00 -0400 >> Joel Esler wrote: >> >>> You are not remembering correctly. That may have been true a decade >>> ago, but for the last half dozen years or so the main stayed the >>> sam

Re: [clamav-users] Why are the ClamAV team so slow at creating signatures ?

t what you submitted. We love the feedback from our users, and always look forward to a constructive dialog. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos smime.p7s Description: S/MIME cryptographic signature ___ Help us build a c

Re: [clamav-users] Why are the ClamAV team so slow at creating signatures ?

he permission from Eugene Roshal to > release unrarlib 0.4.0 under GPL and unrarlib-license. Note: this doesn't > mean that RAR is free now or you can use the unrar source from RARlabs under > GPL. You are just allowed to use UniquE RAR File Library version 0.4.0 > (unrarlib 0.4

Re: [clamav-users] Why are the ClamAV team so slow at creating signatures ?

o a > threat. Our responsibility to our users (for those of us who have them) is to > take advantage of that tool set. Well said Dennis. The other part of the equation is that we are always open to accepting the signatures and protection generated by our users for the greater good via o

Re: [clamav-users] Why are the ClamAV team so slow at creating signatures ?

; > I'm off to sign up with one of the well established software vendors. We’re sorry to see you go. We try to offer a good service, for free, to the community in order to make the internet, just a little bit safer. We’ll understand if you’d like a refund. ;) -- Joel Esler Open S

[clamav-users] ClamAV® blog: ClamAV 0.95.5rc1 is now available for download!

> http://blog.clamav.net/2014/10/clamav-0955rc1-is-now-available-for.html > > > ClamAV 0.95.5rc1 is now available for download! > > ClamAV 0.95.5rc1 is now available for download. Shown below are the notes > for this re

Re: [clamav-users] ClamAV® blog: ClamAV 0.98.5rc1 is now available for download!

An error on my part.. This should read 0.98.5-rc1, not 95.5-rc1. Corrected: > ClamAV 0.98.5-rc1 is now available for download! ClamAV 0.98.5-rc1 is now available for download. Shown below are the notes for this release: ClamAV 0.98.5 also includes these new features: - Support for the XD

[clamav-users] ClamAV® blog: ClamAV 0.98.5 has been released!

http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html ClamAV 0.98.5 has been released! Welcome to ClamAV 0.98.5! ClamAV 0.98.5 includes important new features for collecting and analyzing file properties. Software developers and analysts may collect file property meta data using the

Re: [clamav-users] How can I get commercial support of clamav for Windows Servers?

We do not provide commercial support for ClamAV. Our commercial product which incorporates ClamAV , produced by Cisco, is called fireAMP. Support is provided via our mailing list, and generally has an excellent response time. -- Joel Esler Sent from my iPhone On Nov 18, 2014, at 8:27 PM

Re: [clamav-users] ClamAV® blog: ClamAV 0.98.5 has been released!

Dennis, Haha. Yes at some point. We have a roadmap for a 1.0 release. -- Joel Esler Sent from my iPhone On Nov 19, 2014, at 2:44 AM, Dennis Peterson mailto:denni...@inetnw.com>> wrote: On 11/18/14 2:11 PM, Joel Esler (jesler) wrote: http://blog.clamav.net/2014/11/clamav-0985-ha

[clamav-users] Bytecode Blog Posts

. If you have any interest on future blog posts you’d like us to produce, please feel free to email me. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav

Re: [clamav-users] detection of really old viruses?

Al is correct here. -- Joel Esler Sent from my iPhone On Nov 22, 2014, at 9:54 PM, Al Varnell mailto:alvarn...@mac.com>> wrote: On Sat, Nov 22, 2014 at 06:42PM, Marcel Giannelia wrote: Most of the virus definitions in the cvd files don't seem to have dates associated with them (at

Re: [clamav-users] cannot find clamav-devel-latest.tar.gz anymore...

Well I imagine this probably happened when we switched from the old website to the new website. I wasn’t aware that we were producing daily builds. I’ll talk it over with the team and see if this is something we want to include on the new site. -- Joel Esler Open Source Manager Threat

Re: [clamav-users] cannot find clamav-devel-latest.tar.gz anymore...

berg Email: heino.backh...@fink-computer.de Web: www.fink-computer.de Fax: +49-641-98444638 Fon: +49-641-98444640 UST-ID: DE151040770 HRB: 2143 Gießen GF: Fredi Fink "I was gratified to be able to answer promptly, and I did. I said I didn't know." -Mark Twain Am 26.11.2014

Re: [clamav-users] I will be out of the office starting 12-19-2014 through 12-29-2014.

I’ve disabled your email to clamav-users until you get back form vacation to keep you from sending email to the list subscribers. Joel > On Dec 22, 2014, at 10:57 AM, Christopher Checca > wrote: > > I will be out of the office starting 12-19-2014 through 12-29-2014. > > I will respond to y

Re: [clamav-users] detection of really old viruses?

Naresh, Please do not reply to every thread on the ClamAV list asking for help. Have you looked at the documentation page on CLamAV.net <http://clamav.net/>? -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos > On Dec 31, 2014, at 12:36 AM, naresh h

Re: [clamav-users] Which anti-virus do you prefer on Linux desktop?

I think the answer you are going to get from the ClamAV list is ClamAV. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos > On Jan 1, 2015, at 2:22 AM, Franklin Wang wrote: > > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > I've

Re: [clamav-users] Which anti-virus do you prefer on Linux desktop?

t on there. We prefer to spend our money in different areas. Not saying we’d be number one, either. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos smime.p7s Description: S/MIME cryptographic signature ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml

Re: [clamav-users] Which anti-virus do you prefer on Linux desktop?

ng to remember is that shadowserver’s feed is not 100% malicious. So keep that in mind. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos smime.p7s Description: S/MIME cryptographic signature ___ Help us build a comprehensive Cla

Re: [clamav-users] Configure Options For Minimal Install

I’ll let someone from the team chime in here, but it’s always better to come to the mailing lists than to go to Github. We’ll see it either way, but more people are here. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos > On Jan 21, 2015, at 4:26 PM, E R wrote: >

Re: [clamav-users] clamav-virusdb on lurker

Al, Not sure what the issue is here. The archives are all here though: http://lists.clamav.net/pipermail/clamav-virusdb/2015-January/thread.html There is nothing stuck in the queues, so all the emails have pushed. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos On Jan

Re: [clamav-users] clamav-virusdb on lurker

OH, I see what you are saying. Sorry about that. Let me look into this. > On Jan 26, 2015, at 6:41 AM, Walter Bürger wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Remarkable, > > I can see my last mail to the list on > https://www.mail-archive.com/clamav-users@lists.clamav.

Re: [clamav-users] clamav-virusdb on lurker

list archives and eliminate the separate need for “lurker”. It’s a rough sketch at this point, and it’ll take some time to find all the links that track back to lurker, so if you manage to find one, please let me know and we’ll get it taken care of. -- Joel Esler Open Source Manager Threat

Re: [clamav-users] About new samples at clamav website.

Can you give me a 256 of a couple samples? > On Jan 26, 2015, at 1:08 PM, Wagner De Queiroz > wrote: > > Dear users. I receive new viruses (Brazilian malware trojans) all day, and > I submit to clamav, but my submissions never appear at virus list. I like > to suggest at clamav page to submit

[clamav-users] ClamAV® blog: ClamAV 0.98.6 has been released!

lamAV 0.98.6: Sebastian Andrzej Siewior Felix Groebert Kevin Szkudlapski Mark Pizzolato Daniel J. Luke Please download the latest release of ClamAV from 0.98.6 from our download page<http://www.clamav.net/download.html>. -- Joel Esler Open Source Manager Threat Intelligence Team

Re: [clamav-users] I have some queries about ClamAV

I believe I emailed this privately to you. ClamAV can have the ability to quarantine an infected file if it finds one. We don’t know what you mean by the word “cure”. Can you elaborate what you mean there for the group? -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos

Re: [clamav-users] About new samples at clamav website.

kind, after 20 submissions, I'll send you a brand new (just had them made) ClamAV Tshirt. How does that sound? -- Joel Esler Sent from my iPhone On Jan 28, 2015, at 6:23 AM, Walter Bürger mailto:walter.buer...@arscons.de>> wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all

Re: [clamav-users] Offline updates

The VirusDB files are listed on that page. However, it is highly recommended that you use freshclam to update. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos > On Dec 3, 2014, at 1:57 AM, Pascal wrote: > > Hi, > > I found this on http://www.clamav.n

Re: [clamav-users] ExtraDatabase question

The feature still exists. However, I don’t believe we distribute any “ExtraDatabase”s on the mirrors. > On Jan 29, 2015, at 7:05 AM, Dennis Peterson wrote: > > Is this a deprecated feature we can/should ignore? > > dp > ___ > Help us build a comp

Re: [clamav-users] certificates

I'll get this fixed up. Thanks all. -- Joel Esler Sent from my iPhone On Feb 9, 2015, at 6:12 AM, Steve Basford mailto:steveb_cla...@sanesecurity.com>> wrote: On Mon, February 9, 2015 11:03 am, Al Varnell wrote: Yes, I'm seeing the same thing with Safari for OS X. I also g

Re: [clamav-users] Mirrors 65.19.179.67

> On Feb 12, 2015, at 4:51 AM, Al Varnell wrote: > > I believe this has come up a few times before, but it has never been resolved. > > The mirror status page vanished when the new web site rolled out. It wasn’t > always accurate, but at least there were some clues there. Is there any > cha

Re: [clamav-users] Mirrors 65.19.179.67

This mirror has been removed. > On Feb 12, 2015, at 6:46 AM, Joel Esler (jesler) wrote: > > >> On Feb 12, 2015, at 4:51 AM, Al Varnell wrote: >> >> I believe this has come up a few times before, but it has never been >> resolved. >> >> The mirr

Re: [clamav-users] daily.cvd out of date?

I just did the same operation and pulled this mornings. Can you try again? > On Feb 26, 2015, at 10:50 AM, Smith, David wrote: > > Just did a wget http://database.clamav.net/daily.cvd and am getting a > daily.cvd dated Aug 28 is there something going on with the servers??? > > [root@SOMES

Re: [clamav-users] daily.cvd out of date?

.@fsu.edu (850)644-2591 > Information Technology Services Florida State University > > > -Original Message- > From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf > Of Joel Esler (jesler) > Sent: Thursday, February 2

Re: [clamav-users] daily.cvd out of date?

Who says we don’t? :) But you may be seeing different results than what we see. It’s the internet. > On Feb 26, 2015, at 12:41 PM, G.W. Haywood wrote: > > Hi there, > > On Thu, 26 Feb 2015, Joel Esler wrote: > >> Which mirror(s) do you suspect to be out of sync?

Re: [clamav-users] daily.cvd out of date?

Believe the problem has been rectified. Thank you for pointing it out. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos Security Intelligence and Research Group On Feb 26, 2015, at 12:23 PM, Smith, David mailto:drsm...@fsu.edu>> wrote: Looks to be database.clamav.ne

Re: [clamav-users] Unsubscribing From Update List?

I assume by "update list" he means the virusdb list. Which Doug linked to. -- Joel Esler Sent from my iPhone On Mar 8, 2015, at 10:35 PM, Al Varnell mailto:alvarn...@mac.com>> wrote: That's the database list. The user list is: <http://lists.clamav.net/cgi-bin/mailm

Re: [clamav-users] daily.cvd out of date?

David, I forwarded this on to the ops team for a look. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos Group On Mar 16, 2015, at 8:51 AM, Smith, David mailto:drsm...@fsu.edu>> wrote: Jason, Can you PLEASE pull mirror 150.214.142.197 out of your lists??? Note the

Re: [clamav-users] daily.cvd out of date?

Just as a follow up — After some troubleshooting, we’ve removed this one from the mirror pool. Thanks David. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos Group On Mar 16, 2015, at 9:14 AM, Joel Esler (jesler) mailto:jes...@cisco.com>> wrote: David, I forwarde

Re: [clamav-users] ClamXav and Compressed Files

Dmg scanning was added a couple of versions back. -- Joel Esler Sent from my iPhone On Mar 27, 2015, at 3:11 AM, Al Varnell mailto:alvarn...@mac.com>> wrote: On Thu, Mar 26, 2015 at 11:17PM, Dennis Peterson wrote: Forgot to include dmg files are as described when mounted - else they ar

Re: [clamav-users] ClamXav and Compressed Files

without having a "sig". Many milters will do the same without invoking clamav, so that's of limited value. A feature is a feature to someone. Not everyone finds it useful, but for the 10 people that do, it’s the most important thing to them. -- Joel Esler Open Source Manage

Re: [clamav-users] Clamscan infection that is not infected

ND If you believe you have a false positive, please submit it here: http://www.clamav.net/report/report-fp.html -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos Group ___ Help us build a comprehensive ClamAV guide: https://github.

Re: [clamav-users] Clamscan infection that is not infected

Oh, sorry, didn’t see that Alain wrote this. Apologies. > On Apr 15, 2015, at 9:52 AM, Alain Zidouemba > wrote: > > Can you provide a checksum for your sample? > > Thanks, > > - Alain > > On Wed, Apr 15, 2015 at 9:50 AM, sanes wrote: > >> Why does clamscan show this file infection, but a

Re: [clamav-users] Clamav jar file

What are you referring to when you say “ClamAV Jar file”? -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos Group On Apr 20, 2015, at 5:06 PM, Senthil Kumar M mailto:reachsen...@gmail.com>> wrote: Hi, I want to know how to get the Clamav jar file through Maven PO

[clamav-users] ClamAV® blog: ClamAV 0.98.7 has been released!

> http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html > > ClamAV 0.98.7 is here! This release contains new scanning features > and bug fixes. > > - Improvements to PDF processing: decryption, escape sequence > handling, and file property collection. > - Scanning/analy

Re: [clamav-users] ClamAV on XP

You may also want to use a version of Windows that has support. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos Group On May 6, 2015, at 3:20 AM, Al Varnell mailto:alvarn...@mac.com>> wrote: You might find ClamWin easier to use <http://www.clamwin.com> -Al-

Re: [clamav-users] http://www.stats.clamav.net

That server is working off of old data. We haven’t built an interface for the new system yet. We actually need to take this old system down, and will when people transition to the newer versions of ClamAV. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos Group On May 6

[clamav-users] Fwd: [Community-sigs] Create your own ClamAV signatures with CASC

Sending this over to the users list as well: Begin forwarded message: From: Alain Zidouemba mailto:azidoue...@sourcefire.com>> Subject: [Community-sigs] Create your own ClamAV signatures with CASC Date: May 14, 2015 at 9:57:00 AM PDT To: ClamAV Community Signatures Submission List mailto:commun

[clamav-users] ClamAV® blog: Lurker is going End of Life

sdb list when the db updates are pushed. We plan on brining lurker down and changing the links in the alert emails on Friday, May 22, 2015. Please be patient with us as we remove this system from the ClamAV network. -- Joel Esler Open Source Manager Threat Intelligence T

Re: [clamav-users] ClamAV® blog: Lurker is going End of Life

Here’s May’s archive: http://lists.clamav.net/pipermail/clamav-virusdb/2015-May/thread.html You can get to any of the archives here: http://lists.clamav.net/pipermail/ We’ll also be changing the links in the virusdb announce emails to point these archives. -- Joel Esler Open Source Manager

Re: [clamav-users] unsubscribe

Why don’t you have access to the manual on github? > On May 27, 2015, at 1:21 PM, Cmos35 wrote: > > Good evening, > > Excuse me to come to you through this mail but the question that I asked her > begone find answers regarding freshclam.conf configuration and more because I > do not have acce

Re: [clamav-users] malware Html.Exploit.CVE_2015_0045

http://www.clamav.net/report/report-fp.html -- Joel Esler Sent from my iPhone On May 29, 2015, at 7:21 AM, Paul Martin mailto:paul.martin.b...@gmail.com>> wrote: Hello, I have many false positive when clamav detects "malware Html.Exploit.CVE_2015_0045", what can I do to

Re: [clamav-users] PUA and file descriptions

We implemented a naming convention about 3 years ago that we’ve been using since, things named before that were named.. somewhat loosely. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos Group http://www.talosintel.com On May 28, 2015, at 2:50 PM, Al Varnell

[clamav-users] ClamAV® blog: ClamAV 0.99b Meets YARA!

/. Please read more here: http://blog.clamav.net/2015/06/clamav-099b-meets-yara.html Since this is such a large feature, please help us by downloading, using, and testing this feature and reporting bugs via our usual methods here: http://www.clamav.net/contact.html -- Joel Esler Open Source

Re: [clamav-users] DAT File License

Gpl v2 -- Joel Esler Sent from my iPhone On Jun 13, 2015, at 6:54 PM, Trevor Vaughan mailto:tvaug...@onyxpoint.com>> wrote: Hi All, I apologize if I missed this, but I've checked through various FAQs and have not been able to determine what license the DAT files fall under. If

Re: [clamav-users] clamav-users Digest, Vol 129, Issue 18

On Jun 26, 2015, at 4:25 AM, Saeed Shaikh mailto:saeed_su...@yahoo.com>> wrote: Can we get the status plx The status of what? -- Joel Esler Manager, Threat Intelligence Team & Open Source Talos Group http://www.talosintel.com ___ Help

Re: [clamav-users] Freshclam Question

n Federation 194.8.197.22 - Europe - Germany 78.46.84.244 - Europe - Germany Not sure why, other than perhaps US code needs a lot of mirrors, so some have been placed outside US. One for the team I think to answer. Cheers, We’ll take a look at this and follow up. Thanks. -- Joel Esler Man

Re: [clamav-users] gpg key

er stuff. Anyway, we’re going to put it on the main site. Also going to move the downloads off of SourceForge. No time frame yet. -- Joel Esler Manager, Threat Intelligence Team & Open Source Talos Group http://www.talosintel.com ___ Help us build

Re: [clamav-users] FP Detection / Reclassify Request

I’ve so marked it. -- Joel Esler Manager, Threat Intelligence Team & Open Source Talos Group http://www.talosintel.com ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml

Re: [clamav-users] gpg key

Noticed that when I was poking around. -- Joel Esler Manager, Threat Intelligence and Open Source Talos Group Sent from my iPhone On Jul 17, 2015, at 9:10 AM, Bowie Bailey mailto:bowie_bai...@buc.com>> wrote: On 7/16/2015 7:33 PM, Joel Esler (jesler) wrote: On Jul 16, 2015, at 2:45 PM,

Re: [clamav-users] Unable to detect pdf virus

So you generated a brand new malicious pdf? (Trying to understand what the question is) Did you submit said malicious pdf to us? Perhaps you could write your own detection and submit it to us via the community signature program? -- Joel Esler Manager, Threat Intelligence and Open Source Talos

Re: [clamav-users] Fwd: Unable to detect pdf virus

Can you provide us with the hash for the file? -- Joel Esler Manager, Threat Intelligence and Open Source Talos Group Sent from my iPhone On Jul 28, 2015, at 7:43 AM, P K mailto:pkopen...@gmail.com>> wrote: Sure. I uploaded same. I wanted someone else to try to make sure its issue with

Re: [clamav-users] ftp.heanet.ie mirror problem

ACK on this guys. A lot of the guys are on the way to Vegas, or will be tomorrow. I’ve forwarded this email to the correct people in order to get things fixed. -- Joel Esler Manager, Threat Intelligence Team & Open Source Talos Group http://www.talosintel.com On Aug 4, 2015, at 7:47 PM

Re: [clamav-users] DB update and clamav-milter delay

Al, Thanks for brining that up. Once a minute? That’s fairly excessive. Once an hour is appropriate… Overdoing it, but more appropriate. Keep in mind that the mirrors are donated to ClamAV and the bandwidth you are consuming is probably fairly heavy. If everyone did that…. -- Joel Esler

Re: [clamav-users] DB update and clamav-milter delay

atures? Don’t want to speak for the ClamAV team, but I’m sure they’d be welcome with ideas and feedback if you file a bug in the bugzilla system -- Joel Esler Manager, Threat Intelligence Team & Open Source Talos Group http://www.talosintel.com __

[clamav-users] ClamAV® blog: ClamAV.org relaunch, now with on page downloads!

t release, all current beta and development releases, as well as previous stable releases. Please be sure and report any bugs you may find to the web team here at ClamAV at: talos-...@cisco.com<mailto:talos-...@cisco.com> -- Joel Esler Manager, Talos Group

Re: [clamav-users] [Clamav-announce] ClamAV® blog: ClamAV.org relaunch, now with on page downloads!

On Oct 15, 2015, at 4:32 PM, Quanah Gibson-Mount mailto:qua...@zimbra.com>> wrote: --On Thursday, October 15, 2015 9:07 PM + "Joel Esler (jesler)" mailto:jes...@cisco.com>> wrote: http://blog.clamav.net/2015/10/clamavorg-relaunch-now-with-on-page.html Cl

[clamav-users] ClamAV® blog: ClamAV 0.99 Release Candidate has been posted!

Parker Andreas Schulze Yann E. Morin Andreas Cadhalpun Dmitry Marakasov Michael Pelletier Felix Groebert -- The ClamAV team (http://www.clamav.net/about.html#credits) -- Joel Esler Manager, Talos Group ___ Help us build a comprehensive ClamAV gui

Re: [clamav-users] 2 questions

Never mind, found it, has been updated. -- Joel Esler Manager, Talos Group On Nov 9, 2015, at 11:31 PM, Joel Esler (jesler) mailto:jes...@cisco.com>> wrote: Where do you see this documentation? I’ll get it changed. -- Joel Esler Manager, Talos Group On Nov 9, 2015, at 4

Re: [clamav-users] 2 questions

Where do you see this documentation? I’ll get it changed. -- Joel Esler Manager, Talos Group On Nov 9, 2015, at 4:10 AM, Michiel van Es mailto:m...@pragmasec.nl>> wrote: Hi, I got 2 questions: 1) I saw in the clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.

Re: [clamav-users] old stuff from Windows95

Please submit false positive reports on the website. http://www.clamav.net -- Joel Esler Manager, Talos Group Sent from my iPad On Nov 16, 2015, at 1:55 PM, ellanios82 mailto:ellanio...@gmail.com>> wrote: Hello List , - on my Linux desktop PC , i have some old Windows95 stuff still

Re: [clamav-users] LibClamAV Warning in conjunction with SWF Files

owever, when inflated, only equalled 486465. -- Joel Esler Manager, Threat Intelligence Team & Open Source Talos Group http://www.talosintel.com ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.

Re: [clamav-users] several malware samples, clamav doesn't detect

Depends on a number of factors. It may help us if you are looking into a particular threat is to provide us the hash of the file so we can look at it specifically. That being said, we're out of the office until Jan 4. -- Joel Esler Manager, Talos Group Sent from my iPhone On Dec 24,

Re: [clamav-users] several malware samples, clamav doesn't detect

We wouldn't be examining the zip files anyway. Just the files inside. Since ClamAV decompressed the zip file. -- Joel Esler Manager, Talos Group Sent from my iPhone On Dec 24, 2015, at 8:05 PM, Al Varnell mailto:alvarn...@mac.com>> wrote: Surely you cannot mean that all of thos

Re: [clamav-users] several malware samples, clamav doesn't detect

Well, from the look of the email below, it's probably Dridex. Which means it's probably a word based macro downloader. -- Joel Esler Manager, Talos Group Sent from my iPhone On Dec 25, 2015, at 3:24 AM, Al Varnell mailto:alvarn...@mac.com>> wrote: I’m a novice at signat

Re: [clamav-users] ClamAV not detecting viruses

We receive millions of samples a day. Bringing the shas or md5 of the file to the list helps us look at what you guys are seeing. -- Joel Esler Manager, Talos Group Sent from my iPhone On Jan 1, 2016, at 12:37 PM, Andrew Wood mailto:andrewjamesw...@ymail.com>> wrote: On 01/01/16

Re: [clamav-users] Is it a real attack?

You didn't attach anything. -- Joel Esler Manager, Talos Group Sent from my iPhone On Jan 17, 2016, at 10:47 AM, Jota Pe mailto:jotape1...@yahoo.com>> wrote: I performed a ClamAV scan of all my desktop PC and the result (it is attached) tells me about some possible infection

Re: [clamav-users] Win.Adware.Softpulse-215 FP

I have been told that all of these have been corrected already. -- Joel Esler Manager, Threat Intelligence Team & Open Source Talos Group http://www.talosintel.com On Jan 18, 2016, at 1:51 AM, Al Varnell mailto:alvarn...@mac.com>> wrote: I’m hearing from a couple of ClamXav users th

Re: [clamav-users] Virus-Datebase-Updates?

. -- Joel Esler Manager, Threat Intelligence Team & Open Source Talos Group http://www.talosintel.com On Jan 17, 2016, at 11:45 PM, Walter H. mailto:walte...@mathemainzel.info>> wrote: Hello, I want an explanation, why not adding? (as this would bring ClamAV into a total wrong view: &q

Re: [clamav-users] Win.Adware.Softpulse-215 FP

emoved, so I’ll try to pursue that > last one. > > But now those three files are being identified as Win.Trojan.Agent-953878. > Should I resubmit the file with that infection name? > > -Al- > > >> I have been told that all of these have been corrected

Re: [clamav-users] Win.Adware.Softpulse-215 FP

and scan the billions of malware samples we have every time we push an update. -- Joel Esler Manager, Talos Group On Jan 21, 2016, at 7:46 AM, Al Varnell mailto:alvarn...@mac.com>> wrote: Done. -Al- On Jan 21, 2016, at 4:06 AM, Joel Esler (jesler) wrote: Please? Sent from my iPho

Re: [clamav-users] ClamAV DB support

You could just Use ClamAV. -- Joel Esler iPhone On Jan 27, 2016, at 4:50 AM, Matus UHLAR - fantomas mailto:uh...@fantomas.sk>> wrote: On 20.01.16 19:02, Julian DeMille wrote: Would it possible for me to use the ClamAV virus DB to supply my new program with virus definitions? do yo

Re: [clamav-users] Freshclam Non-repudiation

We are more than willing to work with any 3rd party signature house to incorporate the detection into the official DB. -- Joel Esler Manager, Talos Group On Jan 29, 2016, at 5:53 PM, Benny Pedersen mailto:m...@junc.eu>> wrote: On 2016-01-29 23:28, Al Varnell wrote: Not sure how you

Re: [clamav-users] undefined signature ? Win.Trojan.Win64-166

Unfortunately, the system that presently publishes the ruleset (which we are building a replacement for (more details to come)), and sends the email, does not perform this function as a single step. Someone may have published without clicking the “send email” button. -- Joel Esler Manager

Re: [clamav-users] Successfully processed

We're double checking everything. Thanks for your patience. -- Joel Esler iPhone On Feb 15, 2016, at 4:53 AM, Mark Allan mailto:markjal...@gmail.com>> wrote: Hi, I've been getting this for a few days. The first time I received it, the rogue sig was removed from the DB sh

Re: [clamav-users] Successfully processed

Gerald, We need to verify that we've received your file, and this is something we are working on. That being said, we receive millions of samples a day, so it helps, if you want to point out the hash of the file to us on the list, we can get to it. -- Joel Esler Manager, Talos Group

Re: [clamav-users] Successfully processed

That's preferable. But any hash will do. -- Joel Esler Manager, Talos Group Sent from my iPad On Feb 15, 2016, at 10:53 AM, "gerald.ve...@gmail.com<mailto:gerald.ve...@gmail.com>" mailto:gerald.ve...@gmail.com>> wrote: Hi Joel! Of course, I understand! What has

Re: [clamav-users] FP System

There actually is :). There are at least four parts to the FP reporting system, and I have my team on it. -- Joel Esler Manager, Talos Group On Feb 16, 2016, at 6:17 AM, Al Varnell mailto:alvarn...@mac.com>> wrote: Agree. We’ve been saying this for a couple of days now and Joe

[clamav-users] ClamAV FP/Malware Submissions

It appears that we have resolved the issue with FP/Malware submissions on ClamAV.net<http://clamav.net>. We apologize for any error and inconvenience. Please let me know if you encounter any other errors. -- Joel Esler Manager, Talos

<    1   2   3   4   5   6   7   8   9   10   >