Just wondering (i'm trying to understand), my CG Pro and ClamAV find the
virus in the message correctly. The msg is discarded and put in
Quarantine. Ok, so I tried a manual scan afterwards on this .msg file
with clamscan (example below) but it can't find a virus. Is there a
reasonable explanat
Fajar A. Nugraha wrote:
Interesting. Can you make the .msg file available online? I'd like too
see it.
Thanks, it's available at http://pot.catsanddogs.com/~kristof/40820.msg
System is Red Hat 9,
running CgPro and cgpav-1.3
What? A 1.3 already? I didn't know. Thanks for mentioning.
I've only imp
Recently I read somewhere(this list?) about
a website that can send eicar tests in different
formats to an email address. www.testvirus.org.
Tried it too..
Tests 7 and 10 pass through. (but they are catched by our extension filter)
The additional tests that fail are:
#17 Outlook 'Space Gap' vuln
Just informing some of you that the upgrade to 0.66 went good on my RH
9, CGPro 4.1.4, cgpav-1.3a.
Now, something completely different, wouldn't it be usefull to have some
'spare' viruses of the latest detected available somewhere? (web/ftp
site?) Would be a neat way to show management it
Antony Stone wrote:
In other words, a highly risky and rather dangerous way of showing people
something you could fake just as effectively if you want to impress
non-technical management. (If technical management, who can see through
something like this, advocate testing a production system wi
David A. Lee wrote:
I tried using this attachment and it causes my clamscan to report "Malformed
As a quick, temporary fix, you can use the attached file, containing the
Works fine here. I copied the contents into my clipboard and created a
new file with vi while logged into my linux.
I have tracked down the segfault to libclamav/str.c cli_strtok which is
running off the end when called from cl_cvdparse looking for the digital
signature. I am not a C programmer, but it looks like one or more of the
servers has a malformed main.cvd which is breaking the 513 bytes allocated.
Clamd (v067-1) on our CGPro just reported:
Mon Mar 1 14:16:10 2004 -> /tmp/cgpavyuPWe6: Suspected.Zip FOUND
Now, I have searched the mailing list archives and did a "sigtool
--list-sigs | grep -i Suspected" but could not find this anywhere.
Any idea what this might be?
Ps, Bagle.A3 now als
Joe Kletch wrote:
sigtool --list-sigs
Does not work on my install. Is the best way to get this corrected to
upgrade Clam 0.67?
mail burtonmayer.com $ clamd -V
clamd / ClamAV version 0.65
It can't hurt anyway to upgrade to v0.67-1. Maybe try finding it with
'whereis sigtool' (or 'locate sigtool')
Ninetwoaccord wrote:
I wanted to make sure my archive scanning settings
were correct for clamd. I searched these email
archives and found that Archive support should be
turned on (it was) as well as StreamSaveToDisk (it
wasn't). I tested with StreamSaveToDisk and it still
did not find the virus.
Adrian Gurbina (main) wrote:
ccabbccacaa.zip : D:\Attachments\ccabbccacaa.zip is infected with the
[EMAIL PROTECTED] virus output from NAV/Symantec
so clamscan dont know any virus related to Beagle?
i use the latest update related to the virus database
how do we fix this problem?
try out http://ww
Vernon A. Fort wrote:
I noticed that virusdb was updated, according to the clamav-virusdb
list, to daily version 226 but my freshclam is still reporting that 225
is the latest. Am I missing something?
I seem to be having 227 already. ClamAV is v0.70-rc here.
You're not using a proxy or something
Just to inform..
The update to 0.70 (from 0.70rc1) went perfect.
System used is Red Hat Linux 9 and CommuniGate Pro as mailserver. cgpav
1.3 as interface between the 2..
This SF.Net email is sponsored by: IBM Linux Tutori
Ralf Guenthner wrote:
ClamAV update process started at Wed Apr 28 16:00:00 2004
main.cvd is up to date (version: 22, sigs: 20229, f-level: 1, builder:
daily.cvd is up to date (version: 291, sigs: 1072, f-level: 2, builder:
Colin A. Bartlett wrote:
NICE! We do something similar.
I have a script that parses the log file and reads it into SQL. From there,
the rest is easy.
Just some wishfull thinking.. Would any of you care to share some sam
not correct indeed, you're not 'running' v0.71..
freshclam -V
if that doesn't say v0.71, you have got 2 copies of freshclam (and the
others, clamd, etc..) on your system..
try 'whereis freshclam' or 'locate freshclam' to find it out..
Your ClamAV installation is OUTDATED with 0.71
This seems
Just wondering, sometimes a mail slips through with the netsky.z
variant.. clamav detects any virus, except this one, it sometimes
doesn't get caught.
I'm running communigate pro with the cgpav helper on red hat9, clamav is
0.72 and freshclam runs once an hour..
Any idea why this might be?
Trog wrote:
On Fri, 2004-07-30 at 10:17, Giorgio Bellussi wrote:
Online scanner http://www.gietl.com/test-clamav/ doesn't recognize
mabutu.a (same way as clamav-0.75)
clamav-devel-20040728 contains a UPX unpacker, clamav-0.75 does not.
Hence, it is able to unpack the file and finds the worm.
and h
Doug Hardie wrote:
I have been running clamav for quite some time now. For most of that
time I was receiving between 1500 and 2000 viruses per day. However,
lately the number is down to about 200 per day. I don't have any users
complaining about receiving viruses so I don't think there is a p
19 matches
Mail list logo