Hi,
I had recently upgrade to 0.97.8 and having problem scanning a virus within rar
clamscan test.rar
test.rar: OK
If i uncompress it.
clamscan Label_test.exe
test.exe: Win.Trojan.PSW-13 FOUND
I have enabled the below in clamd.conf
ScanArchive yes
ScanPE yes
Did i missed out anything?
regar
> > > Did i missed out anything?
> >
> > clamconf output ?
> >
> > search for libunrar
Don't seem to have that library
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.cl
> > Don't seem to have that library
>
> compiled from source ?
>
> its part of clamav this lib
>
> maybe just have an old lib that is not working with 0.97.8 installed ?
>
> clamconf shows imho compile options, cant remember if it can be
> disabled, since i use gentoo where it works
installed
> > It is not built in the Fedora RPMBuild process as a result. I build
> > my own RPM files and don't include it either.
Would you share your rpm or src with me?
> unrar is free, rar is paid, why the heck rpm have precompiled problems
> is beyong me
I wonder why epol Packager does not enabled
removed by the package maintainer (even though support for rar is still
> included in the clamav code) after we released 0.97.8 and the package
> maintainer updated the package
> 11:32 < nirik> until recently there was no rar support in fedora or epel.
>
>
> On Mon, Jul 8,
Hi,
Just putting across that rar is not a requirement and it is not supported. Only
unrar is, and it is not incorporated in the 0.97.8 epel build.
Thanks
Nic
Regards
Nic
On 8 Jul, 2013, at 11:49 PM, "Dennis Peterson" wrote:
> On 7/8/13 8:39 AM, Nicholas Chua wrote
Hmmm. Isn't there a libunrar?
Regards
Nic
On 9 Jul, 2013, at 11:34 PM, "Joel Esler" wrote:
> We're just going to have to recommend that you build from source on Fedora.
> We'll have to put something on the website about it. The maintainers for
> Fedora will not build unrar into Fedora as it
>
> http://www.rarlab.com/rar/unrarsrc-5.0.7.tar.gz
>
> ignorants
Calling yourself?
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Hi,
I noticed that signatures are missing. Is this normal?
An example.
Purchase Order123.iso: Win.Trojan.Agent-6480597-0 FOUND
Regards
nic
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mai
> What do you mean by missing? It's still in my database...
>
> $ sigtool -fWin.Trojan.Agent-6480597-0
> [daily.hsb]
4c26f2d46400405f253c26e85ceadd51:507904:Win.Trojan.Agent-6480597-0:73
>
> Added by daily 24409 on or about 21 March.
This is the file which is being detected before. Now it is not
>> [root@fantastic Test]# clamscan ../Virus/Purchase\ Order123.iso
>> ../Virus/Purchase Order123.iso: Purchase Order123.com.UNOFFICIAL FOUND
>
> You are using some unofficial signatures, and this one has already
detected that file as infected, so no additional signatures will be checked.
If you
The domain clamav.org is not registered anymore. I did not mantain the
domain since a few months back after I was posted to Malaysia 2 months ago.
regards
---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or
> At 08:47 AM 12/10/2003, Nicholas Chua wrote:
> >The domain clamav.org is not registered anymore. I did not mantain the
> >domain since a few months back after I was posted to Malaysia 2 months
ago.
>
> well, clearly the domain *is* registered, as it's reachable and the
> On Thu, 11 Dec 2003 at 0:47:57 +0800, Nicholas Chua wrote:
> > The domain clamav.org is not registered anymore. I did not mantain the
> > domain since a few months back after I was posted to Malaysia 2 months
ago.
> >
>
> It's a pity that you didn't infor
>I'm sorry to hear that you totally ignored that really important thing
>to us, Nicholas. I have the last question to you: Why did you buy
>www.clamav.org and what was your intention in doing it ?
I am not kidding. Certain parts of Malaysia are still in thick jungles. The
place i am in has electr
Tomasz Kojm wrote:
>> can anyone tell if the 0.51 works with qmail-scanner 1.14?
>
> Yes, it works. The softlimit should be about 10 Mb.
I realised as the database gets bigger it requires more. I am using 16mb now
with about "Known viruses: 2146"
-
any idea?
[EMAIL PROTECTED] root]# freshclamChecking for a new
database - started at Fri Oct 11 19:00:42 2002Current working dir is
/usr/local/share/clamavConnected to clamav.elektrapro.com.Reading md5
sum (viruses.md5): ERROR: Malformed md5 checksum detected.ERROR: Can't get
viruses.md5 s
> It's a bit confused here, from the http://www.clamav.org/snapshot/
> the most recent seem to be clamav-20030317.tar.gz, but I have here a
> snapshot clamav-20030331.tar.gz.
>
Please use the snapshot clamav-20030605.tar.gz from
http://clamav.elektrapro.com. I am in the mist of updating clamav.or
> I appear to be getting a large number of false reports of
> Exploit.IFRAME.Generic in old Mozilla and Netscape cache files after the
> db update on Friday.
That means you are hit by the JS.FORTNIGHT virus. Norton Antivirus picked
them up on my emails when that sig was not added into the db.
--
> I caught it in my Antivirus/File blocking procmail filters, which is how I
> know it got through.
Have you updated your virus def/sig using freshclam? The sig was added some
days back.
> Since I have NO idea how to write an effective signature rule, any chance
> one of you more knowledgeable ty
> If I already have clamav installed and want to install a new snapshot, do
> i just install it like normal and it will overwrite old files? Thanks.
>
That will be alright.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For addi
Well, I have the same problem too.
Symantec Email Proxy deleted the following email message:
From: "Diego d'Ambra" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: RE: [clamav-users] FortNight virus
I got this reply from norton after i enable email scanning immediately after
Fajar wrote his
use the lastest snapshot. 0.54 and below do not have the mirror.txt
- Original Message -
From: "Ed Greenberg" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, June 11, 2003 12:35 AM
Subject: Re: [clamav-users] mirrors.txt
> My /usr/local/share/clamav contains only viruses.db
> I'm not totally convinced.
>
> The files reporting the Exploit.IFRAME.Generic virus are Mozilla cache
> files from Dec 2001 (archived data) and were "OK" last week.
> Now I have over a dozen of them.
> Norton does not find a virus in the same files.
I still do have the files. If you want, i can
The files which i submitted to the virus ml. These files are detected by
norton as Js.Fortnight.
regards
Steven J. Reilly writes:
What files??
Steve
On Tue, 2003-06-17 at 10:32, Nicholas Chua wrote:
> I'm not totally convinced.
>
> The files reporting the Exploit.IFRAME
> Looks like it is catching it today!
> Thanks
If you like, sign up [EMAIL PROTECTED] maillist. Whenever a new
sig is added, you will be informed.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [E
> my qmail just went down this morning
> and it leave this error msgs at smtp log:
>
> @40003ef654c7299bb1fc
X-Qmail-Scanner-1.16:[ns.ck-pttuntex.com10563309394263276] clam_scanner:
corrupt or unknown ClamAV scanner error or memory/resource/perms problem -
exit status 50
>
> and in the clie
Hi list
had tried to make version 0.54 and encountered the following error.
In file included from
zziplib/zzip-dir.c:15:zziplib/zzip-file.h:20:18: zlib.h: No such file or
directorymake[1]: *** [zzip-dir.lo] Error 1make[1]: Leaving directory
`/var/src/clamav-0.54/libclamav'make: *** [all-
> What is your clamav version ? Do you know the exact date when that
happened ?
I think its 23rd June .
Checking for a new database - started at Mon Jun 23 10:16:21 2003
viruses.db is up to date.
ERROR: The checksum of viruses.db2 database isn't ok. Please check it
yourself o
r try again.
Please ignore the previous email. i found the
solution in the archives. sorry.
regards
> Jun 30 10:13:14 mail X-Qmail-Scanner-1.16:
[mail.mydomain.com10569823944261775] clam_scanner: corrupt or unknown ClamAV
scanner error or
> memory/resource/perms problem - exit status 50
If i am not wrong, this question should be asked in the qmail maillist.
Anyway, increase your softlimit to a
> deferral: 1.2.3.4_failed_after_I_sent_the_message./Remote_host_said:_451
> _qq_temporary_problem_(#4.3.0)/
> I am using clamscan 0.54 with qmail and qmailscanner:
> X-Qmail-Scanner-1.15:[] clam_scanner: corrupt or unknown ClamAV
> scanner/resource problems - exit status 50
The solution for this
>Anybody can detect this virus using clamscan command >line?
This virus is Worm.Sobig.C which is already detected by ClamAV. You might be
interested in amavisd-new.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional
someone help me
to verify it?
thanks & regards
nicholas chua
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Hi Jason,
> > After removing the signature for Worm.Nicehello.A everthing works again
> > as before.
>
> I don't know why that might happen, but try this one instead:
>
> Worm/NiceHello
(Clam)=c142d43b0b6f6c612cd3200d51df54126f20656c20b667d1d7ba6f096675656e16710
61d70ad8af606816574692925dededeba61
> I actually use spamassasin. This is the shell script in
> qmail-queue:
> #!/bin/sh
> /opt/spamassassin/bin/spamc -f | /var/qmail/bin/qmail-queue.orig
>
> It works like a charm. But now, I want to use clamav. It´s installed
> and the daemon is running.
>
What i did was to install clamav and spamm
W.D. McKinney wrote:
> Is the MSBlast worm in clamav db2 yet ?
> http://clamav.elektrapro.com/cgi-bin/sendvirus.cgi does not show it ?
If i am not wrong, it is been detected as Worm.Blaster.A
---
This SF.Net email sponsored by: Free pre-built
37 matches
Mail list logo
