"?
I also hava a question about "MaxZipTypeRcg".
"MaxZipTypeRcg" is for reanalysis the type of ZIP files, in what case does
reanalysis is performed?
best regards,
Tsutomu Oyamada
___
Help us build a comprehensive ClamAV guide
Hi,
We like to know when a MaxQueue value of configuration file gives any influence
while clamd is scanning.
We are investigating matters of sessions with the following setteings.
Can we confirm MaxThreads by ptree command?
Could you teach us how to confirm behavior of configured value of MaxQueu
Hi, Steve,
Thanks your advice.
We’ll try clamdtop command.
BTW how it affects MaxQueue in clamd?
Best regards,
Tsutomu Oyamada
On Tue, 18 Feb 2014 16:13:15 -0500
Steven Morgan wrote:
> Tsutomu,
>
> Take a look at the clamdtop command. There are also some unix commands that
>
Hi,
A false positive which detects normal file as a malware
"win.Trojan.Bancos-2115" was occurred last week.
It was started CVD version 21359 and was fixed by 21362.
Could you tell us what was the cause of this false positive?
And also, could you tell us what steps do you take to prevent false po
level of tests you make ?
Tsutomu Oyamada
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
There are still positives "Zip.Suspect.MacroDoubleExtension-zippwd".
(see attached file)
To resolve this false positive when it does?
On Wed, 17 Feb 2016 20:16:02 -0800
Dennis Peterson wrote:
> My experience with these kind of failures is that the pattern is not properly
> anchored or the writ
.
Could you tell us the cause of this error and how to solve it?
Best regards,
Tsutomu Oyamada
Promark Inc.
Japan
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
sigs: 53, f-level: 63, builder: neo)
Database updated (4860919 signatures) from m82pxl1g (IP: 192.168.16.80)
Best regards,
Tsutomu Oyamada
Promark inc.
Japan
On Thu, 29 Sep 2016 17:15:01 +0200
Reindl Harald wrote:
>
>
> Am 29.09.2016 um 17:05 schrieb robin.wakefi...@ubs.com:
Sorry,
We were confused.
Version 0.97.8 and is older.
We upgraded the 0.98.1 version of ClamAV.
Once you do so without any problems now.
T.O
On Fri, 30 Sep 2016 12:11:49 +0200
Matus UHLAR - fantomas wrote:
> On 30.09.16 00:01, Tsutomu Oyamada wrote:
> >Following error is showed whe
Hi,
We like to know the Malware Detection Rate of ClamAV.
We are finding "False positive" as ClamAV scanning result in our developing
environment.
It is very rare or allmost nothing for us to find "false positive" from other
vendors AV products
such as Sophos or Symantec in the same environment.
Hi, all.
We are in a problem of detection error (false positive) against a file.
We are receiving complaint for this issue from one of our customers every day.
We put the sample file on http://www.clamav.net/reports/fp 2weeks and more days
ago
at some times.
However, we have not gotten any new c
> -Al-
>
> On Tue, Nov 08, 2016 at 10:52 PM, Tsutomu Oyamada wrote:
> >
> > Hi, all.
> >
> > We are in a problem of detection error (false positive) against a file.
> > We are receiving complaint for this issue from one of our customers every
>
Hi, All.
We know CVD version information is published in DNS TXT record, this
record's TTL values, 1800 seconds is currently is. This value is the
same from the previous?
Also in freshclam download old versions of CVD(one day ago) in local
mirror environment, we will succeed.
I thought I was bou
Varnell wrote:
> I'm having difficulty following some of your questions and have no answers
> yet, but what exactly is your mirror environment (IPs)?
>
> Sent from Janet's iPad
>
> -Al-
>
> On Nov 23, 2016, at 7:10 PM, Tsutomu Oyamada wrote:
> > Hi, All.
In the present situation fail.
However, it did not fail one month ago.
I do not have log had been successful.
Want to know why should I fail to have succeeded in that.
On Thu, 24 Nov 2016 01:19:20 -0800
Al Varnell wrote:
> What is no longer working fine now?
>
> Do you have some example freshc
icult for you to explain in what is to you a foreign language, but I
> don't think we are able to figure out just what is not working ...
>
> Tsutomu Oyamada wrote:
>
> > In the present situation fail.
>
> What is failing ?
>
> Does your local mirror upda
e you ran freshclam from a client computer on your local network.
>
> -Al-
>
> On Fri, Nov 25, 2016 at 01:57 AM, Tsutomu Oyamada wrote:
> >
> > Sorry,
> >
> > The part of freshclam log is as follows;
> >
> > ClamAV update process started at Sat No
Hi, all.
I have a question about the error which is caused by the shotage of the size
acquired by mpool_malloc function on clamd version 0.97.8.
the message:
mpool_malloc(): Attempt to allocate 8388608 bytes. Please report to
http://bugs.clamav.net
This error does not exist in version 0.98 and
Hi, all.
We are using clamd 0.99.2 with PCRE.
The required time for scan varies significantly by the CVD version.
Does the the required time for scan depend on the number of signatures for PCRE
which are inside the CVD?
When we use clamd without PCRE, the required time for scan are not so differe
Hi,
The false positive for omni.ja is still ocurring.
I have been reported this many times, but it has not fixed yet.
I have been troubled with this issue.
What am I supposed to do?
On Sat, 23 Sep 2017 09:53:30 -0400
Gene Heskett wrote:
> On Saturday 23 September 2017 03:59:17 Al Varnell wro
sted as dropped by ClamAV yet.
>
> Different versions of Firefox on different platforms.
>
> -Al-
>
> On Thu, Oct 19, 2017 at 10:24 PM, Gene Heskett wrote:
> On Friday 20 October 2017 00:24:20 Tsutomu Oyamada wrote:
> Hi,
>
> The false positive for omni.ja is st
or the file you submitted.
>
> Sent from my iPhone
>
> -Al-
> --
> Al Varnell
> Mountain View, CA
>
> > On Oct 23, 2017, at 9:50 PM, Tsutomu Oyamada
> > wrote:
> >
> > Hi, Joel.
> >
> > Thank you.
> > The issue of fals
Thank you Joel.
On Wed, 25 Oct 2017 13:05:42 +
"Joel Esler (jesler)" wrote:
> This has been dropped as well.
>
> --
> Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com>
>
>
>
>
>
>
> On Oct 24, 2017, at 5:11 AM,
Hi,
It looks like that Updating of CVD in database.clamav.net is not working
(stopping).
Do you have any trouble problem happened?
We are in Japan, and it set CNAME for database.clamav.net as
db.jp.clamav.net.
db.jp.clamav.net has 4 IP addresses and those are working in roundrobin.
Every sites ar
Hi all,
It's also talked about in this thread
CVD version 26199 causes the following error in ClamAV version 0.99.2:
Can't open file or directory ERROR
We have identified the signature of the problem in CVD version 26199.
Win.Loader.Boxter-9870959-0
If you ignore this signature, you can scan w
Hi, all.
I hava a question about ClamAV 0.104.2 on IBM AIX7.3 system.
It takes time to scan PDF files by clamdscan.
it takes about 8 seconds to scan PDF file(total 645 page).
(sample file is here: https://www.uinet.or.jp/LPBB0010-10.pdf)
# /opt/freeware/sbin/clamd -V
ClamAV 0.104.2/26663/
How do I set up clamd?
Setting MaxFileSize to "0" is unlimited, but internally files larger than 2GB
in size cannot be scanned.
In this case, do you treat the file as clean without scanning it at all?
___
Manage your clamav-users mailing list subscrip
(micasnyd\) via clamav-users"
wrote:
> > Tsutomu Oyamada asked what actually happens when a large file is
> > scanned, not why the limit is there.
>
> The default behavior is to treat the file as clean if any of the scan limits
> are exceeded (scan time, scan size, file siz
Hi all,
We use the services of clamd to scan files.
The version of clamd is 0.103.4.
After scanning some files, it will be "Can't allocate memory ERROR". However,
with 24GB of memory on the system, there is no possibility of running out of
memory. I have tried it on several systems, but I think
52.zip
> lwiservice.exe
> NativeFile.dll
> org.eclipse.core.filesystem.win32.x86_1.1.0.v20070510.jar
>
> Thanks,
> Andy
>
>
> From: clamav-users on behalf of
> Tsutomu Oyamada
> Sent: Wednesday, February 1, 2023 8:36 AM
> To: Cla
2023:02:16 07:35:28
End Date: 2023:02:16 07:35:55
# freshclam -V
ClamAV 0.104.2/26814/Thu Feb 16 03:40:04 2023
After all, isn't something wrong?
On Thu, 9 Feb 2023 15:06:16 + (GMT)
Andrew C Aitchison via clamav-users wrote:
>
> On Thu, 9 Feb 2023, Tsutomu Oyamada wrote:
>
Hi, all
We received following report from one of our users.
The user is uisng Clamd0.103 on AIX7,2.
When clamd with the option "ArchiveBlockEncrypted" ON scans a specifc PDF which
is locked for editing, it is detected as "Heuristics.Encrypted.PDF FOUND".
The PDF is locked for editing, but not lo
Hi,
Thank you for your reply.
I understood very well.
It was useful to me.
Regards,
T.O
On Wed, 11 Oct 2023 15:40:37 +0300
Maxim Britov via clamav-users wrote:
> On 10.10.2023 13:32, Tsutomu Oyamada wrote:
> > Hi, all
> >
> > We received following report from one of our u
Hi, all.
I have two question about the clamdscan;
1) Does the clamd skip scanning the files which are scanned before?
I want to know if the clamd remember which files are scanned, and skip them
when the scan is performed again.
2) Is there any case that a file is locked by the clamd (user cann
ed
> it being locked.
>
> Sent from my iPad
>
> -Al-
>
> > On Mar 15, 2018, at 1:12 AM, Tsutomu Oyamada
> > wrote:
> >
> > I have two question about the clamdscan;
> >
> > 1) Does the clamd skip scanning the files which are scanned b
Hi Micah
It seems that the scanning slow down issue of this time has been solved
at some level with CVD Update of the other day.
However, there is still big discrepancy in between the current condition and
the last condition in one month ago.
DateFiles Scan time
2019/02
Hi, all
I am trying to build ClamAV 0.101.3 on AIX6.1.
I did the following procedure, but it fails to make.
What can I do?
Excuse me in a long sentence below.
1. Download clamav-0.101.3.tar.gz package.
2. Extract package.
3. Execute configure
AR="/usr/bin/ar -X64" LDFLAGS="-maix64 -Wl,-bbigtoc -
Hi Micah,
I'm sorry for the slow response.
It was another issue on AIX6.1, but your advice was helpful in AIX7.1.
I was able to build correctly in my environment.
Thank you so much.
Regards,
Tsutomu Oyamada
On Tue, 13 Aug 2019 16:14:48 +
"Micah Snyder \(micasnyd\) via clamav-user
Hi, all.
Let me know about the clamd process boot sequence on Linux.
There are two processes temporarily at clamd startup, is this a specification?
Is this going to be three or more?
On my system, after booting, it is in a state of following a few seconds.
ps -aux
root 75687 100 44.2 94412
nding on the system.
If the clamd process is using an official CVD file, it will require 2GB
or more of the system's memory.
Thank you so much.
Betregard,
T.O.
On Mon, 20 Apr 2020 14:21:00 +0100 (BST)
"G.W. Haywood via clamav-users" wrote:
> Hi there,
>
> On Mon, 20 Ap
Hi, Mark
Thank you for your reply.
The RAM size of my system is 4GB.
I think it's not a system spec issue, it's a CVD issue.
This is because an event occurred in the CVD update.
Regards
T.Oyamada
On Sat, 31 Oct 2020 14:10:29 +
Mark Fortescue via clamav-users wrote:
> How much memory is a
41 matches
Mail list logo
