ordpress... ;)
On a side note it's rather curious that wordpress, which advertise
itself as an OSS project is actually shipping lamed/obfuscated code.
Oh well...
Apologies again,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.
Trojan.Downloader.JS.Agent-2 (and 1) hit a load of
> legimate sites. Haven't bothered to report since noone has complained that
> surfing is affected.
Guys,
You should update your virus db more often.
This has been fixed 2 days ago.
-aCaB
___
Henrik K wrote:
> On Wed, Apr 09, 2008 at 03:53:16PM +0200, aCaB wrote:
>> Henrik K wrote:
>>>> But I have another one, also without PUA ;-)
>>>> http://www.beta.wetter.com/lib/js/1d7c7a52.js -->
>>>> Trojan.Downloader.JS.Agent-2
>>>>
Henrik K wrote:
> On Wed, Apr 09, 2008 at 04:49:17PM +0200, aCaB wrote:
>> Henrik K wrote:
>>> On Wed, Apr 09, 2008 at 03:53:16PM +0200, aCaB wrote:
>>>> Henrik K wrote:
>>>>>> But I have another one, also without PUA ;-)
>
the bug was fixed in
revision 3819.
aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
ease a CVS for the same?
Hi ANANT,
The bug is fixed in SVN, please give it a try.
aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
gt; unpack it to try to see if the code does contain any malicious content.
Hi Steve,
Thanks for the report, however the bad signature was removed ~30 hours ago.
You'd better run freshclam more often.
-aCaB
___
Help us build a comprehensive ClamAV g
.so.1
>
> do you actually have the symbols?
Guys please check this:
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1038
There's a patch attached to solve this compilation issue.
Sorry for the trouble,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
GMT with daily update 7388.
Apologies.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
Marcus Neukert wrote:
> Forwarding to clamav-users-list, hoping for an answer ...
Please take a look at
http://lurker.clamav.net/message/20080129.163022.5183157e.en.html
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.
nloading the tarball with the
database, use svn. It's exactly the same stuff.
Your choice.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Hi all,
This is been worked around with a signature update (daily 8262).
A definitive (in-the-code) solution will be inculded in 0.94.1
Thanks everyone,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http
you can try passing -fdpass to clamdscan.
> - Is the solution to launch clamd under my user safe ?
This would work too, however you need to make sure that clamd can access
the database and the log files (if any).
aCaB
___
Help us build a compreh
quot; (often called just "check") or don't bother
with make check at all. :)
Make check doesn't provide any special functionality to the code, it's
just a library to help developing unit_tests.
Cheers,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
u need to create a custom zmd signature.
See http://www.clamav.net/doc/latest/signatures.pdf - paragraph 2.4
Just set the "filename" field to something like ".*\.zip$", "encrypted"
to 0, whatever you like for the "virusname" an
with -O2
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
en if not as a top priority we care about non-gcc compilers.
Cheers,
-aCaB
P.S.: AIX is another platform we are currently unable to test, again
shell access is welcome.
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
st a FYI, you can call libtoolize (or autoreconf) just don't use the
--force option.
-acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
a fix is already scheduled for 0.95
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1194
If you have any suggestions just add them there, thanks.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
ng ? Please clarify.
Hi Babu.N
I would recommend to contact Sensory Networks directly for better support.
Anyway...
The old patch for nodalcore support has been kept in the source code
under /contrib/hwaccel.
It probably doesn't cleanly apply anymore at this point but it shoul
;s definitely not smart
when only a limited number of scanners (2-3) is available.
Please take a look and send back bug reports, comments, suggestions,
requests, patches, flames, whatever.
Thanks,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
etter luck at http://www.webmin.com/
Take care,
acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
mav.net/message/20081205.152347.a7d7c9ee.en.html
for more details.
Cheers,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
-
Try:
host -t txt current.cvd.clamav.net
Should return something like:
current.cvd.clamav.net descriptive text "0.94.2:49:8967:1234189743:1:38"
aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Steve Ladewig wrote:
> The nameservers seem to be out of sync.
Confirmed,
we're working on it.
Thanks!
-acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
aCaB wrote:
> Confirmed,
> we're working on it.
DNS issues should be gone by now.
Cheers,
-acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
;
The bug has just been fixed in svn however there's another bug in clamd
so communication is still broken. This other issue has been located and
it's about to be fixed as well.
Keep an eye at the svn ChangeLog.
Cheers,
-acab
___
Help us
aCaB wrote:
> This other issue has been located and
> it's about to be fixed as well.
Fixed in svn
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Steve wrote:
> Unfortunately, no change.
That's likely because you didn't update the svn checkout or recompiled,
or reinstalled, or restarted the daemons.
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/
Steve wrote:
> send test message to myself, and the mail log shows
Hi Steve,
please try r4793, it should be fixed.
If not please open a proper bug report on the bugzilla.
Cheers,
acab
___
Help us build a comprehensive ClamAV guide: visit h
Steve wrote:
> Yaaay! That's fixed it. Many thanks.
Hi Steve,
Thanks to you for testing the software and reporting problems.
-acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Bill Landry wrote:
> I checked after clamd was stopped, and neither the Pid nor Socket files
> existed, which is probably why they could not be unlinked. Should I
> open a bug about this or is this a known issue?
Yes, please.
-aCaB
___
Help u
like this:
Message from to infected by ClamAV-Test-File
- Full results in a line like this:
Message 7C13E1266B2 from to with subject
'This is a virus' message-id '' date 'Thu,
19 Mar 2009 17:00:54 +0100' infected by ClamAV-Test-File
Do you need more fields?
Cheers
obin, it was not possible to reuse the
3-way splitted (LocalSocket + TcpAddr + TcpSocket) wording from clamd.conf.
With that in mind, unifying clamd to the (very recent) milter syntax
(potentially breaking existing setups) seemed to me not a good idea.
-aCaB
_
Vincent Aniello wrote:
> Since upgrading to clamav 0.95 I am getting the log message "fd[10]: OK"
> appearing in my clamav log file. Clamav is configured to log to syslog.
> Also, I am logging clean messages.
Hi Vincent,
Turn off LogClean in c
on clamd.
All you have to do is to tune clamd.conf so that it suits your needs.
--aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
christian wrote:
> but: how?
The easier option is probably to build clamav-milter from 0.94.2 and use
it together with clamd from 0.95.
http://downloads.sourceforge.net/clamav/clamav-0.94.2.tar.gz
--aCaB
___
Help us build a comprehensive ClamAV gu
and for the great ClamAV.
This is mandated by the safebrowsing ToS:
"Your application is not permitted to show warnings to end users unless
it has requested an update in the last 30 minutes without receiving an
error response."
http://code.google.com/apis/safebrowsing/deve
provided at make-clamav-milter-conf.pl
>
>
> What is the correct syntax for running this script?
https://wiki.clamav.net/Main/UpgradeNotes095
"Just invoke the script with the same parameters you were passing to the
old milter and then review all the preset options to
iginal
filename and its ouptut results in fd[N]: status
--aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
and parse the quantine queue
- probably more...
As you see nothing that can't be done with about 10 lines in a
(shell|perl|python|...) script.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
you require different config options for these (notably
phish detection enabled) then you need two instances.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Stable users, the issue will be fixed in the upcoming 0.95.1 version
which is to be released soon. In the meantime it is recommended to set
LogInfected to Off (the default) or Basic in clamav-milter.conf.
For full details see:
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1522
Thanks,
-aCaB
aintainers and sysadmins can usually do a much better job.
Moreover many scripts were flawed, not very tunable and none of them got
upgraded to the new milter...
At some point people started complaining (search this very ML archives)
and so they got removed.
Incidentally the /contrib dir is never i
he same bug. Grab it here:
https://wwws.clamav.net/bugzilla/attachment.cgi?id=991
--aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Edilmar LISTAS wrote:
> OK, aCaB. I always install from tar.gz file. Then, I may suppose that
> all next versions of tar.gz won't have this clamd script contrib, right?
> Is there some place in Clamav site that I may search for new versions of
> distro compatibility scripts? I
es and postprocess the message based on the X-Virus- headers.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
not to disrupt running
services. We also take limited cpu and ram only when actively compiling
or running tests.
Thanks,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
/var/run/clamav/clamd.sock LogFile /var/log/clamav/clamav-milter.log
Hi Lyubomir,
If you want X-Virus-XXX headers set "AddHeader Yes".
If you want some more info logged from the milter, use "LogVerbose yes".
HtH,
-aCaB
___
variable in clamd.conf with 0.95??
Hi Odhiambo,
There is already an open bug on the bugzilla.
Problem will be fixed in 0.95.1.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
lyubom...@cablebg.net wrote:
> I am executing the following command:
>
> [lyubo...@evaluate ~]$ cat test1.txt | mail -s "Test" root
>
> Where test1.txt is an Eicar test file
See: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1531
Can you please test the SV
t/svn/clamav-devel/trunk/ChangeLog
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
John Goubeaux wrote:
> Has anyone done a successful build of clamAV-0.95 0n Solaris 10 x86 ?
Builds fine for me with gcc:
http://farm.0xacab.net/build/show/2335
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
h
t )
> If yes are there any online faqs about it?
Hi Robert,
your best option is probably to run clamav-milter from 0.94.2 against a
0.95(.1) clamd.
-acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
oticed by ClamAV if the data is corrupted or missing.
So while enabling it on a mail scanner can help filter out a bunch of
junk, turning it on for ordinary filesystems scans can result in a few
false positives.
HtH,
-aCaB
___
Help us build a compreh
reveals a few ready made sendmail quarantine
managers.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
sed later
today or tomorrow, unless some of the tests fail.
-acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
; LogVerbose yes
>
> Can someone please assist.
>
> Regards
Hi Ebrahim,
What's the problem?
It works fine here:
1337ness:/home/acab# grep clamav-milter /var/log/mail.log
Apr 6 15:28:13 1337ness clamav-milter[3546]: Local socket
unix:/tmp/clamd.socket added to the pool (slot 1)
Ap
-seconds, meaning clamav-milter is reporting that clamd is not
> responding or failed.
Fixed in r5030.
Thanks,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
; vir-XYZABC, where XYZABC is a random string. I'd like to preserve the
> original filename, so that I know what has been infected. How do I go about
> doing this?
Hi Aditya,
Please clarify how you are running clamav to scan your files.
This sounds like a 3rd party tool.
--acab
__
log/maillog
In *clamav-milter.conf* set:
LogSyslog yes
LogFacility LOG_MAIL
LogInfected Basic or LogInfected Full
> 2) get more detailed log entries in /var/log/clamav/clamd.log
If "more detailed" means "i want the message id's" then forget
l log should already have logs for each mail passed through your
box. With the above setup Clamav milter additionally tells you which of
those mails were infected.
What am I missing?
-acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
ned by all
> (or maybe none because of whitelisting) of the Milters we have running on the
> system.
Clamav-milter already gives you enough logging options to achieve that.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http
Robert S wrote:
> Is there a missing option in my configs or
You are probably looking for the "AddHeader" option.
--acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
tc/clamav-milter.conf?
For 0.95.1:
http://svn.clamav.net/svn/clamav-devel/tags/clamav-0.95.1/etc/clamav-milter.conf
-acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
r tan the watcher.
Maybe check if a newer version of milter watch is available.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
ation like 0.94. Is that had any option for milter at 0.95.1 to
> do this? Thank.
http://lurker.clamav.net/message/20090326.132413.b9e348ec.hu.html
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
g messages between 09:15:20 and 09:16:37 that were
> silently ignored by the Milter.
No idea TBH... Were they whitelisted?
Try setting LogVerbose yes or increase verbosity in confMILTER_LOG_LEVEL.
--aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Charles Gregory wrote:
> Greetings!
>
Hi,
The right place for malware and suspected malware submissions is:
http://www.clamav.net/sendvirus/
aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clam
guessed, the second db updater added a
non-unique name; not a great issue as both signatures are working.
Anyway it will be fixed in one of the next updates.
Thanks for poining out.
Regards,
acab
---
SF.Net email is sponsored by Shop4tech.com-Low
On 10/19/04 17:26, Pete D wrote:
Hello all.
I just upgraded to the new ClamAV 0.80. I use the
clamscan command along with the --leave-temps flag to
generate the main.db and daily.db files. I am using a
SMTP proxy spam program called ASSP that uses these db
files for preliminary virus detection.
On 11/23/04 09:20, David Wu wrote:
I am not able to have clamd (and clamav-milter) built on BSD/OS 4.2 from
0.8 source, although everything else built and run without problem (after
fiddling with integer type define).
Found in clamd/Makefile the following with the obvious meaning that clamd
not be
On 11/26/04 10:54, David Wu wrote:
Did all that but the end result is the same. I did try to change
config.status and then ran that. clamd did compile but I saw a few lines
of compiler output (probably from the compiling of freshclam) with
-DCL_NOTHREADS in them, so I do not dare use the execut
Some info here:
http://wiki.clamav.net/index.php/Submit%20a%20Bug
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
http://www.clamav.net/3rdparty.html
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
On 01/15/05 23:54, Phil Endecott wrote:
Dear Clam Experts,
I am contemplating adding clam scanning to a web application. Files
that users upload via a web form will be scanned before being stored in
a database. The application is written in C and called by CGI from Apache.
On first looking at
On 04/20/05 12:57, Guillaume Arcas wrote:
Trog a écrit :
We are, of course, also looking for people to volunteer to become sig
makers. Assuming that they have the time and the relevant skills.
How would you define these skills ?
Sorry I'm in a hurry, but just to quote some:
Proper knoweledge and h
On 05/26/05 18:26, guenther wrote:
So ClamAV obviously is meant to trigger on phishing mails, but you don't
want new ones to be reported?
..guenther
Don't mind him, some people never learn.
Yes, please submit your phishing samples using the link on clamav homepage.
Ch
have any idea what is happening and how I can fix it?
> Thanks in advance for your time and consideration. My apologies for such a
> long post, but I wanted to put in all the pertinent information I could
> think of to speed a solution.
>
Regards,
acab
___
http://lurker.clamav.net/list/clamav-users.html
On 09/10/05 11:31, Shahzad Abid wrote:
> Dear All
>
> I am trying to run apcupsd on Slackware 10.0 getting followinf error:
>
> mount -t usbdevfs none /proc/bus/usb
> mount: mount point /proc/bus/usb does not exist
>
> Please HELP!
>
Hello?!?!
This is clamav-users!
Anyway you may want to try
Rickard Vikström wrote:
> Hi
>
> Is there a testmail with sober.{Y,U} ?
> So I can check my ClamAV installation.
>
This in *NOT* a Vx'ing ML.
___
http://lurker.clamav.net/list/clamav-users.html
Phil Schilling wrote:
> On a fresh OS and ClamAV install, I am getting segmentation faults on
> every database reload. I have searched the list messages and Google
> but my search-foo must be weak. I have seen questions but no real
> answers as to how to track down this problem.
>
> OS: NetBS
files to this list.
See http://www.clamav.net/bugs.html instead.
Cheers,
-aCaB
___
http://lurker.clamav.net/list/clamav-users.html
aCaB wrote:
> $ clamscan -v 1EKLBH-0002g4-Ek.eml.bz2
Sorry i used clamscan instead of clamdscan. However works with clamd too.
$ clamdscan 1EKLBH-0002g4-Ek.eml.bz2
/home/acab/1EKLBH-0002g4-Ek.eml.bz2: OK
--- SCAN SUMMARY ---
Infected files: 0
Time: 4.627 sec (0 m
Hi kids.
Is the spam going to last long?
Please keep your OT confined to your own blogs/MLs.
Stop abusing everyone's patience.
-aCaB
___
http://lurker.clamav.net/list/clamav-users.html
gt;
It is.
Nothing we can do about that, sorry.
If you want to test the latest code (we much appreciate that), you may
have better luck with the daily snapshots.
-aCaB
___
http://lurker.clamav.net/list/clamav-users.html
Marco Bisi wrote:
> Hi everybody,
>
> I am running Ubuntu Breezy.
> I have tried to upgrade ClamAV to 0.88 form 0.87 through Synaptic, but
> the (needed) libgmp3 has been renamed by Ubuntu people to libgmp3c2. Is
> there anything I can do to resolve the dependence?
>
> Best regards
>
> marco
Ci
report in more than one year.
Sorry, but to me it makes no sense to remove such a signature.
Regards,
-aCaB
___
http://lurker.clamav.net/list/clamav-users.html
Trog wrote:
> I'd guess it unlikely that a legitimate spreadsheet would try and infect
> a Workbook.
>
> -trog
Sorry Trog,
Didn't notice you had already replied.
___
http://lurker.clamav.net/list/clamav-users.html
Jose Celestino wrote:
> Hello,
>
> anyone know the contact that should be used following the "If you plan to
> submit
> a large number of samples contact us first" on
> http://cgi.clamav.net/sendvirus.cgi?
>
Please contact Luca at clamav.net.
Cheers!
__
.
If that's the case please file a bug report to bugs_at_clamav.net
(remember to encrypt the message with gpg or zip).
So, well... "Clamd is slow" doesn't really give out enough clues to help
you. Please investigate the problem a bit further and see if you can
come up with something
41)... ]
This thingy's not going to work, sorry.
If it's HTML just use a proper TargetType and rely on the ClamAV html
normalizer which will turn all the text into lower case.
If not, bad luck. :(
-aCaB
___
http://lurker.clamav.net/list/clamav-users.html
Nigel Horne wrote:
>
> Did you look in the docs directory that came with the source code?
Look at what? And why?
It's much easier to ask here how to circumvent our license...
It's free software... so it comes with free support, doesn't it?
Blah
___
h
Michael Grant wrote:
> Does anyone know any good independent sites that have reviewed the
> effectiveness of various different anti-virus programs including Clam?
Doing such comparisons is not an easy task.
Results are quite a lot affected by the type of the samples inside the
collection used for
R. Steven Rainwater wrote:
> reported through a more official channel than this list? Is there a
> bugzilla somewhere?
http://bugs.clamav.net
___
http://lurker.clamav.net/list/clamav-users.html
Should really read:
474946383761????44
Take care,
-aCaB
___
http://lurker.clamav.net/list/clamav-users.html
Steve Holdoway wrote:
> Or even
>
> 474946383761??0(0|1)??0044
Nope! Bytes only, no nibbles.
___
http://lurker.clamav.net/list/clamav-users.html
Tomasz Kojm wrote:
> with 0.9x
Indeed! :)
___
http://lurker.clamav.net/list/clamav-users.html
Clamav wrote:
> Hello!
> I only want to report some warning messages during compilation on
Hi Clamav,
we are aware and we'll evenually clean them up.
Thanks for the report,
-aCaB
___
http://lurker.clamav.net/list/clamav-users.html
Odhiambo Washington wrote:
> config.status: error: cannot find input file: libclamav/Makefile.in
Weird! The file's definitely there and wasn't touched in 8 days now...
-aCaB
___
http://lurker.clamav.net/list/clamav-users.html
101 - 200 of 207 matches
Mail list logo
