After building the FreeBSD 0.91.2 port to replace 0.88.5, the milter
shuts down as soon as it starts. Here is the forground output:
blackwidow# /usr/local/sbin/clamav-milter -CNqlo /var/run/clmilter.sock
WARNING: /usr/local/sbin/clamav-milter: running as root is not
recommended (check "User" in
as 13M.
>
> Upon closer inspection, it appears that the clamav-devel/win32/ directory is
> the source of excess.
>
> Is the win32/ directory now a part of the tarball, or is this unintentional?
I thought you would have heard back by now, so I didn't respond, but in
compa
file with ClamXav (OS X) I don’t get any kind of detection.
-Al-
--
Al Varnell
Mountain View, CA
On Oct 8, 2013, at 8:39, Sebastian Cherlo wrote:
> Hello , i'm new in this list , i'll explain my configuration and my problem.
>
> I have a Centos 5.9 server with ClamAV 0.9
tor. I've never seen any
traffic on what goes on behind the scenes with the 119 sites in 44 regions
other than <http://www.clamav.net/mirrors.html> and even that isn't always
completely up-to-date.
> Q3: What to do about the line:
> DNSDatabaseInfo cu
On Oct 11, 2013, at 1:44 PM, Michael Mather wrote:
> On Fri, 2013-10-11 at 12:57 -0700, Al Varnell wrote:
>> I believe the network guru for Sourcefire/ClamAV® is still Ryan Steinmetz
>> .
>>
>> On Oct 11, 2013, at 12:33 PM, Michael Mather
>> wrote:
>&g
erts-me-about-a-file/>.
I’m unable to get my hands on the file since it’s commercial software, but it
would appear that you may already have it from VirusTotal, so I’m wondering if
the signature team can take a look at it based on all of this?
MD5 is obviously: 7d222f07ec08aa
ploit-targeting-microsoft-office-2>.
Did you submit it to virustotal.com?
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
+-> OFFSET: ANY
> +-> DECODED SUBSIGNATURE:
> MM*
> * SUBSIG ID 3
> +-> OFFSET: 0
> +-> DECODED SUBSIGNATURE:
> II*
> * SUBSIG ID 4
> +-> OFFSET: 0
> +-> DECODED SUBSIGNATURE:
> MM*
and yes, I do understand that the actual signature has more too it
eep the
> virus protection?
Sounds like you are in the wrong place. I suspect you downloaded ClamXav which
uses the ClamAV® scan engine.
Support for ClamXav can be found here
<http://www.clamxav.com/BB/viewforum.php?f=1>.
Also, didn't I just answer this question for you in th
.
You should not find any "safebrowsing" signatures in main.c*d or daily.c*d as
they aren't' supplied by ClamAV®
You should not find any "BC" signatures in main.c*d or daily.c*d as they are in
bytecode.c*d
-Al-
--
Al Varnell
Mountain View, CA
___
;
> I wonder how to understand the purpose of the function and troubleshoot this
> code.
Since it isn't part of ClamAV® I think you may have to ask elsewhere.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive
here is no “string”. The heuristics process looks for suspicious formatting,
usually involving an e-mail from a financial institution, but since this
apparently comes from the Google SafeBrowsing folks, I guess you would have to
find a way to ask them.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
.com:www.tdcanadatrust.com/
LibClamAV debug: Lookup result: not in regex list
LibClamAV debug: Phishcheck: Phishing scan result: URLs are way too different
LibClamAV debug: found Possibly Unwanted:
Heuristics.Phishing.Email.SpoofedDomain
-Al-
--
Al Varnell
Mountain View, CA
On Feb 1, 2014, at 1:44 PM, Alex wrote:
> Hi,
>
> On Sat, Feb 1, 2014 at 5:32 AM, Al Varnell wrote:
>>
>> On Jan 31, 2014, at 5:26 PM, Alex wrote:
>>
>>> Hi,
>>>
>>> I found another false-positive, this time with
>>> Heuris
but links to
>> http://ems1.aeroplan.com/a/l.x?t=icholbpbeophbeocnlmimpbc&;
>> M=1&L=2&v=4.
>
> Ah, thanks. I should have known that.
>
> In this case it wasn't intended to be malicious, but I'm surprised
> more legitimate mail isn't tagged for
aily.cld. Can you explain what you mean here?
>
> cd /tmp && sigtool --unpack-current=daily
>
> there you find what you have
Or you can just open daily.cld with a text editor and search for the daily.pdb
section near the bottom.
-Al-
--
Al Varnell
Mountain View, CA
fset or engine version,
> making the detection more reliable. The format is:
>
> MalwareName:TargetType:Offset:HexSignature[:MinFL:[MaxFL]]
>
> where TargetType is one of the following numbers specifying the type of the
> target file:
>
> • 4=Mailfile
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
ot a core clamav pattern
>
> Still, is it not un-needed noise?
I assume you are the one that installed the unofficial signatures, so it's your
noise. ClamAV® isn't responsible for them you need to address it with the
signature authors.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
ndvirus/submit-fp/
> but without the orginial file, all I get is an error message.
> Do I really need to make the customer jump through the hoops?
I'm not a signature writer, but I can't imagine how they would be able to
confirm an FP or modify the signature without the file.
-Al-
--
/SQLiteManager.app
/Applications/iBoard.app
Osx.Virus.Clapzok-3
/bin/cp
Osx.Virus.Clapzok-2
/bin/ls
I’ll submit what I can to the FP site, but even if Alain gives permission to
submit more than two files a day, I doubt that we’ll be able to get them all to
you in a timely manner.
-Al-
--
Al Varnell
is still included in the library so I
don't anticipate any immediate issues for developers or users, but we'll have
to wait for a ClamAV® developer release to be certain and there's no telling
how long Apple will continue to include it. After that I'm sure there will be
po
I need to correct myself on this. The version of OpenSSL that Apple includes
in the current OS X is 0.9.8y 5 Feb 2013. I now see that the previously
reported version was add by me from MacPorts.
-Al-
On Feb 28, 2014, at 2:56 AM, Al Varnell wrote:
>
> On Wed, Feb 26, 2014 at 08:08 AM
et too excited unless you still
haven’t seen something by mid-day tomorrow.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
et too excited unless you still
haven’t seen something by mid-day tomorrow.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
on of the last longer break was that it had to do with the
holidays, but you are correct that it didn't start flowing until somebody
asked and we didn't get an explanation.
-Al-
On 3/3/14 1:26 AM, "Mischa Coenen" wrote:
> Normally I see multiple updates per day, and I agr
not
certain whether it was successful or not.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
at I tried to do something similar last week and my file was
rejected, so I’ll need to ask about that here when I get a chance.
-Al-
--
Al Varnell
Mountain View, CA
On Apr 1, 2014, at 6:10 AM, Andre Hübner wrote:
> Hello,
>
> currently the official download of TeamViewer_Setup_de.exe (
&g
system used with OSX
samples a couple of months ago. It’s probably too early to conclude that the
automated process is inadequate to handle .dmg files, but suggest that it be
looked at. Signature writing is not something I can claim any experience with,
just an observation on my part.
-Al
On Tue, Apr 08, 2014 at 06:38 PM, Gene Heskett wrote:
>
> On Tuesday 08 April 2014 21:36:21 Gene Heskett did opine:
>
>> On Tuesday 08 April 2014 21:08:34 Al Varnell did opine:
>>> A ClamXav user contacted me today that the software he developed,
>>> packaged an
s what it is.
<http://www.clamav.net/sendvirus/> and post the file's MD5 back here.
BTW, rkhunter is at v1.4.2, but will have the same issue.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://githu
On Wed, Apr 09, 2014 at 03:29 AM, ellanios82 wrote:
>
>
> - thanks all : have uploaded rkhunter suspect file
Please post the MD5 of the file you uploaded here.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive Cla
Apparently this didn’t get taken care of last week as I found another
executable that scans as Osx.Worm.Inqtana-3. This time its from the Mac OS X
application Virus Barrier Express in a file named “AntiviralLib”.
MD5=dab8b1e1f94a8f7e074adda235604ebf.
-Al-
--
Al Varnell
Mountain View, CA
On
It appears to have been dropped as of the last update. Thanks for your help.
-Al-
On Mon, Apr 14, 2014 at 01:10 PM, Alain Zidouemba wrote:
>
> Something must have gone wrong as it was set to be dropped. I've just
> dropped the signature again and a new CVD should go out shortly. I
ontains
almost one hundred files that test several aspects of the scan engine and are
exclusive to ClamAV®.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
On May 2, 2014, at 9:32 AM, Greg Mueller wrote:
> CTR-C didn't work nor CTRL-Q
It’s not CTRL-Q, just the Q key.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-
improve that
situation.
Any time I find a situation such as this, I submit the samples to VirusTotal to
validate my findings and if confirmed to the ClamAV® submit a file site.
-Al-
--
Al Varnell
Mountain View, CA
On May 9, 2014, at 1:28 AM, Thorvald Hallvardsson
wrote:
> Hi,
>
>
e image file. Since the formats of the XML portion of the
.dmg files are all very similar, I suspect it will be extremely difficult to
uniquely fingerprint such files by using XML strings.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us bui
ut not sure they will be
able to.
-Al-
On May 9, 2014, at 7:53 PM, Al Varnell wrote:
> I don’t have all the information on this yet, but I’ve had two ClamXav user
> complain today of commercial software being identified as infected by
> Osx.Trojan.FkCode-1. I can’t locate it on the clam
Alain,
Thanks. I’m particularly interested in why the "Submit false positive report"
fails. I checked back and found the same thing happened with a different file
and this same infection name a months or so ago.
-Al-
On Mon, May 12, 2014 at 07:41 AM, Alain Zidouemba wrote:
>
33bb30074ddbb7a6
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
/www.clamav.net/2014/03/28/>. I would infer that 0.96 and above are
still supported.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
g much more unique
that could have been used.
Looks to have been added to the database on 2012-12-13 (daily: 15772).
-Al-
On Tue, May 13, 2014 at 12:27 AM, Julian Hansmann wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Dear ClamAV-Users and Developers,
>
>
sting. For technical lists, it’s often
preferred in order to retain all details.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
e to use zip for a
> container file
My impression is that this is not at all about a real .jpg file. Rather it’s a
malicious executable disguised to make you thing it’s just a .jpg in order to
get you to open it.
-Al-
--
Al Varnell
Mountain View, CA
___
why
> this fp caused some trouble.
>
> Do you lists fp removals in your database update mails?
I have never seen a removal listed.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmi
On Thu, May 15, 2014 at 12:34 AM, Julian Hansmann wrote:
>
>
> Am 15.05.2014 09:11, schrieb Al Varnell:
>> On Thu, May 15, 2014 at 12:04 AM, Julian Hansmann wrote:
>>> thank your very much for your responses. I added the signatures
>>> name to the whitelist
UNOFFICIAL means it did not come from ClamAV®.
You need to take it up with whomever maintains the MBL database. MalwarePatrol?
<http://malwarepatrol.com.br/>
-Al-
--
Al Varnell
Mountain View, CA
On May 15, 2014, at 9:38 PM, Gene Heskett wrote:
> /home/gene/.cxoffice/tie/crossove
/analysis/1399908003/
>>
>
> I successfully uploaded to you using your "Submit a false positive" form.
> MD5 = 6968c0d2ad15e68b33bb30074ddbb7a6
>
>
> -Al-
> --
> Al Varnell
> Mountain View, CA
>
> -
> Al,
>
> Sorry, I didn
startup
that’s initiating this and not my huge INBOX.
-Al-
--
Al Varnell
Mountain View, CA
On May 20, 2014, at 6:14 AM, Shawn Webb wrote:
> Hey Mark,
>
> Is there a way you could get me the sample?
>
> Thanks,
>
> Shawn
>
>
> On Tue, May 20, 2014 at 6:49 AM
installer or vector used.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
We always do that right here.
-Al-
On Fri, May 23, 2014 at 01:23 AM, DUCARROZ Birgit wrote:
>
> ok. Where do I have to submit the md5s ?
>
> - Birgit
>
>
> On 22. 05. 14 01:01 , Alain Zidouemba wrote:
>> The new signature will be out in the next few releases.
Just because they’ve developed techniques to
detect such things doesn’t mean they’ve shared that information with the
competition, especial one that’s free.
-Al-
--
Al Varnell
Mountain View, CA
On Tue, May 27, 2014 at 08:00 PM, R Secrist wrote:
>
> There do not appear to be any def
Alain,
Just following up since it’s been a couple of weeks now.
I haven't see a new replacement signature yet. Nothing new for “Unix.” or
“Elk”. Did I overlook something?
-Al-
On Wed, May 21, 2014 at 04:01 PM, Alain Zidouemba wrote:
>
> The new signature will be out in t
Yes, I see them. Thanks.
-Al-
On Fri, Jun 06, 2014 at 09:24 AM, Alain Zidouemba wrote:
>
> They should in be daily.cvd 19065.
>
> - Alain
>
>
> On Thu, Jun 5, 2014 at 9:37 PM, Al Varnell wrote:
>
>> Alain,
>>
>> Just following up since it’s be
Based on the subject document
<https://www.openssl.org/news/secadv_20140605.txt> what, if any vulnerabilities
are applicable to the ClamAV® scan engine?
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
ing details.exe: OK
Post the MD5 of the file you uploaded to make it easier for them to find and
give you a status.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
nd that they are now probably permanently built into
> the chainstate :
>
> - is this a threat, or, can these alerts be safely ignored ?
>
> ..
>
> thank you
Ellan,
According to the forum link you gave us you should "set your scanner to ignore
sst files, wh
Steve runs things there and subscribes to this list so will probably have some
more specific knowledge.
-Al-
On Sat, Jun 14, 2014 at 12:56 AM, Vincent Fox wrote:
>
> Hi,
>
> We use ClamAV, and I have noticed a certain class of spam hitting us lately
> that has VERY long final
c218279bc1b4ce/analysis/1403470020/>.
If you visit the site of some of those scanners with the infection name they
use, you might find the information you are looking for.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
. Obviously there is a much larger user base for official
set so contributions there would be of broader benefit, yet he runs his own
services to the community. Something he’ll need to consider and decide on his
own.
Just my two cents.
-Al-
Al Varnell
Mountain View, CA
On Tue, Jun 24, 2014 at 07:44 PM
them
replaced by an official signature yet.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
Sergey,
I’m not sure I understand what you are asking here.
You refer to an event that has happened once in what, ten years?
And you are suggesting changes to package managers which, as far as I am aware,
ClamAV® has no control over?
-Al-
Al Varnell
Mountain View, CA
On Wed, Jun 25, 2014 at
a949f61b2cf229c5ca
I’ve had two ClamXav users report it for different files yesterday.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
You are right, it did just disappear, but your results are still strange.
-Al-
On Fri, Jun 27, 2014 at 10:36 AM, Michael Graham wrote:
>
> On Fri, 2014-06-27 at 13:30 -0400, Michael Graham wrote:
>> I'm trying to report a bunch of suspected false positives to
>> HTML.Expl
l download a new, updated daily.cvd for you.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
Have you already uploaded the files to <http://www.clamav.net/sendvirus/> using
the “Send a false positive report” form?
-Al-
On Jul 7, 2014, at 3:04 AM, DUCARROZ Birgit wrote:
> I beleave those are false positives.
> Please would you check the md5 hashes?
> Thank you a
many bug fixes for
developers to respond to all issues such as yours. It’s likely to be several
weeks or even months before 0.98.5 is released.
-Al-
On Tue, Jul 08, 2014 at 11:32 PM, Henrik K wrote
> It's been two mondays now and no news... a new beta is posted but nothing
> about t
; Infected files: 1
> Total errors: 1
> Data scanned: 17001.15 MB
> Data read: 30419.67 MB (ratio 0.56:1)
> Time: 9855.813 sec (164 m 15 s)
>
>
> Methinks this is an FP.
>
> Cheers, Gene Heskett
Then upload it to the usual place:
<http://www.clamav.net/sendvirus/> u
show this. You should see the words
"Phishcheck:" and/or "cli_magic_scandesc:” somewhere around those domains, as I
always do when I run across such FP’s.
-Al-
--
Al Varnell
Mountain View, CA
On Mon, Jul 14, 2014 at 08:55 AM, Kris Deugau wrote:
>
> I just came across
other users can benefit
from this finding.
-Al-
On Mon, Jul 14, 2014 at 11:37 AM, Kris Deugau wrote:
>
> Al Varnell wrote:
>> You have certainly found the correct pair as your message is still showing
>> up immediately as infected here.
>
> ... and here, too; I wondere
tps://www.virustotal.com/en/file/e362670f93cdd952335b1a41e5529f184f2022ea4d41817a9781b150b062511c/analysis/1405462000/>
Since the signature for this file is ee35353fd80f8e2447095b753732dbca, I guess
I’m a bit confused as to why id doesn’t match the file MD5.
-Al-
--
Al Varnell
Mountain Vi
tps://www.virustotal.com/en/file/52def964142be6891054d2f95256a3b05d66887964fcd66b34abfe32477e8965/analysis/1405469450/>
Signature: 425c19aef183b3d3db4a00e05cf46e73
-Al-
-Original Message-
I’ve just uploaded a component of every version OS X since at least 2010 that
is included with Python an
Manoj,
What unix system are you running clamav on?
The team will need to know the MD5 of show.html.erb in order to quickly locate
it among the other False Positives submitted. You cannot attach it here.
-Al-
> On Aug 19, 2014, at 2:02 AM, Manoj Chitrala wrote:
>
> Hi,
>
> W
. What is that check-box for?
Sent from Janet's iPad
-Al-
--
Al Varnell
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
; in my clamd.conf file the size upto which the files will be scanned is 30 mb
> ie max email size in my smtp session.
>
> how do we solve this issue.
SaneSecurity has it’s own mailing list
<http://sanesecurity.com/support/mailing-list/&g
> On Sep 2, 2014, at 4:22 PM, YSPSC IT wrote:
>
> From this mailing list…
Do it yourself at
<http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users>.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensi
On Sep 2, 2014, at 5:38 PM, YSPSC IT wrote:
> Please just do it, Al.
I cannot do it for you.
Sent from Janet's iPad
-Al-
--
Al Varnell
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.cl
happened.
===
Question for ClamAV® team. Have you done away with the Mirror Status page?
(was http://www.clamav.net/mirrors.html) I used it quite often to troubleshoot
issues such as this one.
-Al-
--
Al Varnell
Mountain View, CA
___
Help u
e hash
(316287b0b4a47ada39244de795b7ca3c)?
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
ince it mostly
impacts the load on network servers and not you and other clients, that’s
something the team will need to analyze and decide.
-Al-
—
Al Varnell
Mountain View
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/cla
.
In a separate thread we were told this week that at some point the daily.cvd
would not be routinely available to end users.
How is the freshclam approach any different from using rsync to you?
-Al-
On Thu, Sep 18, 2014 at 02:53 PM, Paul Kosinski wrote:
>
> On Thu, 18 Sep 2014 12:00:00
On Fri, Sep 19, 2014 at 11:30 AM, Paul Kosinski wrote:
>
> On Fri, 19 Sep 2014 12:00:00 -0400
> Al Varnell wrote:
>> OK, so I?m a bit confused by this.
>>
>> I realize that many of us have different approaches to updating the
>> database, due to different cir
usly do whatever you want for a local database, but for the
benefit of others, please pursue this as a False Positive so that the ClamAV
database is correct.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https
es to financial institutions, so I’m not sure why retailers
would suddenly be using these redirected url’s in their mailings. I’m usually
the first to know when world-wide Apple users suddenly get these and haven’t
heard a thing about it, yet.
-
I seem to be getting lots of hits on my browser cache when accessing some
several popular sites, including the Apple Support Community Forum. Looks like
it was just added earlier today by Alain in daily 19432.
-Al-
--
Al Varnell
Mountain View, CA
The number is somewhat dependant on options selected in freshclam.conf (e.g.
PUA signatures are not always included).
I doubt that anybody can even come close to telling you how many unique malware
variants are included in those numbers.
-Al-
> On Oct 10, 2014, at 12:05 AM, Steve Basf
why it’s
being flagged at this time, but it has been blacklisted 13 times over the past
90 days, serving malicious software according to:
<http://www.google.com/safebrowsing/diagnostic?site=gasparinifrigoriferi.it>
-Al-
--
Al Varnell
Mountain View, CA
> On Oct 27, 2014, at 10:43 AM, A
We have already been told back in early September that they were looking into
restoring the dates:
<http://lurker.clamav.net/message/20140904.104411.2a6321b1.en.html>
-Al-
On Tue, Nov 11, 2014 at 10:27 PM, Saker Hamdy Mohamoud Salama wrote:
>
> Hello Koko,
>
> My steps t
at do you mean by “commercial support” and why aren’t you using ClamWin
<http://www.clamwin.com/> which indicates it will work on Windows Server 2012,
2008 and 2003.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive Clam
d by searching the
clamav-virusdb archive:
<http://lurker.clamav.net/list/clamav-virusdb.en.html>
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
On Sat, Nov 22, 2014 at 09:18PM, Deevakar PK wrote:
>
> Hi Team,
>
> Is there any real-time monitoring available in clamAV with quarantine
> option ?
>
> If yes, please let me know how to implement it?
It would help to know what platform/OS you need it for.
-Al-
--
Al
false negative, I wasn’t sure how to
report it.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
load links: main.cvd | daily.cvd |
bytecode.cvd
-Al-
On Wed, Dec 03, 2014 at 01:57 AM, Pascal wrote:
>
> Hi,
>
> I found this on http://www.clamav.net/doc/cvd.html :
> """
> * Can I download the virusdb manually?
> Yes, the virusdb can be downloaded from
Something was clogged up.
The last update I received from the clamav-virusdb e-mail list was 19772 on Dec
12 and I just now received 19781 but nothing in between.
I ran freshclam just now and all the updates were there.
-Al-
On Mon, Dec 15, 2014 at 08:03 AM, Heino Backhaus wrote:
>
>
download .cdiff files and integrate them
into a decompressed version (.cld).
My impression is that you must disable scripted updates on both the local
mirror and each client so that all only download .cvd’s that need updating.
Perhaps somebody running a local mirror can confirm this for you.
-Al
For what platform?
Perhaps you should be looking at ClamWin <http://www.clamwin> or ClamXav
<http://www.clamxav.com> for home use on MS Windows or Apple OS X, respectively.
Sent from Janet's iPad
-Al-
--
Al Varnell
On Jan 21, 2015, at 2:26 PM, E R wrote:
> Hi to all,
&
correct.
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
essed and published:
> -
>
> See http://cvdpedia.clamav.net/daily/19964
In addition to missing dailies, I’m also seeing sporadic issues with search
results not coming back. In fact, it’s not working for me as I write this.
-Al-
On Sun, Jan 25, 2015 at 05:29PM, Joel Esler (jesler) wrote:
Have you gone through all the documentation on Private Mirrors
<http://www.clamav.net/doc/mirrors-private>?
-Al-
On Mon, Jan 26, 2015 at 12:43AM, stef stef wrote:
>
> Hi,
> I need help to configure freeshclam.conf on a client with a local server.
> On my local server, i use
d to be able to search the archive internals for
infection names. Will I be able to somehow do that with the mailing list
archives?
-Al-
--
Al Varnell
Mountain View, CA
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmi
1 - 100 of 1069 matches
Mail list logo
