Hi ClamAV team, I have sent many samples to the email address that Luca gave me several days ago.But ClamAV didn't use these samples,I cannot see my name in the clamav-virusdb ML so the software cannot detect them until now.I want to know what's wrong.
Best Regards, Aron Xu From: [EMAIL PROTECTED] To: clamav-users@lists.clamav.net Date: Thu, 28 Aug 2008 18:00:13 +0800 (CST) Subject: clamav-users Digest, Vol 47, Issue 24 > Send clamav-users mailing list submissions to > clamav-users@lists.clamav.net > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > or, via email, send a message with subject or body 'help' to > [EMAIL PROTECTED] > > You can reach the person managing the list at > [EMAIL PROTECTED] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of clamav-users digest..." > > > Today's Topics: > > 1. State of Clamuko support (Bastian Friedrich) > 2. Malware Scanning and blocking (Sain, David J.) > 3. Re: Malware Scanning and blocking (Brandon Perry) > 4. Re: Malware Scanning and blocking (Sarocet) > 5. maliciout javascript in WWW pages (Matus UHLAR - fantomas) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Wed, 27 Aug 2008 16:16:57 +0200 > From: Bastian Friedrich > > Subject: [Clamav-users] State of Clamuko support > To: clamav-users@lists.clamav.net > Message-ID: > <[EMAIL PROTECTED]> > Content-Type: text/plain; charset="iso-8859-1" > > Hi, > > sorry for cross-posting. I was unsure which list to address. > > I have just tried to get ClamAV 0.94rc1 running and noticed that clamuko > currently is not available. I have not tried to re-enable the code in clamd > (which is more or less commented out), but suppose there is some reason for > the "do { ... } while (0);" :) > > Will the final release of ClamAV 0.94 include dazuko support? > > Is there any commitment as of which kinds and versions of dazuko will be > supported? Dazuko development has changed recently quite a lot, as the > conventional dazuko will probably sooner or later be substitued by the more > modern "dazukofs" approach (although there seem to be quite active > discussions currently). > > Thx & best regards > Bastian > > -- > Bastian Friedrich [EMAIL PROTECTED] > Address & Fon available on my HP http://www.bastian-friedrich.de/ > \~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\ > \ "The heart has its reasons which reason knows nothing of." > \ Blaise Pascal > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: not available > Type: application/pgp-signature > Size: 197 bytes > Desc: This is a digitally signed message part. > Url : > http://lists.clamav.net/pipermail/clamav-users/attachments/20080827/5fe1e4f7/attachment.pgp > > > ------------------------------ > > Message: 2 > Date: Wed, 27 Aug 2008 11:41:44 -0500 > From: "Sain, David J." > Subject: [Clamav-users] Malware Scanning and blocking > To: > Message-ID: > <[EMAIL PROTECTED]> > Content-Type: text/plain; charset="US-ASCII" > > I want to setup a linux box with smoothwall, ipcop or some other > opensource internet security application (preferably linux based) at > home, but don't know how ClamAV might handle things like Antivirus 2008 > that make fraudulent claims and are considered malware. > > > > I searched archives, but don't come up with hits on [ malware "antivirus > 2008" ] which is a specific thing we deal with at work on a regular > basis (I'm a consultant. One firm we have a Sonicwall tz190 which > blocks malware and virus' quite well, but sometimes at the expense of > other things, like lunix updates) > > > > http://officialantiviruslab.com/?gclid=COu1jrK5rpUCFQ0MIgodJHujbw > > http://onlineantivirus2009.com/?gclid=COCnhYG5rpUCFRKAxgodpF7KbA > > > > Any thoughts? > > > > Thank you, > > David > > > > ------------------------------ > > Message: 3 > Date: Wed, 27 Aug 2008 12:02:11 -0500 > From: "Brandon Perry" > Subject: Re: [Clamav-users] Malware Scanning and blocking > To: "ClamAV users ML" > Message-ID: > > Content-Type: text/plain; charset=ISO-8859-1 > > Best way to find out is to just scan it. But, just a forewarning, ClamAV is > for viruses, not spyware (while there are some spyware defs). If you want, > you can grab an MD5 of the installer and make your own definitions. > > On Wed, Aug 27, 2008 at 11:41 AM, Sain, David J. wrote: > > > I want to setup a linux box with smoothwall, ipcop or some other > > opensource internet security application (preferably linux based) at > > home, but don't know how ClamAV might handle things like Antivirus 2008 > > that make fraudulent claims and are considered malware. > > > > > > > > I searched archives, but don't come up with hits on [ malware "antivirus > > 2008" ] which is a specific thing we deal with at work on a regular > > basis (I'm a consultant. One firm we have a Sonicwall tz190 which > > blocks malware and virus' quite well, but sometimes at the expense of > > other things, like lunix updates) > > > > > > > > http://officialantiviruslab.com/?gclid=COu1jrK5rpUCFQ0MIgodJHujbw > > > > http://onlineantivirus2009.com/?gclid=COCnhYG5rpUCFRKAxgodpF7KbA > > > > > > > > Any thoughts? > > > > > > > > Thank you, > > > > David > > > > _______________________________________________ > > Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net > > http://www.clamav.net/support/ml > > > > > > -- > http://www.volatileminds.net > > > ------------------------------ > > Message: 4 > Date: Wed, 27 Aug 2008 19:47:12 +0200 > From: Sarocet > Subject: Re: [Clamav-users] Malware Scanning and blocking > To: ClamAV users ML > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > Sain, David J. wrote: > > I want to setup a linux box with smoothwall, ipcop or some other > > opensource internet security application (preferably linux based) at > > home, but don't know how ClamAV might handle things like Antivirus 2008 > > that make fraudulent claims and are considered malware. > > > > I searched archives, but don't come up with hits on [ malware "antivirus > > 2008" ] which is a specific thing we deal with at work on a regular > > basis (I'm a consultant. One firm we have a Sonicwall tz190 which > > blocks malware and virus' quite well, but sometimes at the expense of > > other things, like lunix updates) > > > > http://officialantiviruslab.com/?gclid=COu1jrK5rpUCFQ0MIgodJHujbw > > http://onlineantivirus2009.com/?gclid=COCnhYG5rpUCFRKAxgodpF7KbA > > > > > > Any thoughts? > > > > > > Thank you, > > > > David > > > See the 'Sanesecurity: new database' recent thread > http://lurker.clamav.net/thread/20080818.151714.69360cff.en.html > It annunces the addition of http://sanesecurity.co.uk/clamav/rogue.htm > signatures for "known Rogue Anti-Virus > software and also contains known Fake Videos/Codecs." Given the > reference about fake news, > I think 'antivirus 2008' will be listed there. > > > > ------------------------------ > > Message: 5 > Date: Thu, 28 Aug 2008 11:38:51 +0200 > From: Matus UHLAR - fantomas > Subject: [Clamav-users] maliciout javascript in WWW pages > To: clamav-users@lists.clamav.net > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset=us-ascii > > Hello, > > Some our customers are ocasionally having problems with their (or other) > webpages containing malicious javascript (containing or downloading trojans > etc). > > We are currently scanning files uploaded via FTP by clamav (using mod_clamav > for ProFTPD). > > We are also planning to integrate virus scanner to out proxy server (squid) > so the malware would not get to our clients even from other websites. > > However, clamav currently does NOT detecty such malicious code. Therefore I > would like to ask if I should just submit such code or is there anything > other that must be done to be able to detect malicious javascript? > > Also, is there a possibility for (optional) curing such files? > (The malicious code was a few times only appended by the malware, so its > removing should not make any harm, especially on proxy) > > I can provide some examples if you need... > -- > Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > My mind is like a steel trap - rusty and illegal in 37 states. > > > ------------------------------ > > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > End of clamav-users Digest, Vol 47, Issue 24 > ******************************************** > _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
