[Clamav-users] Microsoft Power Point and Zip Files
(sorry if this has come up and I missed it) Apparently, the later/latest versions of Power Point actually write out zip files that are merely named .ppt (or something like that). Internally, it's apparently representing the slides and images as sub-files within the zip archive. This means that large Power Point presentations might have HUGE numbers of files in them, that might exceed the ClamAV archive file format. In fact, we've had some reports that look just like that. a) are other people seeing this problem? (was it fixed in a clamav version during the last 12-18 months?) b) has anyone solved it by just increasing the archive file limit? If so, what reasonable number have you come up with? Other thoughts of conclusions about all of this? (other than "don't use MS Office" -- that's outside the scope of my powers) John ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] How to determine if you installed from vendor package or source?
On Wed, 5 Aug 2009, steven sprague wrote: Hello Users, It has been sometime since I installed ClamAV - it's working great. I am getting prompted by logwatch to upgrade. Now that its time to upgrade I want to do it right. So, unless there are no issues with mixed installs source and/ or vendor rpm. Is it safe to upgrade using a RPM file from a ClamAV recommended site? and install it on top of source install or the reverse? How can I discover if my original install came from source or rpm? If I remember right (somebody stop me if I'm wrong) the package manager will be aware of it if you installed the binary and won't be aware if you installed from source. Try running "dpkg -l " If it says it's installed you installed the .deb package. -- Bob Holtzman AF9D 8760 0CFA F95A 6C77 E125 BF90 580F 8D54 9279 "If you think you're getting free lunch, check the price of the beer" ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] ClamD stops on database reload - no errors
> > On Wed, 05 Aug 2009 11:00:34 +0100 > > Colin Harris wrote: > > > Is there any advice to fixing this problem? > > > > > > Ubuntu, Clam 0.94, conf file below: > On 2009-08-05 10:08, Tomasz Kojm wrote: > > 0.94 is a very old and no longer supported version, your first step > > should be to update to 0.95.2 On 05.08.09 13:31, Colin Harris wrote: > Thanks for the advice, now on 0.95. 0.95 is not 0.95.2 -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. LSD will make your ECS screen display 16.7 million colors ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
[Clamav-users] How to determine if you installed from vendor package or source?
Hello Users, It has been sometime since I installed ClamAV - it's working great. I am getting prompted by logwatch to upgrade. Now that its time to upgrade I want to do it right. So, unless there are no issues with mixed installs source and/ or vendor rpm. Is it safe to upgrade using a RPM file from a ClamAV recommended site? and install it on top of source install or the reverse? How can I discover if my original install came from source or rpm? logwatch: Last ClamAV update process started at Tue Aug 4 23:52:07 2009 Last Status: WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.94.2 Recommended version: 0.95.2 DON'T PANIC! Read http://www.clamav.net/support/faq main.cld is up to date (version: 51, sigs: 545035, f-level: 42, builder: sven) daily.cld is up to date (version: 9655, sigs: 63499, f-level: 43, builder: arnaud) Received signal: wake up Glider -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] ClamAV engine v0.95.2
Gianluigi Tiesi wrote: > On 05/08/2009 11.48, sergio Fernandez wrote: >> Hi >> >> When will ClamAV engine v0.95.2 be used? >> >> Regards >> > > For what? did I miss something? Judging by his MUA (Apple Mail) he asks for a updated OS X version. Sergio: http://osx.topicdesk.com/content/view/62/41/ might help you. Best regards, Nico -- Q: Because it reverses the logical flow of conversation. A: Why is putting a reply at the top of the message frowned upon? ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] ClamD stops on database reload - no errors
On 2009-08-05 10:08, Tomasz Kojm wrote: > On Wed, 05 Aug 2009 11:00:34 +0100 > Colin Harris wrote: > > > Is there any advice to fixing this problem? > > > > Ubuntu, Clam 0.94, conf file below: > > 0.94 is a very old and no longer supported version, your first step should > be to update to 0.95.2 > > > Thanks for the advice, now on 0.95. Colin. -- ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
[Clamav-users] Clamd socket stops responding during databas reload
Hello, All ! I am using latest stable Clamav 0.95.2 on OpenBSD 4.5 built from source with options: ./configure \ --prefix=/opt \ --sysconfdir=/etc/clamav \ --datadir=/var/db \ --localstatedir=/var/run \ --enable-bigstack \ --enable-clamdtop \ --with-user=proxy \ --with-group=proxy \ --with-libbz2-prefix=/usr/local \ When clamd reloads new database it stops responding requests via local socket. For example DansGuardian reports "Exception whist reading ClamD socket: Can't read from socket" Is there any workaround for this issue ? Regards ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] ClamD stops on database reload - no errors
On Wed, 05 Aug 2009 11:00:34 +0100 Colin Harris wrote: > Is there any advice to fixing this problem? > > Ubuntu, Clam 0.94, conf file below: 0.94 is a very old and no longer supported version, your first step should be to update to 0.95.2 -- oo. Tomasz Kojm (\/)\. http://www.ClamAV.net/gpg/tkojm.gpg \..._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Wed Aug 5 12:08:10 CEST 2009 ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] ClamAV engine v0.95.2
On 05/08/2009 11.48, sergio Fernandez wrote: Hi When will ClamAV engine v0.95.2 be used? Regards For what? did I miss something? -- Gianluigi Tiesi EDP Project Leader Netfarm S.r.l. - http://www.netfarm.it/ Free Software: http://oss.netfarm.it/ ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
[Clamav-users] ClamD stops on database reload - no errors
I am getting this re-occurring issue once every couple of days. Clam reloads the database, and stops. No errors or anything. /var/log/clamav/clamav.log From the log file: Tue Aug 4 20:40:48 2009 -> Reading databases from /var/lib/clamav Tue Aug 4 20:40:51 2009 -> Database correctly reloaded (607047 signatures) Tue Aug 4 20:41:55 2009 -> Socket file removed. Tue Aug 4 20:41:55 2009 -> Pid file removed. Tue Aug 4 20:41:55 2009 -> --- Stopped at Tue Aug 4 20:41:55 2009 This then causes my Amavis to fail as it cannot use the Clam Daemon: Aug 4 20:45:01 vps10521 amavis[11280]: (11280-20) (!!)ClamAV-clamd av-scanner FAILED: CODE(0x8c2a51c) Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 86) line 310. at (eval 86) line 511. Aug 4 20:45:01 vps10521 amavis[11280]: (11280-20) (!!)WARN: all primary virus scanners failed, considering backups Aug 4 20:45:09 vps10521 postfix/smtpd[23844]: warning: 201.87.122.70: hostname 201-87-122-70.static-corp.ajato.com.br verification failed: Name or service not known Aug 4 20:48:54 vps10521 amavis[9965]: (09965-04) (!!)ClamAV-clamd av-scanner FAILED: CODE(0x8c2a51c) Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 86) line 310. at (eval 86) line 511. Restarting the Clam daemon manually fixes the issue until it happens again. Is there any advice to fixing this problem? Ubuntu, Clam 0.94, conf file below: #Automatically Generated by clamav-base postinst #To reconfigure clamd run #dpkg-reconfigure clamav-base #Please read /usr/share/doc/clamav-base/README.Debian.gz for details LocalSocket /var/run/clamav/clamd.ctl FixStaleSocket true # TemporaryDirectory is not set to its default /tmp here to make overriding # the default with environment variables TMPDIR/TMP/TEMP possible User clamav AllowSupplementaryGroups true ScanMail true ScanArchive true ArchiveLimitMemoryUsage false ArchiveBlockEncrypted false MaxDirectoryRecursion 15 FollowDirectorySymlinks false FollowFileSymlinks false ReadTimeout 180 MaxThreads 12 MaxConnectionQueueLength 15 StreamMaxLength 10M LogSyslog true LogFacility LOG_LOCAL6 LogClean false LogVerbose false PidFile /var/run/clamav/clamd.pid DatabaseDirectory /var/lib/clamav SelfCheck 3600 Foreground false Debug false ScanPE true ScanOLE2 true ScanHTML true DetectBrokenExecutables false MailFollowURLs false ExitOnOOM false LeaveTemporaryFiles false AlgorithmicDetection true ScanELF true IdleTimeout 30 PhishingSignatures true PhishingScanURLs true PhishingAlwaysBlockSSLMismatch false PhishingAlwaysBlockCloak false DetectPUA false ScanPartialMessages false HeuristicScanPrecedence false StructuredDataDetection false LogFile /var/log/clamav/clamav.log LogTime true LogFileUnlock false LogFileMaxSize 0 ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
[Clamav-users] ClamAV engine v0.95.2
Hi When will ClamAV engine v0.95.2 be used? Regards Sergio Fernandez Senior Technical Support Albion Computers Plc 112 Strand London WC2R 0AG Tel: 0207 212 9090 Fax: 0207 212 9091 ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
[Clamav-users] ClamAV engine v0.95.2
Hi When will ClamAV engine v0.95.2 be used? Regards Sergio Fernandez Senior Technical Support Albion Computers Plc 112 Strand London WC2R 0AG Tel: 0207 212 9090 Fax: 0207 212 9091 ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml