[clamav-users] freshclam and various formats of base
Hello. Several years ago database format changed sometimes when upgrading ClamAV. This does caused problems when restart clamd after upgrade. This could be solved by means of the package manager, RPM for example: %post for FNAME in `ls --ignore=*.socket /var/lib/clamav`; do [ -h /var/lib/clamav/$FNAME ] continue [ -d /var/lib/clamav/$FNAME ] rm -rf /var/lib/clamav/$FNAME [ -f /var/lib/clamav/$FNAME ] rm -f /var/lib/clamav/$FNAME done Can it be not used it now ? The virus database is large now and download continues for a long time. Can clamd ignore wrong format now ? Can freshclam to clear /var/lib/clamav independently ? -- Regards, Sergey ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] freshclam and various formats of base
Sergey, I’m not sure I understand what you are asking here. You refer to an event that has happened once in what, ten years? And you are suggesting changes to package managers which, as far as I am aware, ClamAV® has no control over? -Al- Al Varnell Mountain View, CA On Wed, Jun 25, 2014 at 11:37 PM, Sergey wrote: Hello. Several years ago database format changed sometimes when upgrading ClamAV. This does caused problems when restart clamd after upgrade. This could be solved by means of the package manager, RPM for example: %post for FNAME in `ls --ignore=*.socket /var/lib/clamav`; do [ -h /var/lib/clamav/$FNAME ] continue [ -d /var/lib/clamav/$FNAME ] rm -rf /var/lib/clamav/$FNAME [ -f /var/lib/clamav/$FNAME ] rm -f /var/lib/clamav/$FNAME done Can it be not used it now ? The virus database is large now and download continues for a long time. Can clamd ignore wrong format now ? Can freshclam to clear /var/lib/clamav independently ? ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] freshclam and various formats of base
On Thursday 26 June 2014, Al Varnell wrote: You refer to an event that has happened once in what, ten years ? Like that, but a little less. And this happened several times. And you are suggesting changes to package managers which, as far as I am aware, ClamAV® has no control over ? No. Сonversely. I want to cleanup my spec-file. :-) I want to remove this work around now. But I want to be sure that it will never needed. -- Regards, Sergey ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] Problem with ClamAV 0.98.4 - HAVP won't load CVD files
On Thu, Jun 26, 2014 at 12:37 AM, Paul Kosinski cla...@iment.com wrote: I'm using HAVP (0.92) on Linux (openSuSE 13.1) as a virus scanning filter for HTTP traffic. It worked perfectly with ClamAV 0.98.3 (and many previous versions), but now it won't start at all with 0.98.4. HAVP uses libclamav.so to do the actual scanning (more efficient than even the socket interface), so it starts by loading the various CVD files. With 0.98.4, HAVP fails thus: 25/06/2014 20:30:54 === Starting HAVP Version: 0.92 25/06/2014 20:30:54 Running as user: havp, group: havp 25/06/2014 20:30:54 --- Initializing ClamAV Library Scanner 25/06/2014 20:30:54 ClamAV: Using database directory: /opt/clamav/share/clamav 25/06/2014 20:30:54 ClamAV: Could not load database: Can't allocate memory 25/06/2014 20:30:54 Error initializing ClamAV Library Scanner! While with 0.98.3, HAVP succeeds: 25/06/2014 20:32:48 === Starting HAVP Version: 0.92 25/06/2014 20:32:48 Running as user: havp, group: havp 25/06/2014 20:32:48 --- Initializing ClamAV Library Scanner 25/06/2014 20:32:48 ClamAV: Using database directory: /opt/clamav/share/clamav 25/06/2014 20:32:55 ClamAV: Loaded 3470096 signatures (engine 0.98.3) 25/06/2014 20:32:56 ClamAV Library Scanner passed EICAR virus test (Eicar-Test-Signature) 25/06/2014 20:32:56 --- All scanners initialized A previous posting to this list implied that such (presumably bogus) memory errors might be related to the switch to OpenSSL. In both cases, I'm using OpenSSL 1.0.1h-1.60.1 (openSuSE's latest version), and the clamd.conf file and HAVP binary are the same. Hey Paul, It looks like HAVP is calling into libclamav directly. That means that HAVP will need to either initialize OpenSSL prior to calling the cl_init() function in libclamav, or it will need to call cl_initialize_crypto() prior to calling cl_init(). We have an open bug on our end to track this issue (bugzilla bug 11037). Additionally, a bug report should be opened with HAVP to document the issue on their end. I will be discussing with the team soon potential solutions going forward. Thanks, Shawn ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] Problem with ClamAV 0.98.4 - HAVP won't load CVD files
On 2014/06/26 11:10, Shawn Webb wrote: On Thu, Jun 26, 2014 at 12:37 AM, Paul Kosinski cla...@iment.com wrote: I'm using HAVP (0.92) on Linux (openSuSE 13.1) as a virus scanning filter for HTTP traffic. It worked perfectly with ClamAV 0.98.3 (and many previous versions), but now it won't start at all with 0.98.4. HAVP uses libclamav.so to do the actual scanning (more efficient than even the socket interface), so it starts by loading the various CVD files. With 0.98.4, HAVP fails thus: 25/06/2014 20:30:54 === Starting HAVP Version: 0.92 25/06/2014 20:30:54 Running as user: havp, group: havp 25/06/2014 20:30:54 --- Initializing ClamAV Library Scanner 25/06/2014 20:30:54 ClamAV: Using database directory: /opt/clamav/share/clamav 25/06/2014 20:30:54 ClamAV: Could not load database: Can't allocate memory 25/06/2014 20:30:54 Error initializing ClamAV Library Scanner! While with 0.98.3, HAVP succeeds: 25/06/2014 20:32:48 === Starting HAVP Version: 0.92 25/06/2014 20:32:48 Running as user: havp, group: havp 25/06/2014 20:32:48 --- Initializing ClamAV Library Scanner 25/06/2014 20:32:48 ClamAV: Using database directory: /opt/clamav/share/clamav 25/06/2014 20:32:55 ClamAV: Loaded 3470096 signatures (engine 0.98.3) 25/06/2014 20:32:56 ClamAV Library Scanner passed EICAR virus test (Eicar-Test-Signature) 25/06/2014 20:32:56 --- All scanners initialized A previous posting to this list implied that such (presumably bogus) memory errors might be related to the switch to OpenSSL. In both cases, I'm using OpenSSL 1.0.1h-1.60.1 (openSuSE's latest version), and the clamd.conf file and HAVP binary are the same. Hey Paul, It looks like HAVP is calling into libclamav directly. That means that HAVP will need to either initialize OpenSSL prior to calling the cl_init() function in libclamav, or it will need to call cl_initialize_crypto() prior to calling cl_init(). We have an open bug on our end to track this issue (bugzilla bug 11037). Additionally, a bug report should be opened with HAVP to document the issue on their end. I will be discussing with the team soon potential solutions going forward. One complication with this is that the prototype for cl_initialize_crypto() is only in libclamav/crypto.h which doesn't get installed..(and for HAVP which doesn't normally use openssl, it would need extra build scaffolding there to do this via openssl rather than cl_initialize_crypto). As far as external users go, the approach in Sebastian's diff (calling cl_initialize_crypto from cl_init) seems far simpler. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] Problem with ClamAV 0.98.4 - HAVP won't load CVD files
On Thu, Jun 26, 2014 at 11:31 AM, Stuart Henderson stu-clamav-l...@spacehopper.org wrote: On 2014/06/26 11:10, Shawn Webb wrote: On Thu, Jun 26, 2014 at 12:37 AM, Paul Kosinski cla...@iment.com wrote: I'm using HAVP (0.92) on Linux (openSuSE 13.1) as a virus scanning filter for HTTP traffic. It worked perfectly with ClamAV 0.98.3 (and many previous versions), but now it won't start at all with 0.98.4. HAVP uses libclamav.so to do the actual scanning (more efficient than even the socket interface), so it starts by loading the various CVD files. With 0.98.4, HAVP fails thus: 25/06/2014 20:30:54 === Starting HAVP Version: 0.92 25/06/2014 20:30:54 Running as user: havp, group: havp 25/06/2014 20:30:54 --- Initializing ClamAV Library Scanner 25/06/2014 20:30:54 ClamAV: Using database directory: /opt/clamav/share/clamav 25/06/2014 20:30:54 ClamAV: Could not load database: Can't allocate memory 25/06/2014 20:30:54 Error initializing ClamAV Library Scanner! While with 0.98.3, HAVP succeeds: 25/06/2014 20:32:48 === Starting HAVP Version: 0.92 25/06/2014 20:32:48 Running as user: havp, group: havp 25/06/2014 20:32:48 --- Initializing ClamAV Library Scanner 25/06/2014 20:32:48 ClamAV: Using database directory: /opt/clamav/share/clamav 25/06/2014 20:32:55 ClamAV: Loaded 3470096 signatures (engine 0.98.3) 25/06/2014 20:32:56 ClamAV Library Scanner passed EICAR virus test (Eicar-Test-Signature) 25/06/2014 20:32:56 --- All scanners initialized A previous posting to this list implied that such (presumably bogus) memory errors might be related to the switch to OpenSSL. In both cases, I'm using OpenSSL 1.0.1h-1.60.1 (openSuSE's latest version), and the clamd.conf file and HAVP binary are the same. Hey Paul, It looks like HAVP is calling into libclamav directly. That means that HAVP will need to either initialize OpenSSL prior to calling the cl_init() function in libclamav, or it will need to call cl_initialize_crypto() prior to calling cl_init(). We have an open bug on our end to track this issue (bugzilla bug 11037). Additionally, a bug report should be opened with HAVP to document the issue on their end. I will be discussing with the team soon potential solutions going forward. One complication with this is that the prototype for cl_initialize_crypto() is only in libclamav/crypto.h which doesn't get installed..(and for HAVP which doesn't normally use openssl, it would need extra build scaffolding there to do this via openssl rather than cl_initialize_crypto). As far as external users go, the approach in Sebastian's diff (calling cl_initialize_crypto from cl_init) seems far simpler. The patch here will go out with our next release of ClamAV, which adds the function prototypes to clamav.h: https://github.com/vrtadmin/clamav-devel/commit/9363412bbb2378a29f7ae7208ccec475a0c476d8 I'll talk with the team on Monday about whether to call cl_initialize_crypto from cl_init. I have a few concerns with it, which is why I originally opted to keep the function separate. cl_initialize_crypto calls the OpenSSL initialization functions. A third-party application which consumes both libclamav and OpenSSL might have already called the OpenSSL initialization routines. From what I've read (sorry, I don't remember the actual links off-hand), OpenSSL doesn't like to have its initialization routines called multiple times. If I call cl_initialize_crypto inside of cl_init, there is a possibility of that happening. I'll discuss the problem and potential solutions with the team on Monday and we'll have a solution in place by later that day. At the very least, the patch linked to above will help. Thanks, Shawn ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] Problem with ClamAV 0.98.4 - HAVP won't load CVD files
Shawn, Yes indeed, HAVP calls into libclamav directly. But then why does this only fail in 0.98.4 but *not* in 0.98.3? Wasn't OpenSSL already being used in 0.98.3? An additional problem is that the HAVP developer seems to have stopped working on it, according to the HAVP forum (http://havp.hege.li/forum/). Of course, since HAVP is Open Source, I could change it for my use (but I don't want to take it over). Thanks for the quick response, Paul Hey Paul, It looks like HAVP is calling into libclamav directly. That means that HAVP will need to either initialize OpenSSL prior to calling the cl_init() function in libclamav, or it will need to call cl_initialize_crypto() prior to calling cl_init(). We have an open bug on our end to track this issue (bugzilla bug 11037). Additionally, a bug report should be opened with HAVP to document the issue on their end. I will be discussing with the team soon potential solutions going forward. Thanks, Shawn ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] Problem with ClamAV 0.98.4 - HAVP won't load CVD files
Hey Paul, The reason for that is likely due to my usage of ctors and dtors with 0.98.3. In that version, I had added a ctors entry in libclamav to call cl_initialize_crypto and a dtors entry to call cl_cleanup_crypto. It turns out that operating systems like AIX, HPUX, and Solaris 10 don't support ctors/dtors. In order to provide support for those OSs, I opted to remove the ctors/dtors entries and call cl_initialize_crypto directly in the applications that we distribute that consume libclamav (clamscan, clamd, clamdscan, freshclam, etc.) That means that we're no longer calling cl_initialize_crypto in the background and third-party applications will need to call cl_initialize_crypto themselves. But that may or may not change with the discussion on Monday. Thanks, Shawn On Thu, Jun 26, 2014 at 12:37 PM, Paul Kosinski cla...@iment.com wrote: Shawn, Yes indeed, HAVP calls into libclamav directly. But then why does this only fail in 0.98.4 but *not* in 0.98.3? Wasn't OpenSSL already being used in 0.98.3? An additional problem is that the HAVP developer seems to have stopped working on it, according to the HAVP forum (http://havp.hege.li/forum/). Of course, since HAVP is Open Source, I could change it for my use (but I don't want to take it over). Thanks for the quick response, Paul Hey Paul, It looks like HAVP is calling into libclamav directly. That means that HAVP will need to either initialize OpenSSL prior to calling the cl_init() function in libclamav, or it will need to call cl_initialize_crypto() prior to calling cl_init(). We have an open bug on our end to track this issue (bugzilla bug 11037). Additionally, a bug report should be opened with HAVP to document the issue on their end. I will be discussing with the team soon potential solutions going forward. Thanks, Shawn ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] Problem with ClamAV 0.98.4 - HAVP won't load CVD files
Hello there, I'm Kare from copfilter.org I saw this discussion about failing havp with ClamAV 0.98.4 and we also use havp in our project for a long time. There is a way to get havp working, until an other solution has been found. Go to havp.config and disable clamlib and enabel the socket mode ENABLECLAMLIB false ENABLECLAMD true CLAMDSOCKET /var/log/clamd.socket I planned to contact the developer on weekend Regards Zitat von Shawn Webb sw...@sourcefire.com: Hey Paul, The reason for that is likely due to my usage of ctors and dtors with 0.98.3. In that version, I had added a ctors entry in libclamav to call cl_initialize_crypto and a dtors entry to call cl_cleanup_crypto. It turns out that operating systems like AIX, HPUX, and Solaris 10 don't support ctors/dtors. In order to provide support for those OSs, I opted to remove the ctors/dtors entries and call cl_initialize_crypto directly in the applications that we distribute that consume libclamav (clamscan, clamd, clamdscan, freshclam, etc.) That means that we're no longer calling cl_initialize_crypto in the background and third-party applications will need to call cl_initialize_crypto themselves. But that may or may not change with the discussion on Monday. Thanks, Shawn On Thu, Jun 26, 2014 at 12:37 PM, Paul Kosinski cla...@iment.com wrote: Shawn, Yes indeed, HAVP calls into libclamav directly. But then why does this only fail in 0.98.4 but *not* in 0.98.3? Wasn't OpenSSL already being used in 0.98.3? An additional problem is that the HAVP developer seems to have stopped working on it, according to the HAVP forum (http://havp.hege.li/forum/). Of course, since HAVP is Open Source, I could change it for my use (but I don't want to take it over). Thanks for the quick response, Paul Hey Paul, It looks like HAVP is calling into libclamav directly. That means that HAVP will need to either initialize OpenSSL prior to calling the cl_init() function in libclamav, or it will need to call cl_initialize_crypto() prior to calling cl_init(). We have an open bug on our end to track this issue (bugzilla bug 11037). Additionally, a bug report should be opened with HAVP to document the issue on their end. I will be discussing with the team soon potential solutions going forward. Thanks, Shawn ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] Problem with ClamAV 0.98.4 - HAVP won't load CVD files
On Thursday, June 26, 2014 00:37:38 Paul Kosinski wrote: I'm using HAVP (0.92) on Linux (openSuSE 13.1) as a virus scanning filter for HTTP traffic. It worked perfectly with ClamAV 0.98.3 (and many previous versions), but now it won't start at all with 0.98.4. HAVP uses libclamav.so to do the actual scanning (more efficient than even the socket interface), so it starts by loading the various CVD files. With 0.98.4, HAVP fails thus: 25/06/2014 20:30:54 === Starting HAVP Version: 0.92 25/06/2014 20:30:54 Running as user: havp, group: havp 25/06/2014 20:30:54 --- Initializing ClamAV Library Scanner 25/06/2014 20:30:54 ClamAV: Using database directory: /opt/clamav/share/clamav 25/06/2014 20:30:54 ClamAV: Could not load database: Can't allocate memory 25/06/2014 20:30:54 Error initializing ClamAV Library Scanner! While with 0.98.3, HAVP succeeds: 25/06/2014 20:32:48 === Starting HAVP Version: 0.92 25/06/2014 20:32:48 Running as user: havp, group: havp 25/06/2014 20:32:48 --- Initializing ClamAV Library Scanner 25/06/2014 20:32:48 ClamAV: Using database directory: /opt/clamav/share/clamav 25/06/2014 20:32:55 ClamAV: Loaded 3470096 signatures (engine 0.98.3) 25/06/2014 20:32:56 ClamAV Library Scanner passed EICAR virus test (Eicar-Test-Signature) 25/06/2014 20:32:56 --- All scanners initialized A previous posting to this list implied that such (presumably bogus) memory errors might be related to the switch to OpenSSL. In both cases, I'm using OpenSSL 1.0.1h-1.60.1 (openSuSE's latest version), and the clamd.conf file and HAVP binary are the same. We've confirmed the same issue on Ubuntu, so it's not distro specific. Scott K ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] Problem with ClamAV 0.98.4 - HAVP won't load CVD files
An ABI break like this should have come with an increased SO version. Scott K On Thursday, June 26, 2014 12:52:47 Shawn Webb wrote: Hey Paul, The reason for that is likely due to my usage of ctors and dtors with 0.98.3. In that version, I had added a ctors entry in libclamav to call cl_initialize_crypto and a dtors entry to call cl_cleanup_crypto. It turns out that operating systems like AIX, HPUX, and Solaris 10 don't support ctors/dtors. In order to provide support for those OSs, I opted to remove the ctors/dtors entries and call cl_initialize_crypto directly in the applications that we distribute that consume libclamav (clamscan, clamd, clamdscan, freshclam, etc.) That means that we're no longer calling cl_initialize_crypto in the background and third-party applications will need to call cl_initialize_crypto themselves. But that may or may not change with the discussion on Monday. Thanks, Shawn On Thu, Jun 26, 2014 at 12:37 PM, Paul Kosinski cla...@iment.com wrote: Shawn, Yes indeed, HAVP calls into libclamav directly. But then why does this only fail in 0.98.4 but *not* in 0.98.3? Wasn't OpenSSL already being used in 0.98.3? An additional problem is that the HAVP developer seems to have stopped working on it, according to the HAVP forum (http://havp.hege.li/forum/). Of course, since HAVP is Open Source, I could change it for my use (but I don't want to take it over). Thanks for the quick response, Paul Hey Paul, It looks like HAVP is calling into libclamav directly. That means that HAVP will need to either initialize OpenSSL prior to calling the cl_init() function in libclamav, or it will need to call cl_initialize_crypto() prior to calling cl_init(). We have an open bug on our end to track this issue (bugzilla bug 11037). Additionally, a bug report should be opened with HAVP to document the issue on their end. I will be discussing with the team soon potential solutions going forward. Thanks, Shawn ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] Problem with ClamAV 0.98.4 - HAVP won't load CVD files
Hello, HAVP developer here. I'll release a new version if it's required, but I guess that will have to wait on the discussions. Hopefully it's not even necessary and 0.98.4 will remain an unused dark horse version.. Cheers, Henrik On Thu, Jun 26, 2014 at 05:35:08PM +, cla...@it-connect-unix.de wrote: Hello there, I'm Kare from copfilter.org I saw this discussion about failing havp with ClamAV 0.98.4 and we also use havp in our project for a long time. There is a way to get havp working, until an other solution has been found. Go to havp.config and disable clamlib and enabel the socket mode ENABLECLAMLIB false ENABLECLAMD true CLAMDSOCKET /var/log/clamd.socket I planned to contact the developer on weekend Regards Zitat von Shawn Webb sw...@sourcefire.com: Hey Paul, The reason for that is likely due to my usage of ctors and dtors with 0.98.3. In that version, I had added a ctors entry in libclamav to call cl_initialize_crypto and a dtors entry to call cl_cleanup_crypto. It turns out that operating systems like AIX, HPUX, and Solaris 10 don't support ctors/dtors. In order to provide support for those OSs, I opted to remove the ctors/dtors entries and call cl_initialize_crypto directly in the applications that we distribute that consume libclamav (clamscan, clamd, clamdscan, freshclam, etc.) That means that we're no longer calling cl_initialize_crypto in the background and third-party applications will need to call cl_initialize_crypto themselves. But that may or may not change with the discussion on Monday. Thanks, Shawn On Thu, Jun 26, 2014 at 12:37 PM, Paul Kosinski cla...@iment.com wrote: Shawn, Yes indeed, HAVP calls into libclamav directly. But then why does this only fail in 0.98.4 but *not* in 0.98.3? Wasn't OpenSSL already being used in 0.98.3? An additional problem is that the HAVP developer seems to have stopped working on it, according to the HAVP forum (http://havp.hege.li/forum/). Of course, since HAVP is Open Source, I could change it for my use (but I don't want to take it over). Thanks for the quick response, Paul Hey Paul, It looks like HAVP is calling into libclamav directly. That means that HAVP will need to either initialize OpenSSL prior to calling the cl_init() function in libclamav, or it will need to call cl_initialize_crypto() prior to calling cl_init(). We have an open bug on our end to track this issue (bugzilla bug 11037). Additionally, a bug report should be opened with HAVP to document the issue on their end. I will be discussing with the team soon potential solutions going forward. Thanks, Shawn ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] Problem with ClamAV 0.98.4 - HAVP won't load CVD files
On 6/26/14, 9:47 PM, Henrik K wrote: Hello, HAVP developer here. I'll release a new version if it's required, but I guess that will have to wait on the discussions. Hopefully it's not even necessary and 0.98.4 will remain an unused dark horse version.. Cheers, Henrik It is here. dp ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml