date:20160407

[clamav-users] Phishing FPs (chase.com, americanexpress.com)

2016-04-07 Thread Alex

Hi,

This HTML is resulting in an FP with hyatt.com and chase.com:
http://e.hyatt.com/a/hBXBU6kB8hHSgB9KBuvAATyM-YE/gpgchfaq?MARKET=
ING_CODE=3DHycardSolo16GE1T_ID=3DG-G96179703L"
target=3D"_blank" = style=3D"color:#1564a4;
text-decoration:underline;">www.Chase.com/RewardsFA=
Qs.


LibClamAV debug: Phishcheck:Checking url
http://e.hyatt.com/a/hBXBU6kB8hHSgB9KBuvAATyM-YE/gpgchfaq?MARKETING_CODE=HycardSolo16GE1T_id=G-G96179703L->www.Chase.com/RewardsFAQs
LibClamAV debug: Phishcheck: Phishing scan result: URLs are way too different
LibClamAV debug: found Possibly Unwanted:
Heuristics.Phishing.Email.SpoofedDomain

This HTML is resulting in an FP with hilton.com and americanexpress.com:
http://h1.hilton.com/a/hBXBouxAJZxlvB9L9=
L5ArLZiuwY/hhon28" style=3D"color: #7c7c7c;">AmericanExpress.com/PPterms

LibClamAV debug: Phishcheck:Checking url
http://h1.hilton.com/a/hBXBouxAJZxlvB9L9L5ArLZiuwY/hhon28->AmericanExpress.com/PPt
erms
LibClamAV debug: Phishcheck: Phishing scan result: URLs are way too different
LibClamAV debug: found Possibly Unwanted:
Heuristics.Phishing.Email.SpoofedDomain

I've added two entries to my whitelist.wdb file:
X:.+hilton\.com:americanexpress\.com:17-
X:.+hyatt.com:www.chase.com:17-

Thanks,
Alex
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] update

2016-04-07 Thread Dennis Peterson


There are some trouble shooting tips at that link that may be helpful.

dp

On 4/7/16 11:44 AM, Al Varnell wrote:

It’s possible you will run into another such user here, but Cisco/ClamAV isn’t 
responsible for ClamTk, so you’ll probably get an answer faster by contacting 
Dave M at the link I gave you earlier.

-Al-

On Thu, Apr 07, 2016 at 11:35 AM, Rick wrote:

Linux mint mate 17.3

On 04/07/2016 02:29 PM, Al Varnell wrote:

Are you running a Linux system of some sort with ClamTK?  That’s the only thing 
I can find with a 4.45 version.



-Al-

On Thu, Apr 07, 2016 at 11:21 AM, Rick wrote:

ClamAV

On 04/07/2016 02:12 PM, Al Varnell wrote:

No, I mean is it ClamWin or ClamXav or something else?  You will need to ask 
the GUI developer about their product.

-Al-

On Thu, Apr 07, 2016 at 11:01 AM, Rick wrote:

version 4.45

On 04/07/2016 01:53 PM, Al Varnell wrote:

What GUI version is that?

-Al-

On Thu, Apr 07, 2016 at 10:25 AM, Rick wrote:

The GUI version will not update. It says there is an update.

What do I do ?

Also the clamav is one version below what is current. What do I need to do to 
update it ?


Rick Nilson


___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml


___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] update

2016-04-07 Thread Al Varnell

It’s possible you will run into another such user here, but Cisco/ClamAV isn’t 
responsible for ClamTk, so you’ll probably get an answer faster by contacting 
Dave M at the link I gave you earlier.

-Al-

On Thu, Apr 07, 2016 at 11:35 AM, Rick wrote:
> 
> Linux mint mate 17.3
> 
> On 04/07/2016 02:29 PM, Al Varnell wrote:
>> Are you running a Linux system of some sort with ClamTK?  That’s the only 
>> thing I can find with a 4.45 version.
>> 
>> 
>> 
>> -Al-
>> 
>> On Thu, Apr 07, 2016 at 11:21 AM, Rick wrote:
>>> ClamAV
>>> 
>>> On 04/07/2016 02:12 PM, Al Varnell wrote:
 No, I mean is it ClamWin or ClamXav or something else?  You will need to 
 ask the GUI developer about their product.
 
 -Al-
 
 On Thu, Apr 07, 2016 at 11:01 AM, Rick wrote:
> version 4.45
> 
> On 04/07/2016 01:53 PM, Al Varnell wrote:
>> What GUI version is that?
>> 
>> -Al-
>> 
>> On Thu, Apr 07, 2016 at 10:25 AM, Rick wrote:
>>> The GUI version will not update. It says there is an update.
>>> 
>>> What do I do ?
>>> 
>>> Also the clamav is one version below what is current. What do I need to 
>>> do to update it ?
>>> 
>>> 
>>> Rick Nilson


smime.p7s
Description: S/MIME cryptographic signature
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] update

2016-04-07 Thread Rick


Linux mint mate 17.3

On 04/07/2016 02:29 PM, Al Varnell wrote:

Are you running a Linux system of some sort with ClamTK?  That’s the only thing 
I can find with a 4.45 version.



-Al-

On Thu, Apr 07, 2016 at 11:21 AM, Rick wrote:

ClamAV

On 04/07/2016 02:12 PM, Al Varnell wrote:

No, I mean is it ClamWin or ClamXav or something else?  You will need to ask 
the GUI developer about their product.

-Al-

On Thu, Apr 07, 2016 at 11:01 AM, Rick wrote:

version 4.45

On 04/07/2016 01:53 PM, Al Varnell wrote:

What GUI version is that?

-Al-

On Thu, Apr 07, 2016 at 10:25 AM, Rick wrote:

The GUI version will not update. It says there is an update.

What do I do ?

Also the clamav is one version below what is current. What do I need to do to 
update it ?


Rick Nilson


___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

-Al-


___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

-Al-


___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml


___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] update

2016-04-07 Thread Rick

|clamtk 
http://askubuntu.com/questions/250290/how-do-i-scan-for-viruses-with-clamav 
|




On 04/07/2016 02:27 PM, Dennis Peterson wrote:

ClamAV doesn't have a gui.

dp

On 4/7/16 11:21 AM, Rick wrote:

ClamAV

On 04/07/2016 02:12 PM, Al Varnell wrote:
No, I mean is it ClamWin or ClamXav or something else?  You will 
need to ask the GUI developer about their product.


-Al-

On Thu, Apr 07, 2016 at 11:01 AM, Rick wrote:

version 4.45

On 04/07/2016 01:53 PM, Al Varnell wrote:

What GUI version is that?

-Al-

On Thu, Apr 07, 2016 at 10:25 AM, Rick wrote:

The GUI version will not update. It says there is an update.

What do I do ?

Also the clamav is one version below what is current. What do I 
need to do to update it ?



Rick Nilson


___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

-Al-


___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml


___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml


___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml


___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] update

2016-04-07 Thread Al Varnell

Are you running a Linux system of some sort with ClamTK?  That’s the only thing 
I can find with a 4.45 version.



-Al-

On Thu, Apr 07, 2016 at 11:21 AM, Rick wrote:
> 
> ClamAV
> 
> On 04/07/2016 02:12 PM, Al Varnell wrote:
>> No, I mean is it ClamWin or ClamXav or something else?  You will need to ask 
>> the GUI developer about their product.
>> 
>> -Al-
>> 
>> On Thu, Apr 07, 2016 at 11:01 AM, Rick wrote:
>>> version 4.45
>>> 
>>> On 04/07/2016 01:53 PM, Al Varnell wrote:
 What GUI version is that?
 
 -Al-
 
 On Thu, Apr 07, 2016 at 10:25 AM, Rick wrote:
> The GUI version will not update. It says there is an update.
> 
> What do I do ?
> 
> Also the clamav is one version below what is current. What do I need to 
> do to update it ?
> 
> 
> Rick Nilson
> 
> 
> ___
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml
>>> ___
>>> Help us build a comprehensive ClamAV guide:
>>> https://github.com/vrtadmin/clamav-faq
>>> 
>>> http://www.clamav.net/contact.html#ml
>> -Al-
>> 
>> 
>> ___
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>> 
>> http://www.clamav.net/contact.html#ml
> 
> ___
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

-Al-
-- 
Al Varnell
Mountain View, CA






smime.p7s
Description: S/MIME cryptographic signature
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] update

2016-04-07 Thread Dennis Peterson


ClamAV doesn't have a gui.

dp

On 4/7/16 11:21 AM, Rick wrote:

ClamAV

On 04/07/2016 02:12 PM, Al Varnell wrote:
No, I mean is it ClamWin or ClamXav or something else?  You will need to ask 
the GUI developer about their product.


-Al-

On Thu, Apr 07, 2016 at 11:01 AM, Rick wrote:

version 4.45

On 04/07/2016 01:53 PM, Al Varnell wrote:

What GUI version is that?

-Al-

On Thu, Apr 07, 2016 at 10:25 AM, Rick wrote:

The GUI version will not update. It says there is an update.

What do I do ?

Also the clamav is one version below what is current. What do I need to do 
to update it ?



Rick Nilson


___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

-Al-


___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml


___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml


___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] update

2016-04-07 Thread Al Varnell

No, I mean is it ClamWin or ClamXav or something else?  You will need to ask 
the GUI developer about their product.

-Al-

On Thu, Apr 07, 2016 at 11:01 AM, Rick wrote:
> 
> version 4.45
> 
> On 04/07/2016 01:53 PM, Al Varnell wrote:
>> What GUI version is that?
>> 
>> -Al-
>> 
>> On Thu, Apr 07, 2016 at 10:25 AM, Rick wrote:
>>> The GUI version will not update. It says there is an update.
>>> 
>>> What do I do ?
>>> 
>>> Also the clamav is one version below what is current. What do I need to do 
>>> to update it ?
>>> 
>>> 
>>> Rick Nilson
>>> 
>>> 
>>> ___
>>> Help us build a comprehensive ClamAV guide:
>>> https://github.com/vrtadmin/clamav-faq
>>> 
>>> http://www.clamav.net/contact.html#ml
> 
> ___
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

-Al-
-- 
Al Varnell
Mountain View, CA






smime.p7s
Description: S/MIME cryptographic signature
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] update

2016-04-07 Thread Al Varnell

What GUI version is that?

-Al-

On Thu, Apr 07, 2016 at 10:25 AM, Rick wrote:
> 
> The GUI version will not update. It says there is an update.
> 
> What do I do ?
> 
> Also the clamav is one version below what is current. What do I need to do to 
> update it ?
> 
> 
> Rick Nilson


smime.p7s
Description: S/MIME cryptographic signature
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] LibClamAV Warning: cli_tnef: file truncated, returning CLEAN

2016-04-07 Thread Steven Morgan

Hi,

Looking in the code, the file was truncated, as the warning message states.
The message is issued by the TNEF file parser. Returning CLEAN from the
parser tells the caller(the TNEF scanner) to scan all of the previously
extracted parts of the TNEF message for viruses.

Hope this helps,
Steve
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] LibClamAV Warning: cli_tnef: file truncated, returning CLEAN

2016-04-07 Thread Marco


Hello,

 I would like to know what this clamd warn means:

"LibClamAV Warning: cli_tnef: file truncated, returning CLEAN"


I run

ClamAV 0.99.1/21486/Tue Apr  5 22:19:10 2016

on amavisd and clamav-milter.

In deep, I would like to know if this warning could be a issue  
allowing some malwares to bypass a scan.


Thank you very much
Marco





___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] Phishing FPs (chase.com, americanexpress.com)

Re: [clamav-users] update

Re: [clamav-users] update

Re: [clamav-users] update

Re: [clamav-users] update

Re: [clamav-users] update

Re: [clamav-users] update

Re: [clamav-users] update

Re: [clamav-users] update

Re: [clamav-users] LibClamAV Warning: cli_tnef: file truncated, returning CLEAN

[clamav-users] LibClamAV Warning: cli_tnef: file truncated, returning CLEAN

11 matches

Site Navigation

Mail list logo

Footer information