date:20210611

Re: [clamav-users] clamsubmit fails with Authenticity token element not found.

2021-06-11 Thread Virgo Pärna via clamav-users

On Thu, 10 Jun 2021 14:58:25 +0100 (BST), G.W. Haywood via clamav-users 
 wrote:
>
> On Thu, 10 Jun 2021, Virgo Pärna via clamav-users wrote:
>
>> > When did you first use clamsubmit?
>> 
>> This version - today. I have used it past couple of times.
>
> Did you use the same '-N' command line argument?  Did it succeed?

Jes, same name.
>
>> ...
>> -N "Virgo Pärna"
>> Authenticity token element not found.
>
> Just a thought, because things like this have bitten me in the past,
> is it perhaps a problem with the character set you're using?  In your
> name, the character after the 'P' is obviously not going to be ASCII.

Changing it to ae did not help.

-- 
Virgo Pärna 
virgo.pa...@mail.ee


___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] clamsubmit fails with Authenticity token element not found.

2021-06-11 Thread Virgo Pärna via clamav-users

On Fri, 11 Jun 2021 02:37:59 +, Micah Snyder (micasnyd) via clamav-users 
 wrote:
>
> Would you be able to test a pull request? Here's the PR: 
> https://github.com/Cisco-Talos/clamav/pull/167

And it worked. Just running clamsubmit directly from build/clamsubmit/
Just required cmake from buster-backports and bunch of dev
libraries to be installed.

-- 
Virgo Pärna 
virgo.pa...@mail.ee


___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] KACE false positive

2021-06-11 Thread Douglas Stinnette

It has been over a year since there was a wide false positive across ClamAV.
"/Library/Application Support/Quest/KACE/bin/klog"
"Unix.Malware.Macos-9867919-0 FOUND"

I do not recall how to address this. Any suggestions would be great.
Thanks,
Doug
-- 


Douglas Stinnette

VCU Technology Services

Endpoint Security Specialist

Virginia Commonwealth University

827-0933



Don't be a phishing victim - VCU and other reputable organizations will
never use email to request that you reply with your password, Social
Security number or confidential personal information. For more details
visit http://go.vcu.edu/phishing or http://phishing.vcu.edu.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] KACE false positive

2021-06-11 Thread Alain Zidouemba

Thanks for reporting. Will be addressed in the next CVD update.

-Alain

On Fri, Jun 11, 2021 at 10:44 AM Douglas Stinnette  wrote:

>
> It has been over a year since there was a wide false positive across
> ClamAV.
> "/Library/Application Support/Quest/KACE/bin/klog"
> "Unix.Malware.Macos-9867919-0 FOUND"
>
> I do not recall how to address this. Any suggestions would be great.
> Thanks,
> Doug
> --
>
>
> Douglas Stinnette
>
> VCU Technology Services
>
> Endpoint Security Specialist
>
> Virginia Commonwealth University
>
> 827-0933
>
>
>
> Don't be a phishing victim - VCU and other reputable organizations will
> never use email to request that you reply with your password, Social
> Security number or confidential personal information. For more details
> visit http://go.vcu.edu/phishing or http://phishing.vcu.edu.
>
> ___
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] KACE false positive

2021-06-11 Thread Joel Esler (jesler) via clamav-users

Douglas,

Thank you for your email. Here is a good place to file false positives: 
https://www.clamav.net/reports/fp  for 
future reference.

-- 
Joel Esler
Manager, Communities Division
Cisco Talos Intelligence Group
https://www.talosintelligence.com | https://www.snort.org | 
https://www.clamav.net 

> On Jun 11, 2021, at 10:42 AM, Douglas Stinnette  wrote:
> 
> 
> It has been over a year since there was a wide false positive across ClamAV.
> "/Library/Application Support/Quest/KACE/bin/klog" 
> "Unix.Malware.Macos-9867919-0 FOUND"
> 
> I do not recall how to address this. Any suggestions would be great.
> Thanks,
> Doug
> -- 
> 
> Douglas Stinnette
> VCU Technology Services
> Endpoint Security Specialist
> Virginia Commonwealth University
> 827-0933
>  
> Don't be a phishing victim - VCU and other reputable organizations will never 
> use email to request that you reply with your password, Social Security 
> number or confidential personal information. For more details visit 
> http://go.vcu.edu/phishing  or 
> http://phishing.vcu.edu .
> 
> ___
> 
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml



smime.p7s
Description: S/MIME cryptographic signature

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] KACE false positive

2021-06-11 Thread Douglas Stinnette

Hi  Alain,

Thank you very much!
Doug

On Fri, Jun 11, 2021 at 11:07 AM Alain Zidouemba 
wrote:

> Thanks for reporting. Will be addressed in the next CVD update.
>
> -Alain
>
> On Fri, Jun 11, 2021 at 10:44 AM Douglas Stinnette 
> wrote:
>
>>
>> It has been over a year since there was a wide false positive across
>> ClamAV.
>> "/Library/Application Support/Quest/KACE/bin/klog"
>> "Unix.Malware.Macos-9867919-0 FOUND"
>>
>> I do not recall how to address this. Any suggestions would be great.
>> Thanks,
>> Doug
>> --
>>
>>
>> Douglas Stinnette
>>
>> VCU Technology Services
>>
>> Endpoint Security Specialist
>>
>> Virginia Commonwealth University
>>
>> 827-0933
>>
>>
>>
>> Don't be a phishing victim - VCU and other reputable organizations will
>> never use email to request that you reply with your password, Social
>> Security number or confidential personal information. For more details
>> visit http://go.vcu.edu/phishing or http://phishing.vcu.edu.
>>
>> ___
>>
>> clamav-users mailing list
>> clamav-users@lists.clamav.net
>> https://lists.clamav.net/mailman/listinfo/clamav-users
>>
>>
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>>
>> http://www.clamav.net/contact.html#ml
>>
>
> ___
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>


-- 


Douglas Stinnette

VCU Technology Services

Endpoint Security Specialist

Virginia Commonwealth University

827-0933



Don't be a phishing victim - VCU and other reputable organizations will
never use email to request that you reply with your password, Social
Security number or confidential personal information. For more details
visit http://go.vcu.edu/phishing or http://phishing.vcu.edu.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] KACE false positive

2021-06-11 Thread G.W. Haywood via clamav-users


Hi there,

On Fri, 11 Jun 2021, Douglas Stinnette wrote:


It has been over a year since there was a wide false positive across ClamAV.
"/Library/Application Support/Quest/KACE/bin/klog"
"Unix.Malware.Macos-9867919-0 FOUND"

I do not recall how to address this. Any suggestions would be great.


Additionally, in the interim before the false positive is addressed by
the ClamAV team and the databases are updated, you can create a file
in your local ClamAV database directory which contains the MD5 hash of
the file which is being incorrectly flagged.

https://docs.clamav.net/manual/Signatures/AllowLists.html

Do make sure that it _is_ a false positive before you do that. :)

--

73,
Ged.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] clamsubmit fails with Authenticity token element not found.

Re: [clamav-users] clamsubmit fails with Authenticity token element not found.

[clamav-users] KACE false positive

Re: [clamav-users] KACE false positive

Re: [clamav-users] KACE false positive

Re: [clamav-users] KACE false positive

Re: [clamav-users] KACE false positive

7 matches

Site Navigation

Mail list logo

Footer information