Re: [Clamav-users] Re: Worm.Mytob
Samuel Benzaquen wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of René Berber Sent: Wednesday, June 08, 2005 4:00 PM To: clamav-users@lists.clamav.net Subject: [Clamav-users] Re: Worm.Mytob Pavel R. Levashov wrote: I have a mail server (sendmail on RedHat 7.3) with clamav antivirus (clamd version 0.85.1, clamav-milter version 0.85). Clamd updates its antivirus bases regularly, clamav-milter catches all viruses except one: Worm.Mytob. This virus is transparent for clamav-milter. The surprise is that ClamWin 0.85.1 on Windows XP finds this virus at once. Could you give me a piece of advise what is the reason of such behavior? Below are pieces of log files on RedHat Linux 7.3 from freshclam.log: -- Received signal: wake up ClamAV update process started at Wed Jun 8 22:33:09 2005 main.cvd is up to date (version: 32, sigs: 34720, f-level: 5, builder: tkojm) daily.cvd is up to date (version: 921, sigs: 753, f-level: 5, builder: diego) -- Are you using clamav-milter with or without clamd? If you are using it with clamd then you should add (uncomment really) NotifyClamd in your freshclam.conf . This may only solve the problem if clamd has been running a long time but not refreshing the database (since freshclam is not telling it to do it). Nevertheless, clamd's SelfCheck would have reloaded the new database if it has been written to the right directory. You can check the running version sending the VERSION command to clamd's socket. You could be ommiting some option on clamd's conf. Is it with all Mytob sigs or some specific sigs ? -Samuel ___ http://lurker.clamav.net/list/clamav-users.html Thank you very much for your advice. The reason was in misconfiguration of the clamd daemon. Best wishes, Pavel Levashov ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Worm.Mytob
Hi all, Please help me to solve the following problem. I have a mail server (sendmail on RedHat 7.3) with clamav antivirus (clamd version 0.85.1, clamav-milter version 0.85). Clamd updates its antivirus bases regularly, clamav-milter catches all viruses except one: Worm.Mytob. This virus is transparent for clamav-milter. The surprise is that ClamWin 0.85.1 on Windows XP finds this virus at once. Could you give me a piece of advise what is the reason of such behavior? Below are pieces of log files on RedHat Linux 7.3 from freshclam.log: -- Received signal: wake up ClamAV update process started at Wed Jun 8 22:33:09 2005 main.cvd is up to date (version: 32, sigs: 34720, f-level: 5, builder: tkojm) daily.cvd is up to date (version: 921, sigs: 753, f-level: 5, builder: diego) -- on Windows XP: -- ClamAV update process started at Wed Jun 8 22:13:53 2005 main.cvd updated (version: 32, sigs: 34720, f-level: 5, builder: tkojm) daily.cvd updated (version: 921, sigs: 753, f-level: 5, builder: diego) Database updated (35473 signatures) from database.clamav.net (IP: 213.184.16.3) Thank you in advance, Pavel Levashov ___ http://lurker.clamav.net/list/clamav-users.html
