Hello,
We have detected that ClamAV mirror 217.173.238.34 has outdated signatures
(version 15577).
Cheers,
Jake
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
On 12/12/12 1:14 AM, Jake Bowl wrote:
We have detected that ClamAV mirror 217.173.238.34 has outdated signatures
(version 15577).
I suspect they already know from the status of ClamAV® Database mirrors page
http://www.clamav.net/mirrors.html.
It would appear that clamav.lie-comtel.li in
Tom Kinghorn skrev den 12-12-2012 13:54:
However, it returns malformed database.
might be to much wildcard
try make signature match *.pisem.ru and hope it solves it
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
On 12/12/2012 15:10, Benny Pedersen wrote:
might be to much wildcard
try make signature match *.pisem.ru and hope it solves it
___
Thanks for the response.
The hostname.domainname part is randomized, so it would need to be a
wildcard.
1
On 12/12/2012 15:19, Tom Kinghorn wrote:
_
Thanks for the response.
The hostname.domainname part is randomized, so it would need to be a
wildcard.
1 constant is that the domain part (in this case pisem) always seems
to be 5 letters.
the .tld also changes
On 12/12/2012 15:38, Benny Pedersen wrote:
echo pisem.ru | sigtool --hex-dump hex.1
echo example.org | sigtoo --hex-dump hex.2
join hex.1 and hex.2 into a logical or signature so it is just one
signature, then if there is more toplevel spam domain, add this as one
more hex.x to the logical,
On Wed, Dec 12, 2012 at 4:48 AM, Al Varnell alvarn...@mac.com wrote:
On 12/12/12 1:14 AM, Jake Bowl wrote:
We have detected that ClamAV mirror 217.173.238.34 has outdated
signatures
(version 15577).
I suspect they already know from the status of ClamAV® Database mirrors
page
Hi David
On 10.12.2012 17:03, David Raynor wrote:
So let's try the easiest one first: how big is the file? If you have raised
it past the filescan max size, then default installations will skip it and
report OK.
Any suggestion what i could do about that?
Best regards
Matthias
--
Matthias
Matthias,
What architecture are you running ClamAV on? x86/64, PowerPC, SPARC, etc..?
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Just wanted to make an observation that we've had several reports by ClamXav
users (OS X platform) this week of possible false positives in the Bytecode
area since update 203 on Friday.
On Monday:
BC.Exploit.CVE_2012_2543 http://clamxav.com/BB/viewtopic.php?f=1t=2996
and
Al,
Thanks for the heads up. We received a few FP reports and are addressing
them.
Thanks,
- Alain
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Hello Alain
Am 12.12.2012 18:38, schrieb Alain Zidouemba:
Matthias,
What architecture are you running ClamAV on? x86/64, PowerPC, SPARC, etc..?
SPARC (SunOS 5.10)
Best regards
Matthias
--
Matthias Egger
IT Support Gruppe D-ITET (ISG.EE)
ETH Zürich, ETL F 24.1
Physikstrasse 3
8092 Zürich
+41
Looks like Dr. Web finally got around to uploading Trojan.SMSSend.3666 to
VirusTotal here
https://www.virustotal.com/file/0e8269e425123e3b9a8c7adc94fa5ba5e60f934db3e
b61f43eeebeb40ad21654/analysis/. Dr. Web's write-up is here
http://news.d rweb.com/show/?i=3138. Apple has updated their system
13 matches
Mail list logo