Re: [clamav-users] Detected Email.Phishing.VOF1-6295284-0 in several emails - False positive??

On Mon, 24 Apr 2017 04:22:39 -0700 Al Varnell wrote: > And Email.Phishing.VOF1-6295446-0 was dropped in daily 23325, so after > running freshclam you should not be seeing either of these. > > -Al- > > On Mon, Apr 24, 2017 at 03:59 AM, Gene Heskett wrote: > > > > On Monday

Re: [clamav-users] clamscan output

Am 23.04.2017 um 17:20 schrieb Lyle Holmes: Probably simple to resolve. Clamscan sends the results of the daily scan in an email. Results similar to the one below for each directory in /home. Unfortunately clamscan is appending the new results to the prior day's results; making a ridiculously

Re: [clamav-users] clamscan output

Hi there, On Sun, 23 Apr 2017, Lyle Holmes wrote: ... /home ... ... ridiculously long emails ... Since you mentioned '/home', I'm guessing that your operating system isn't a Windows variant. But that still leaves a lot of wiggle-room. For future reference we need to know a lot more about

Re: [clamav-users] Mirror problem

I’ve created a ticket for removal for our operations team. -- Joel Esler | Talos: Manager | jes...@cisco.com On Apr 20, 2017, at 2:48 PM, Ted Hatfield > wrote: On Thu, 20 Apr 2017, Kristen R. wrote: On 4/20/17 7:42 AM, Dennis

Re: [clamav-users] Mirror problem

Thanks Ted. -- Joel Esler | Talos: Manager | jes...@cisco.com On Apr 20, 2017, at 2:48 PM, Ted Hatfield > wrote: On Thu, 20 Apr 2017, Kristen R. wrote: On 4/20/17 7:42 AM, Dennis Peterson wrote: Anyone else seeing this?

Re: [clamav-users] ClamAV for EnterPrise

0.99.3 is coming, it’s under active development now. As far 3rd party signatures, we are happy to accept any, and all 3rd party signature databases that which to be included in the official set (there is at least one now (http://www.clamav.net/contact#partners) with another two that are

Re: [clamav-users] Detected Email.Phishing.VOF1-6295284-0 in several emails - False positive??

And Email.Phishing.VOF1-6295446-0 was dropped in daily 23325, so after running freshclam you should not be seeing either of these. -Al- On Mon, Apr 24, 2017 at 03:59 AM, Gene Heskett wrote: > > On Monday 24 April 2017 04:57:37 D wrote: > >> This was detected on Friday night and one email was

Re: [clamav-users] Detected Email.Phishing.VOF1-6295284-0 in several emails - False positive??

On Monday 24 April 2017 04:57:37 D wrote: > This was detected on Friday night and one email was dated in 2012. > > Previous week's scan was clean. Scans 2 days old were fine. But I've 2 more hits on old messages from the Email.Phishing.VOF1-6295446-0 in a different folder. > Could this be a

Re: [clamav-users] Signature analysis

Use: sigtool --find Non-hash signatures can be further interpreted using: sigtool --find |sigtool --decode-sigs Some of the newer signature formats are not fully decoded and I've been told that ByteCode signature results do not completely describe them. -Al- On Mon, Apr 24, 2017 at 02:25

[clamav-users] Signature analysis

Hello, Is there a way to see what a signature is specifically looking for (like when clamav-du[.]securesites[.]net/cgi-bin/clamgrok was operational?) Since it went down I haven’t been able to find something similar. I have received an alert about BC.Win.Exploit.CVE_2017_0060-6099223-1, but

Re: [clamav-users] Detected Email.Phishing.VOF1-6295284-0 in several emails - False positive??

I guess you must have missed that discussion here beginning on Friday. That signature was dropped in daily 23321. -Al- On Mon, Apr 24, 2017 at 01:57 AM, D wrote: > > This was detected on Friday night and one email was dated in 2012. > > Previous week's scan was clean. > > Could this be a

[clamav-users] Detected Email.Phishing.VOF1-6295284-0 in several emails - False positive??

This was detected on Friday night and one email was dated in 2012. Previous week's scan was clean. Could this be a false positive? David ___ clamav-users mailing list clamav-users@lists.clamav.net