Re: [clamav-users] Can ClamAV detect LKM rootkits?

2018-12-03 Thread Al Varnell
ClamAV will detect all forms of malware on all platforms that it is aware of. Thousands of samples of existing malware are received by them daily from a variety of sources, none more valuable than users like you. Please submit Adore-ng to . Sent from my iP

[clamav-users] Can ClamAV detect LKM rootkits?

2018-12-03 Thread zhuangxiaohui
Hey guys, I've tested two types of rootkits with ClamAV. Adore-ng(kernel level) & Mafix(application level) Well, virus implanted by Mafix were completedly detected : /usr/bin/md5sum: Unix.Malware.Agent-6005569-0 FOUND /usr/bin/find: Win.Trojan.U-110 FOUND /usr/bin/pstree: Win.Trojan.Rootkit-5

[clamav-users] ClamAV® blog: ClamAV 0.101.0 has been released!

2018-12-03 Thread Joel Esler (jesler)
> > https://blog.clamav.net/2018/12/clamav-01010-has-been-released.html > > > ClamAV 0.101.0 has been released! > > We are pleased to announce the release of ClamAV 0.101.0! Please take a look > at the below release notes

Re: [clamav-users] Disable MaxFileSize and MaxFileSize to scan the whole system

2018-12-03 Thread Dennis Peterson
If it is a big concern you can use the split command to create  "splits" of the suspect file. Split accepts various size arguments (bytes, lines...) and will create as many files as it takes to split the entire large file. These can be scanned individually and discarded when done. There is a ris

Re: [clamav-users] Disable MaxFileSize and MaxFileSize to scan the whole system

2018-12-03 Thread Albert o
Well I just want to be sure that the big files which can't be scanned don't contain viruses... BTW thanks everyone for helping me out On Mon, Dec 3, 2018, 17:21 Noel Jones What kind of giant files are you scanning? Many big files, such as > hard drive/DVD images or "raw" database files, are like

Re: [clamav-users] Disable MaxFileSize and MaxFileSize to scan the whole system

2018-12-03 Thread Noel Jones
What kind of giant files are you scanning? Many big files, such as hard drive/DVD images or "raw" database files, are likely to generate random false positives. -- Noel Jones On 12/3/2018 3:59 AM, Albert o wrote: > Alright thank you. Is there a way to make clamscan do the same? > > On Mon

Re: [clamav-users] Disable MaxFileSize and MaxFileSize to scan the whole system

2018-12-03 Thread Albert o
Alright thank you. Is there a way to make clamscan do the same? On Mon, Dec 3, 2018, 09:18 Al Varnell MaxFileSize 0 disables limiting, but that only applies to clamdscan > scanning. > > Sent from my iPad > > -Al- > > On Dec 2, 2018, at 23:18, Albert o rote: > > What do I need to use in clamd.conf

Re: [clamav-users] Disable MaxFileSize and MaxFileSize to scan the whole system

2018-12-03 Thread Al Varnell
MaxFileSize 0 disables limiting, but that only applies to clamdscan scanning. Sent from my iPad -Al- On Dec 2, 2018, at 23:18, Albert o rote: > > What do I need to use in clamd.conf to scan the maximum possible size? > MaxFileSize 3M > MaxFileSize 3999M > Is this syntax correct? > >> On Mo