Re: [clamav-users] ClamAV on openSUSE Tumbleweed

On 3/18/19 7:02 PM, Micah Snyder (micasnyd) wrote: Hi ellanios82, How often do you update your signature database? How often do you do a scan? Did this slowdown just occur in the last few days, or last couple weeks? I am curious if the slowdown occurred after daily-25380.cdiff (a database

Re: [clamav-users] ClamAV on openSUSE Tumbleweed

On 3/17/19 6:07 PM, J.R. via clamav-users wrote:   - after Downloading daily-25380.cdiff   am getting stuck : just nothing happens It's not really stuck it just takes a lng time to process (people reported over an hour):

Re: [clamav-users] ClamAV on openSUSE Tumbleweed

On 3/17/19 6:07 PM, J.R. via clamav-users wrote:   - after Downloading daily-25380.cdiff   am getting stuck : just nothing happens It's not really stuck it just takes a lng time to process (people reported over an hour):

Re: [clamav-users] ClamAV on openSUSE Tumbleweed

On 3/17/19 6:07 PM, J.R. via clamav-users wrote:   - after Downloading daily-25380.cdiff   am getting stuck : just nothing happens It's not really stuck it just takes a lng time to process (people reported over an hour):

Re: [clamav-users] ClamAV on openSUSE Tumbleweed

On 3/17/19 6:07 PM, J.R. via clamav-users wrote: - after Downloading daily-25380.cdiff am getting stuck : just nothing happens It's not really stuck it just takes a lng time to process (people reported over an hour):

[clamav-users] ClamAV on openSUSE Tumbleweed

Hello List ,  - after Downloading daily-25380.cdiff  am getting stuck : just nothing happens ..  regards ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a

Re: [clamav-users] SpoofedDomain FOUND

On 02/16/17 15:09, Mark Allan wrote: How is it more helpful? Because I gave the answer*and* explained what it did - tremendous : after all , Linux invites ordinary Home Users : NOT just people who know Unix [ i do not : i have zero computer education] . cheers

Re: [clamav-users] SpoofedDomain FOUND

On 02/16/17 15:00, Mark Allan wrote: simply to add 2>&1 to the end of your command, to redirect stderr to stdout. clamscan --debug/home/user/.thunderbird/9i9wirek.default/Mail/pop.gmail.com/bus >> clamdeb.txt 2>&1 - again thank you for being Really helpful { not

Re: [clamav-users] SpoofedDomain FOUND

On 02/16/17 15:00, Mark Allan wrote: A more helpful answer (which is quicker to type than digging out URLs) is simply to add 2>&1 to the end of your command, to redirect stderr to stdout. - thank you so much { often clever people use lists as platform to show how clever they are} .

Re: [clamav-users] SpoofedDomain FOUND

On 02/16/17 02:59, Al Varnell wrote: I'm afraid it's going to be more trouble than it's worth. You will need to turn debugging on when you scan that mailbox which will produce a huge amount of output, but includes details about exactly what was found. You would then need to search that

Re: [clamav-users] SpoofedDomain FOUND

On 02/16/17 02:59, Al Varnell wrote: Ellan, I'm afraid it's going to be more trouble than it's worth. You will need to turn debugging on when you scan that mailbox which will produce a huge amount of output, but includes details about exactly what was found. You would then need to search

Re: [clamav-users] SpoofedDomain FOUND

On 02/15/17 22:48, Kees Theunissen wrote: On Wed, 15 Feb 2017, ellanios82 wrote: Hello List , scanning my Thunderbird directory , am getting : /home/user/.thunderbird/9i9wirek.default/Mail/pop.gmail.com/bus: Heuristics.Phishing.Email.SpoofedDomain FOUND /home/user/.thunderbird

[clamav-users] SpoofedDomain FOUND

Hello List , scanning my Thunderbird directory , am getting : /home/user/.thunderbird/9i9wirek.default/Mail/pop.gmail.com/bus: Heuristics.Phishing.Email.SpoofedDomain FOUND /home/user/.thunderbird/9i9wirek.default/Mail/pop.gmail.com/bus: copied to '/var/log/clams.infected/bus' How please

Re: [clamav-users] Locky Dridex plan

On 03/26/2016 03:26 PM, C.D. Cochrane wrote: And I am guessing my Linux distro will not just seamlessly move on to 0.99 by itself with an "apt-get update". . - openSUSE have a Rolling Release named "Tumbleweed" https://www.opensuse.org/ .. - believe Tumbleweed

Re: [clamav-users] old stuff from Windows95

On 11/17/2015 12:46 AM, Joel Esler (jesler) wrote: Please submit false positive reports on the website. http://www.clamav.net .. - thanks : did try but failed , due my PC runs Linux : ClamAV webpage RadioButtons stuck : cannot change from Windows to Linux [using Google-Chrome

[clamav-users] old stuff from Windows95

Hello List , - on my Linux desktop PC , i have some old Windows95 stuff still stored : today i see : /var/log/clams.infected/msvcrt20.dll.001: Win.Trojan.Agent-954551 FOUND /var/log/clams.infected/msvcrt20.dll.001: copied to '/var/log/clams.infected/msvcrt20.dll.001.001'

Re: [clamav-users] ClamAV : ON openSUSE 4.1.6-1-desktop 84 bit

On 08/27/2015 11:45 AM, Al Varnell wrote: What were they infected with? If Php.Exploit.CVE_2015_2331-3” then I posted an earlier note to the list that they are almost certainly False Postives. -Al- On Thu, Aug 27, 2015 at 01:40 AM, ellanios82 wrote: Hello List , ClamAV : ON openSUSE 4.1.6

[clamav-users] ClamAV : ON openSUSE 4.1.6-1-desktop 84 bit

Hello List , ClamAV : ON openSUSE 4.1.6-1-desktop 84 bit - incase of interest , my daily run of clamav , today , reports as 'infected' : . 7z.so libexempi.so.3.2.4 libzip.so.4.0.0 7z.so.001 libexempi.so.3.2.4.001 libzip.so.4.0.0.001 7zalibquazip.so.1.0.0

[clamav-users] clamscan : correct syntax : exclude Directory

Hello List my hope is to exclude from clamscan a Bitcoin Directory named /BTC - what please is the correct syntax : --exclude-directory=BTC or --exclude-directory=/BTC ?? . thanks Ellan ___ Help us build a comprehensive

Re: [clamav-users] clamscan : correct syntax : exclude Directory

On 06/12/2014 10:29 PM, Kevin Lin wrote: The --exclude-dir option to clamscan takes a regex argument that tells clamscan to exclude the directories that match the regex. This means that specifying: *--exclude-dir=BTC* will exclude all directories whose absolute path that match BTC (e.g.

Re: [clamav-users] Bitcoin : Chainstate : Virii

On 06/11/2014 01:52 AM, Joel Esler (jesler) wrote: What is your question here? __ - it seems that about 6 to 8 virus signatures have been injected into bitcoin's chainstate, and that they are now probably permanently built into the chainstate : - is this a threat, or, can

Re: [clamav-users] Bitcoin : Chainstate : Virii

On 06/11/2014 09:31 AM, Al Varnell wrote: According to the forum link you gave us you should set your scanner to ignore sst files, which are not executable and cannot catch a virus.” -Al- _ - in case of interest, Carlos Robinson, on the opensuse list, kindly explained :

Re: [clamav-users] Bitcoin : Chainstate : Virii

On 06/11/2014 09:31 AM, Al Varnell wrote: According to the forum link you gave us you should set your scanner to ignore sst files, which are not executable and cannot catch a virus.” -Al- _ - in case of interest, Carlos Robinson, on the opensuse list, kindly explained : It

Re: [clamav-users] Bitcoin : Chainstate : Virii

On 06/11/2014 12:08 PM, Jason Haar wrote: Don't forget, a virus is just a file until you execute it - only then is it really a virus - many thanks ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq

[clamav-users] Bitcoin : Chainstate : clamav today detects 6 infected files with names like : 512719.sst

Hello List - today, clamscan detects 6 bitcoin chainstate files as being infected Dear Alain Zidouemba : may i upload all 6 or do you prefer just two ?? . thanks Ellan ___ Help us build a comprehensive ClamAV

[clamav-users] Bitcoin : Chainstate : clamav today detects 6 infected files with names like : 512719.sst [2]: is BITCOIN a known vector ?

Hello List - seems this is known as Gergana.9 : is BITCOIN a known vector ? ... - today, clamscan detects 6 bitcoin chainstate files as being infected thanks Ellan ___ Help us build a comprehensive ClamAV

[clamav-users] Bitcoin : Chainstate : Virii

Hello List i notice link : https://bitcointalk.org/index.php?topic=574691.0 notice remarks : Just tell your antivirus program to ignore the folder /Users/username/Library/Application Support/Bitcoin This is a huge mistake! Just imagine: a unknown virus download

[clamav-users] - an entry i did not put into /etc/resolv.conf

- in case of interest : - running oSuSE 13.1 tumbleweed, i see in my /etc/resolv.conf : nameserver 192.168.1.254 ___ - this nameserver was not put there by myself : how it got there i know not !! . regards

Re: [clamav-users] - an entry i did not put into /etc/resolv.conf

On 04/12/2014 09:14 PM, Anthony Dickinson wrote: In reality, I would read up on DHCP ... - thank you kindly. regards ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq

[clamav-users] rkhunter : hopefully a false-positive

Hello List - today, clamscan advises that rkhunter is infected : - run on openSuSE 13.01 : rkhunter-1.4.0-8.1.2.x86_64 file permissions : -rw--- 1 root root 491600 Apr 9 11:16 rkhunter .. regards ___ Help us build a

Re: [clamav-users] rkhunter : hopefully a false-positive

- thanks all : have uploaded rkhunter suspect file regards ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml

Re: [clamav-users] rkhunter : hopefully a false-positive

On 04/09/2014 07:24 PM, Al Varnell wrote: On Wed, Apr 09, 2014 at 03:29 AM, ellanios82 wrote: - thanks all : have uploaded rkhunter suspect file Please post the MD5 of the file you uploaded here. _ - sadly too late - file deleted. regards

Re: [clamav-users] rkhunter : hopefully a false-positive

On 04/09/2014 07:24 PM, Al Varnell wrote: On Wed, Apr 09, 2014 at 03:29 AM, ellanios82 wrote: - thanks all : have uploaded rkhunter suspect file Please post the MD5 of the file you uploaded here. _ - have re-scanned rkhunter file re-uploaded to http://www.clamav.net/lang/en

[clamav-users] infection alerts from files in bitcoin chainstate

Hello List - in case of interest : have been runing clamscan, daily, on openSUSE 13.1 - today, infection alert received from .bitcoin/chainstate files : ___ 506918.sst 506978.sst 507022.sst 507048.sst 507057.sst _ - is this something new, or, a false-positive ?

[clamav-users] infection alerts from files in bitcoin chainstate [2]

Hello List - in case of interest : have been running clamscan, daily, on openSUSE 13.1 - today, infection alert received from .bitcoin/chainstate files : ___ 507048.sst: Gergana.9 FOUND 506978.sst: Gen.805 FOUND 507058.sst: Chren-4016 FOUND 507057.sst: Italian.1 FOUND 507022.sst: