[clamav-users] ClamScan does how much of this (heuristical analysis/sandboxes)?

To better secure us, would future versions of Clamscan add artificial neural networks (artificial CNS) to virus scanners? Github has lots of FLOSS (Open Source Softwares) simulaters of CNS (at https://github.com/topics/artificial-neural-network , such as https://github.com/Rober-t/apxr_run/ ),

Re: [clamav-users] clamscan exclude-dir on Windows

Hey Steve, thanks, this actually works. Lucky for me I wanted to exclude both Program Files directors, as this actually excludes both, not each on its own. Richard On Sat, Jan 28, 2023, 21:48 Steve Basford via clamav-users < clamav-users@lists.clamav.net> wrote: > On 28 January 2023 16:07:04

Re: [clamav-users] clamscan exclude-dir on Windows

On 28 January 2023 16:07:04 Richard Rosner via clamav-users wrote: Very interesting to know. Sadly that doesn't help. I added --exclude-dir="C:\\PROGRA~2\\" --exclude-dir="C:\\PROGRA~1\\" and tried running in both PowerShell and CMD, no success, it always ends up scanning Program Files.

Re: [clamav-users] clamscan exclude-dir on Windows

of > >> clamav. > >> > >> kind regards, > >> Marc > >> > >> > >> Von / From: Clamav User Mailinglist > >> <mailto:clamav-users@lists.clamav.net > >> <mailto:clamav-users@lists.clamav.net>> > &

Re: [clamav-users] clamscan exclude-dir on Windows

;> > > An / To: Newcomer01 <mailto:newcome...@posteo.de > > <mailto:newcome...@posteo.de>> > > CC / CC: Richard Rosner <mailto:rrosn...@gmail.com > > <mailto:rrosn...@gmail.com>> > > Gesendet / Sent: Samstag, Januar 28,

Re: [clamav-users] clamscan exclude-dir on Windows

d Rosner <mailto:rrosn...@gmail.com     <mailto:rrosn...@gmail.com>>     Gesendet / Sent: Samstag, Januar 28, 2023 um 12:49 (at 12:49 PM) +0100     Betreff / Subject: [clamav-users] clamscan exclude-dir on Windows > Hi, > I'm trying to make a full scan of my PC with cla

Re: [clamav-users] clamscan exclude-dir on Windows

ewcomer01 <mailto:newcome...@posteo.de <mailto:newcome...@posteo.de>> CC / CC: Richard Rosner <mailto:rrosn...@gmail.com <mailto:rrosn...@gmail.com>> Gesendet / Sent: Samstag, Januar 28, 2023 um 12:49 (at 12:49 PM) +0100 Betreff / Subject: [clamav-users] clamscan excl

Re: [clamav-users] clamscan exclude-dir on Windows

the Win Version of > clamav. > > kind regards, > Marc > > > Von / From: Clamav User Mailinglist <mailto:clamav-users@lists.clamav.net> > An / To: Newcomer01 <mailto:newcome...@posteo.de> > CC / CC: Richard Rosner <mailto:rrosn...@gmail.com> > Gesendet /

Re: [clamav-users] clamscan exclude-dir on Windows

sn...@gmail.com> Gesendet / Sent: Samstag, Januar 28, 2023 um 12:49 (at 12:49 PM) +0100 Betreff / Subject: [clamav-users] clamscan exclude-dir on Windows Hi, I'm trying to make a full scan of my PC with clamscan.exe on Win10. Unfortunately, my C Volume is too big and my PC too slow to finish the

[clamav-users] clamscan exclude-dir on Windows

Hi, I'm trying to make a full scan of my PC with clamscan.exe on Win10. Unfortunately, my C Volume is too big and my PC too slow to finish the scan in a day. So of course when I start it the next day, I want to exclude larger directories that already have been scanned. That works great with some

[clamav-users] clamscan on truncated file reports infection

Our filtering proxy is hitting on the following URL: https://ardownload2.adobe.com/pub/adobe/reader/win/AcrobatDC/2200320263/AcroRdrDCUpd2200320263_MUI.msp *INFECTED* * *DENIED* Virus or bad content detected. Win.Ransomware.Razy-9978545-0 The strange thing is, if I run clamscan on the full

Re: [clamav-users] clamscan tar archive

Hart, Steven A. via clamav-users wrote: Hello all, ClamAV documentation states that tar archives are supported.   I've created a small sample tar archive that includes an eicar sample. Clamscan seems to only look at the tar archive as a single file and does not hit on the eicar sample

[clamav-users] clamscan tar archive

Hello all, ClamAV documentation states that tar archives are supported. I've created a small sample tar archive that includes an eicar sample. Clamscan seems to only look at the tar archive as a single file and does not hit on the eicar sample within. I've tried using the "-a" and

Re: [clamav-users] Clamscan reboots the system

don't know if any fits into memory). From: clamav-users on behalf of G.W. Haywood via clamav-users Sent: Thursday, October 21, 2021 3:01 AM To: ClamAV users ML Cc: G.W. Haywood Subject: Re: [clamav-users] Clamscan reboots the system Hi there, On Wed, 20 Oct 2021, Mehmood, Tariq wrote: I am

Re: [clamav-users] Clamscan reboots the system

G.W. Haywood Subject: Re: [clamav-users] Clamscan reboots the system Hi there, On Wed, 20 Oct 2021, Mehmood, Tariq wrote: > I am running clamscan on imx6q sabresd board which has 1GB of RAM. Even if you only use the 'official' databases, that's not enough RAM. The minimum recommended is 2G

Re: [clamav-users] Clamscan reboots the system

Hi there, On Wed, 20 Oct 2021, Mehmood, Tariq wrote: I am running clamscan on imx6q sabresd board which has 1GB of RAM. Even if you only use the 'official' databases, that's not enough RAM. The minimum recommended is 2GB, see https://docs.clamav.net/ A few months back, I got an OOM killer

[clamav-users] Clamscan reboots the system

Hi, I am running clamscan on imx6q sabresd board which has 1GB of RAM. A few months back, I got an OOM killer while running clamscan which killed the clamscan process. So, as a workaround, I introduced a swap of 2GB which worked and fixed the OOM killer issue. But, now if I create a swap

Re: [clamav-users] clamscan information

On 02.09.21 15:45, Karakanovski, Anton via clamav-users wrote: I am writing regarding more information related to usage of clamscan. First I want to share the problem/observation that we have - currently we try to make three scans at a same time (some kind of performance test using jmeter) but

Re: [clamav-users] clamscan information

Hi there, On Thu, 2 Sep 2021, Karakanovski, Anton via clamav-users wrote: ... we try to make three scans at a same time (some kind of performance test using jmeter) but unfortunately only the first scan is successful and the rests are with code 2 instead of 0. Please tell us more. What

[clamav-users] clamscan information

Hello guys, I am writing regarding more information related to usage of clamscan. First I want to share the problem/observation that we have - currently we try to make three scans at a same time (some kind of performance test using jmeter) but unfortunately only the first scan is successful and

Re: [clamav-users] clamscan: permission denied on many files being used by another process

Hi there, On Tue, 13 Jul 2021, Michael Wang wrote: My question is how I can let clamscan to read a file, as I have shown that even I cannot "more" a file used by another process as administrator. As I explained in my earler reply to you: It's up to you to arrange for the scanner to have

Re: [clamav-users] clamscan: permission denied on many files being used by another process

Michael Wang wrote: I understand "more" is not clamscan, I was just showing that the file in question cannot be opened with clamscan nor with "more" as administrator. I also understand if clamscan cannot read a file, it cannot scan it. My question is how I can let clamscan to read a file, as

Re: [clamav-users] clamscan: permission denied on many files being used by another process

The version I am running is clamav-0.103.3-win-x64-portable.zip from https://www.clamav.net/downloads#otherversions . The advantage of using the portable version is that you do not need to install, but just to use

Re: [clamav-users] clamscan: permission denied on many files being used by another process

Hi there, On Mon, 12 Jul 2021, Michael Wang via clamav-users wrote: I run ClamAV on windows using the latest portable installation with all default configuration. What version of ClamAV, and where did it come from? I run the task scheduler under the SYSTEM user with the highest credentials

[clamav-users] clamscan: permission denied on many files being used by another process

Hello all ClamAV users: I run ClamAV on windows using the latest portable installation with all default configuration. I run the task scheduler under the SYSTEM user with the highest credentials checked, but I still have lots of permission denied messages. I logged in locally and checked one of

Re: [clamav-users] clamscan suddenly taking 25 minutes for a single mail

Hi there, On Tue, 6 Apr 2021, Eddie via clamav-users wrote: After setting up clamav-daemon, I suspect it's having the same issue, based on the 11 minute "stall" part way through the initialisation. Tue Apr  6 16:26:14 2021 -> +++ Started at Tue Apr  6 16:26:14 2021 Tue Apr  6 16:26:14 2021

Re: [clamav-users] clamscan suddenly taking 25 minutes for a single mail

After setting up clamav-daemon, I suspect it's having the same issue, based on the 11 minute "stall" part way through the initialisation. Tue Apr  6 16:26:14 2021 -> +++ Started at Tue Apr  6 16:26:14 2021 Tue Apr  6 16:26:14 2021 -> Received 0 file descriptor(s) from systemd. Tue Apr  6

Re: [clamav-users] clamscan suddenly taking 25 minutes for a single mail

I can go back to bed and sleep.  :-) The only thing that runs on this server is the POP3 proxy code, nothing else.  And freshclam didn't pull any new signatures until after the slowdown started.  And take this with the same grain of salt I used to, when I worked support:  No, nothing was

Re: [clamav-users] clamscan suddenly taking 25 minutes for a single mail

> > But I'd like to understand why, on Sunday morning, the scan time which had > been under a minute per mail, for over 4 months, suddenly jumped to 25 > minutes per mail and has remained at that. It's a good question. Is there any way to reproduce what was happening on Sunday morning? ... and

Re: [clamav-users] clamscan suddenly taking 25 minutes for a single mail

Understood, which is why I'm looking to move to clamdscan. But I'd like to understand why, on Sunday morning, the scan time which had been under a minute per mail, for over 4 months, suddenly jumped to 25 minutes per mail and has remained at that. Cheers. On 4/6/2021 10:39 AM, Richard

Re: [clamav-users] clamscan suddenly taking 25 minutes for a single mail

On 4/6/2021 8:56 AM, Matus UHLAR - fantomas wrote: On 06.04.21 08:43, Eddie via clamav-users wrote: A POP3 proxy program I have running on a Debian 10.8 system, uses clamscan to check incoming e-mails.  At some point in the very early morning (US West Coast time) it suddenly started taking a

Re: [clamav-users] clamscan suddenly taking 25 minutes for a single mail

Clamscan can spend a long time loading signatures, etc. If you run your command with strace (or monitor the process with lsof, etc.) you'll probably see clamscan is busy accessing signature files. On Tue, Apr 6, 2021 at 5:44 PM Eddie via clamav-users < clamav-users@lists.clamav.net> wrote:

Re: [clamav-users] clamscan suddenly taking 25 minutes for a single mail

On 06.04.21 08:43, Eddie via clamav-users wrote: A POP3 proxy program I have running on a Debian 10.8 system, uses clamscan to check incoming e-mails.  At some point in the very early morning (US West Coast time) it suddenly started taking a very long time to scan each mail,  So much that the

Re: [clamav-users] clamscan suddenly taking 25 minutes for a single mail

On Tue, 6 Apr 2021, Eddie via clamav-users wrote: A POP3 proxy program I have running on a Debian 10.8 system, uses clamscan to check incoming e-mails.  At some point in the very early morning (US West Coast time) it suddenly started taking a very long time to scan each mail,  So much that

[clamav-users] clamscan suddenly taking 25 minutes for a single mail

A POP3 proxy program I have running on a Debian 10.8 system, uses clamscan to check incoming e-mails.  At some point in the very early morning (US West Coast time) it suddenly started taking a very long time to scan each mail,  So much that the controlling process would time out before

Re: [clamav-users] clamscan --disable-cache

Hi there, On Wed, 30 Sep 2020, Dave Sill via clamav-users wrote: "G.W. Haywood via clamav-users" wrote: There are ways around that, even if you don't want to run clamdscan (and clamd) as root - which I'd entirely understand. Is --fdpass one of them? And --stream? Any others? No. I'd be

Re: [clamav-users] clamscan --disable-cache

"G.W. Haywood via clamav-users" wrote: > > There are ways around that, even if you don't want to run clamdscan > (and clamd) as root - which I'd entirely understand. Is --fdpass one of them? And --stream? Any others? > >We've got about 3000 Linux systems that we'd like to periodically scan, >

Re: [clamav-users] clamscan --disable-cache

Andrew C Aitchison via clamav-users wrote: > > No. clamD scans data passed to it by clamdscan, usually over a socket or > pipe. Ah... I missed INSTREAM in the clamd man page. Locally, though, surely SCAN/CONTSCAN/etc, are nuch more efficient. And remotely, sending the entire contents of the

Re: [clamav-users] clamscan --disable-cache

On Wed, 30 Sep 2020, Dave Sill via clamav-users wrote: "G.W. Haywood via clamav-users" wrote: In the second scan, how did clamscan manage to do what it claims to have done in the time that it did it? OK, you could have just said that the cache is internal to each invocation of clamscan,

Re: [clamav-users] clamscan --disable-cache

Hi there, On Wed, 30 Sep 2020, Dave Sill via clamav-users wrote: The clamscan man page says: --disable-cache Disable caching and cache checks for hash sums of scanned files. I've looked high and low via google, strace, looking at source code, conducting tests, and I see no

[clamav-users] clamscan --disable-cache

The clamscan man page says: --disable-cache Disable caching and cache checks for hash sums of scanned files. I've looked high and low via google, strace, looking at source code, conducting tests, and I see no sign of caching done by clamscan. Is this on the to-do list? We'd

Re: [clamav-users] clamscan - can the hostname be added to the generated scan summary report

: [clamav-users] clamscan - can the hostname be added to the generated scan summary report ***ATTENTION*** This email originated from outside of the Government of Canada. Do not click links or open attachments unless you recognize the sender and believe the content is safe. For more information

Re: [clamav-users] clamscan - can the hostname be added to the generated scan summary report

Hi there, On Tue, 8 Sep 2020, Leveille, Gerald via clamav-users wrote: I am a fairly new with ClamAV. When I run a scan (ex. clamscan --infected --recursive /home) on a Linux Server, a Scan Summary report is generated, is it possible to add/generate the Host name in the Scan Summary so that

[clamav-users] clamscan - can the hostname be added to the generated scan summary report

Categorization: Unclassified Hi, I am a fairly new with ClamAV. When I run a scan (ex. clamscan --infected --recursive /home) on a Linux Server, a Scan Summary report is generated, is it possible to add/generate the Host name in the Scan Summary so that when looking at the summary I can see

Re: [clamav-users] Clamscan signature scan report

Hello Vaijay, clamscan -z is very usefull for what you need. Example : /ClamAV/bin/./clamscan” -z -d “/Clam/All_sigs/Sigs.ndb” -l “/Clam/sig_report.txt” Le 28/06/2020 à 05:51, Vijay Naidu via clamav-users a écrit : Hello ClamAV users, I occasionally use clamscan to perform signature

[clamav-users] Clamscan signature scan report

Hello ClamAV users, I occasionally use clamscan to perform signature matching. It's a great tool to test the unofficial signatures. However, I only get a report at the end of the cumulative/collated signatures. Is there a way to get a report of individual signature instead of cumulative.

Re: [clamav-users] clamscan vs clamdscan

On Monday 11 May 2020 10:04:34 G.W. Haywood via clamav-users wrote: > Hi there, > > On Sun, 10 May 2020, Paul Kosinski via clamav-users wrote: > > Our email handling is [...snip...] > > Mail system design isn't really the topic for this list, so I won't > comment further on your setup. > > > (You

Re: [clamav-users] clamscan vs clamdscan

Hi there, On Sun, 10 May 2020, Paul Kosinski via clamav-users wrote: Our email handling is [...snip...] Mail system design isn't really the topic for this list, so I won't comment further on your setup. (You might be surprised how much email to made-up user names ... Back in the 1980s I

Re: [clamav-users] clamscan vs clamdscan

On milters: Our email handling is a two stage mechanism. Our rented server at our public IP address is a small, cheap VM (with no ports blocked, of course) which runs Postfix and Apache. There is not enough RAM to also run clamd, so we simply use Postfix's builtin filter mechanisms, like SMTP

Re: [clamav-users] clamscan vs clamdscan

On Sat, 9 May 2020, Paul Kosinski via clamav-users wrote: On our mailserver, we run clamdscan, since mail arrives frequently (!). Citeren "G.W. Haywood via clamav-users" : On a mail server most people would use a milter, e.g. clamav-milter, which is part of the ClamAV package. On 10.05.20

Re: [clamav-users] clamscan vs clamdscan

On Sat, 9 May 2020, Paul Kosinski via clamav-users wrote: On our mailserver, we run clamdscan, since mail arrives frequently (!). On 10.05.20 09:33, G.W. Haywood via clamav-users wrote: On a mail server most people would use a milter, e.g. clamav-milter, which is part of the ClamAV package.

Re: [clamav-users] clamscan vs clamdscan

Dear Iulian , thanks a lot for your answer. That sounds good. So I take it that I can have clamav and clamav-daemon installed at the same time and use either of them. That´s really cool. Thank you again for your confirmation and explanation. There´s just one question remaining which concerns

Re: [clamav-users] clamscan vs clamdscan

Hi there, On Sat, 9 May 2020, iulian stan via clamav-users wrote: It's normal that scanning with clamdscan takes a shorter time than clamscan because the virus databases is already loaded (since it's a daemon) and ready for action. For testing purposes(debugging, etc) you can use clamscan for

Re: [clamav-users] clamscan vs clamdscan

Citeren "G.W. Haywood via clamav-users" : Hi there, On Sat, 9 May 2020, Paul Kosinski via clamav-users wrote: On our mailserver, we run clamdscan, since mail arrives frequently (!). On a mail server most people would use a milter, e.g. clamav-milter, which is part of the ClamAV package.

Re: [clamav-users] clamscan vs clamdscan

Hi there, On Sat, 9 May 2020, Paul Kosinski via clamav-users wrote: On our mailserver, we run clamdscan, since mail arrives frequently (!). On a mail server most people would use a milter, e.g. clamav-milter, which is part of the ClamAV package. The use of milters offers many benefits. It

Re: [clamav-users] clamscan vs clamdscan

Dear Christian, It's normal that scanning with clamdscan takes a shorter time than clamscan because the virus databases is already loaded (since it's a daemon) and ready for action. For testing purposes(debugging, etc) you can use clamscan for all other purposes use clamdscan where you don't

Re: [clamav-users] clamscan vs clamdscan

Hi there, On Sat, 9 May 2020, Christian wrote: ... Is it alright to have  *clamav* and *clamav-daemon* installed alongside each other? So that I can run  either "clamscan somefile"  or  "clamdscan somefile"? You should really have asked that question on a mailing list for your Linux

[clamav-users] clamscan vs clamdscan

Hi altogether, I´ve got a question regarding *clamscan* vs *clamdscan*. My system is Linux/BodhiLinux 5.1.0 in a VM. As antivirus-software I installed *clamav*: /sudo apt-get install clamav clamav-freshclam/ Scanning procedure is good although a bit slow. So in addition to that I installed the

Re: [clamav-users] Clamscan taking a very long time

G.W. Haywood wrote: > It's easier to parse logs with 'grep' than it is to tweak the syslog > rule, but aren't we straying from the subject a little? Your logs > should have timestamps, which will tell you what's taking the time. Nope. I give up. No more clamAV for me. Clearly, I'm not smart

Re: [clamav-users] Clamscan taking a very long time

Hi there, On Mon, 6 Jan 2020, Michael Newman via clamav-users wrote: G.W. Haywood wrote: ... You might want to look into some of the text processing tools available, such as 'grep'. ... No need for debug or grep. ... I haven't been able to find a way to log only errors and not warnings.

Re: [clamav-users] Clamscan taking a very long time

> G.W. Haywood wrote: > So I guess the errors that you're asking about are noted amongst the 7000+ > lines of output of which you have posession. You might want to look > into some of the text processing tools available, such as 'grep'. Using the --quiet option only logs error messages

Re: [clamav-users] Clamscan taking a very long time

Hi there, On Sun, 5 Jan 2020, Michael Newman via clamav-users wrote: On Jan 5, 2020, at 00:00 ,G.W. Haywood wrote: Look at the 'LogVerbose' and 'Debug' directives. The LogVerbose directive seems to do the same thing as the -v parameter with clamscan. All that does is list every file that is

Re: [clamav-users] Clamscan taking a very long time

> On Jan 5, 2020, at 00:00 ,G.W. Haywood wrote: > > > Look at the 'LogVerbose' and 'Debug' directives. The LogVerbose directive seems to do the same thing as the -v parameter with clamscan. All that does is list every file that is checked. It also tells whether or not the file is OK. The

Re: [clamav-users] Clamscan taking a very long time

Hi there, On Sat, 4 Jan 2020, Michael Newman via clamav-users wrote: G.W. Haywood wrote: The OP could try: man clamd.conf I've looked through there and don't find anything about logging errors. Could you help by letting me know what I should change? Look at the 'LogVerbose' and 'Debug'

Re: [clamav-users] Clamscan taking a very long time

Allan Mui wrote: > Are you building with the latest Xcode and brew dependent packages I installed with MacPorts and let MacPorts take care of everything. Al Varnell wrote: > Most error reports involve files that cannot be completely scanned, either > because the user lacks read permission or the

Re: [clamav-users] Clamscan taking a very long time

Hi there, On Fri, 3 Jan 2020, Al Varnell via clamav-users wrote: Logs can be made to display errors, but I’m not on my computer right now, so can’t say off-hand what needs to be changed in order to display them. The OP could try: man clamd.conf -- 73, Ged.

Re: [clamav-users] Clamscan taking a very long time

Sent from my iPad On Jan 2, 2020, at 22:38, Michael Newman via clamav-users wrote: > I’ve searched and looked through the ClamAV documentation but haven’t been > smart enough to find a definition for "Total errors:". Does anyone know what > it means? Most error reports involve files that

Re: [clamav-users] Clamscan taking a very long time

On Jan 3, 2020, at 00:00, G.W. Haywood wrote: > Please define "suddenly". Suddenly means that the scan on December 17th took about two hours: Time: 7569.856 sec (126 m 9 s) and the next scan, on December 24th took about nine hours: Time: 35785.296 sec (596 m 25 s) Both scans used:

Re: [clamav-users] Clamscan taking a very long time

chael Newman<mailto:mgnew...@mac.com> Subject: [clamav-users] Clamscan taking a very long time ClamAV 0.102.1/25679/Mon Dec 30 17:01:01 2019 macOS 10.15.2 Help me figure out why clamscan is suddenly taking so long. An older log file fragment: --- SCAN SUMMARY --- Known viruses: 6613

Re: [clamav-users] Clamscan taking a very long time

Hi there, On Thu, 2 Jan 2020, Michael Newman via clamav-users wrote: ClamAV 0.102.1/25679/Mon Dec 30 17:01:01 2019 macOS 10.15.2 Help me figure out why clamscan is suddenly taking so long. ... Engine version: 0.100.1 Total errors: 1 Time: 8728.307 sec (145 m 28 s) ... Engine version: 0.102.1

[clamav-users] Clamscan taking a very long time

ClamAV 0.102.1/25679/Mon Dec 30 17:01:01 2019 macOS 10.15.2 Help me figure out why clamscan is suddenly taking so long. An older log file fragment: --- SCAN SUMMARY --- Known viruses: 6613648 Engine version: 0.100.1 Scanned directories: 261793 Scanned files: 636746 Infected

[clamav-users] clamscan, fmap errors and --max-filesize

Hi, Longtime user, first-time poster ;) I'm having some issues with trying to get clamscan to skip over some very large files, without running into memory allocation issues. A problem directory looks like this: # ls -alh total 2.6G drwxr-xr-x   2 root root   72 May 22 12:17 . drwxrwxrwt. 12

Re: [clamav-users] clamscan/clamdscan with -z option

Paul, I know what you mean. We had encountered this type of behavior when we were adding the byte-compare signature feature and we initially put in a change (specific to byte-compare) to prevent the 2nd scan from occurring. We ended up reverting that change when we realized that we really

Re: [clamav-users] clamscan/clamdscan with -z option

Hi Micah I can code to handle this but basing handling code  on "appears to behaviour"  is far from an ideal start. The multiple matches on test/clam.mail from the clamav 101.1 sources with  Clamav.Test.File-6 reported twice sure looks like a bug to me. Regards Paul On 14/02/2019 19:46,

Re: [clamav-users] clamscan/clamdscan with -z option

Paul, You may be seeing cases where a signature match of the raw file also matches the file after it has been: * normalized (for html or other text files) * extracted (eg uncompressed archives or archives where compression has little effect) * or otherwise parsed (eg where a signature written

Re: [clamav-users] clamscan/clamdscan with -z option

Paul wrote: Hi I have been looking at using the -z option on either clamdscan or clamscan and stumbled onto some odd behavior. This is with version 101.1. 101.0 also behaves the same. Take 2 paultest-010E110713-000 is constructed from test/clam.mail with the addition of a line of text to

[clamav-users] clamscan/clamdscan with -z option

Hi I have been looking at using the -z option on either clamdscan or clamscan and stumbled onto some odd behavior. This is with version 101.1. 101.0 also behaves the same. Take 1 clamscan -z  ./clamav-0.101.1/test/clam.mail ./clamav-0.101.1/test/clam.mail: Clamav.Test.File-6 FOUND

[clamav-users] clamscan dumpcerts

Hello, I am trying to dump the certificates of a signed PE, but noting is being dumped, the output is simply the scan summary. I went through the list archive but I was not able to find a relevant topic. I also tried dumping the certificate of legitimate files and the results were the same,

Re: [clamav-users] Clamscan crash on Mac OS X - yara rules

ers@lists.clamav.net<mailto:clamav-users@lists.clamav.net>> wrote: From: Al Varnell <alvarn...@mac.com<mailto:alvarn...@mac.com>> Subject: Re: [clamav-users] Clamscan crash on Mac OS X - yara rules Date: May 17, 2018 at 1:27:03 AM EDT To: ClamAV users ML <clamav-users@lists.cla

Re: [clamav-users] Clamscan crash on Mac OS X - yara rules

--- Begin Message --- You almost certainly need to attach it to a ticket at >. I don't see how anybody would be able to make sense of a partial crash report. That being said, it's almost certainly the result of a misconfigured yara

[clamav-users] Clamscan crash on Mac OS X - yara rules

--- Begin Message --- Although clamd is no longer crashing at startup (see thread "Startup crash on MacOS X - version 0.100.0” from about a week ago), I have lots of crash logs for clamscan. It looks like yara rules are the problem again: Application Specific Information: Assertion failed: (sp

Re: [clamav-users] clamscan output

Am 23.04.2017 um 17:20 schrieb Lyle Holmes: Probably simple to resolve. Clamscan sends the results of the daily scan in an email. Results similar to the one below for each directory in /home. Unfortunately clamscan is appending the new results to the prior day's results; making a ridiculously

Re: [clamav-users] clamscan output

Hi there, On Sun, 23 Apr 2017, Lyle Holmes wrote: ... /home ... ... ridiculously long emails ... Since you mentioned '/home', I'm guessing that your operating system isn't a Windows variant. But that still leaves a lot of wiggle-room. For future reference we need to know a lot more about

Re: [clamav-users] clamscan output

On 4/23/2017 10:20 AM, Lyle Holmes wrote: > Probably simple to resolve. Clamscan sends the results of the daily scan > in an email. Results similar to the one below for each directory in > /home. Unfortunately clamscan is appending the new results to the prior > day's results; making a

[clamav-users] clamscan output

Probably simple to resolve. Clamscan sends the results of the daily scan in an email. Results similar to the one below for each directory in /home. Unfortunately clamscan is appending the new results to the prior day's results; making a ridiculously long email. I would like to overwrite the prior

Re: [clamav-users] Clamscan Error

Hi there, On Thu, 5 Jan 2017, A6 wrote: ** ~ $ sudo clamscan -r --bell -i / [snipped two megabytes of garbage] That was silly. -- 73, Ged. ___ clamav-users mailing list clamav-users@lists.clamav.net

Re: [clamav-users] Clamscan Error

It might also be Apparmor (since it's apparently an Ubuntu derivative). Scott K On January 5, 2017 9:03:54 PM EST, Al Varnell wrote: >Summary shows the current engine 0.99.2. > >LibCLamAV warnings might be lack of RAM. > >-Al- > >On Thu, Jan 05, 2017 at 05:53 PM, Reindl

Re: [clamav-users] Clamscan Error

Summary shows the current engine 0.99.2. LibCLamAV warnings might be lack of RAM. -Al- On Thu, Jan 05, 2017 at 05:53 PM, Reindl Harald wrote: > > you posted a lot of stuff but not the clamav version > the memory errors sounds like it's outdated > > the whole "permission denied" stuff running

Re: [clamav-users] Clamscan Error

you posted a lot of stuff but not the clamav version the memory errors sounds like it's outdated the whole "permission denied" stuff running sudo and so with root-permissions is strange too Am 06.01.2017 um 02:35 schrieb A6: NAME="Linux Mint" VERSION="18.1 (Serena)" ID=linuxmint

Re: [clamav-users] clamscan (NOT clamdscan) log file setup in *.conf file?

Hi there, On Fri, 18 Nov 2016, Noel Jones wrote: Perhaps it would be useful for clamscan to read (some?) options from a config file, or even better from environment variables. Feel free to open a bug report/feature request and make your case. This would be what I'd call 'feature creep'. Any

Re: [clamav-users] clamscan (NOT clamdscan) log file setup in *.conf file?

On 11/18/2016 8:39 AM, Fouts, Christopher wrote: > Thanks. Yes I understand that clamscan is independent from clamdscan > (hence, clamd), but I was hoping for a more consistent behavior between > the two applications. I clamdscan can read the log path from some *.conf > file, why can¹t clamscan do

Re: [clamav-users] clamscan (NOT clamdscan) log file setup in *.conf file?

Thanks. Yes I understand that clamscan is independent from clamdscan (hence, clamd), but I was hoping for a more consistent behavior between the two applications. I clamdscan can read the log path from some *.conf file, why can¹t clamscan do the same? I have no issue using the -l option. Chris

Re: [clamav-users] clamscan (NOT clamdscan) log file setup in *.conf file?

The clamscan tool is a stand-along utility that runs without clamd being installed and and isn't aware of and doesn't use or need any of the clamd or clamdscan configurations. It does read the freshclam.conf file to learn where the signatures are stored. The command line accepts a rich

[clamav-users] clamscan (NOT clamdscan) log file setup in *.conf file?

The docs show the following example when running clamscan (NOT clamdscan) $ clamscan –r –l scan.txt /some_path How can I configure the log file in the /etc/clamd.d/scan.conf file for clamscan, not for clamdscan? I see # Uncomment this option to enable logging. # LogFile must be writable for

Re: [clamav-users] clamscan not obeying the --exclude-dir directives

Hi there, On Tue, 14 Jun 2016, Adam Lininger wrote: I run clamAV on my Mac Book (installed via clamXav). It seems to be not entirely obeying the --exclude and --exclude-dir flags. Mr. Allan makes a valid point. You might try installing ClamAV without using clamXav, then you'll know what

Re: [clamav-users] clamscan not obeying the --exclude-dir directives

Modify the command to allow better logging. Replace -i with -v then view the log to see what is and is not excluded. It is assumed that your command is one long line of text or several lines where the linefeed is escaped with a "\". It should not be necessary to use exclude-dir and exclude

Re: [clamav-users] clamscan not obeying the --exclude-dir directives

Hi Adam, Are you producing that clamscan invocation yourself? If not, and it's coming from something produced by ClamXav, then you should direct your question to the official support channel for ClamXav which can be found at https://www.clamxav.com/contactus Regards Mark > On 14 Jun 2016, at

[clamav-users] clamscan not obeying the --exclude-dir directives

I run clamAV on my Mac Book (installed via clamXav). It seems to be not entirely obeying the --exclude and --exclude-dir flags. I have a directory (/media/binstore) which is an sshfs mount from another server. I want to exclude scanning this directory to avoid excess network traffic. While

Re: [clamav-users] clamscan false positives

Best thing to do is submit them as false positives on ClamAV.net -- Joel Esler iPhone On Mar 17, 2016, at 6:54 AM, Thomas Stein > wrote: Hello Clamav users. Last week i started to check a gentoo distfiles directory with

Re: [clamav-users] clamscan false positives

Am 17.03.16 um 12:01 schrieb Joel Esler (jesler): > Best thing to do is submit them as false positives on > ClamAV.net Thanks for the tipp. Will do so. cheers t. > -- > Joel Esler > iPhone > > On Mar 17, 2016, at 6:54 AM, Thomas Stein >

  1   2   3   4   5   6   >