Hi there,
Sorry, I should have spent more time looking into this.
On Fri, 4 Mar 2022, Tuomo Soini via clamav-users wrote:
That is incorrectly detecting it. They must not detect signature in the
middle. That's clearly in specification. Long time ago there was big
discussion about eicar
On Fri, 4 Mar 2022, Tuomo Soini via clamav-users wrote:
On Thu, 3 Mar 2022 22:50:04 -0300
Jorge Elissalde via clamav-users wrote:
Hi,
The weird part is that Avira and other Antivirus correctly are able to
detect EICAR in any case, having other characters before and/or after
the EICAR
On Thu, 3 Mar 2022 22:50:04 -0300
Jorge Elissalde via clamav-users wrote:
> Hi,
>
> The weird part is that Avira and other Antivirus correctly are able to
> detect EICAR in any case, having other characters before and/or after
> the EICAR string.
That is incorrectly detecting it. They must not
Hi,
The weird part is that Avira and other Antivirus correctly are able to
detect EICAR in any case, having other characters before and/or after the
EICAR string.
Thank you,
El jue, 3 mar 2022 a las 12:27, Tuomo Soini via clamav-users (<
clamav-users@lists.clamav.net>) escribió:
> On Wed, 2
Hi there,
On Thu, 3 Mar 2022, G.W. Haywood wrote:
... Perhaps you can post the output of 'clamconf -n' ...
On Thu, 3 Mar 2022, Kris Deugau wrote:
...
There are quite the proliferation of hash signatures, but ...
The only one that would match within a larger
file or datastream is the
On Wed, 2 Mar 2022 12:35:40 -0300
Jorge Elissalde via clamav-users wrote:
> Hi,
>
> I'm using clamd to make a large data scanning using INSTREAM (data it
> is not available as files I could send to clamd). If I send only one
> INSTREAM chunk with EICAR inside it is correctly detected, but if I
Jorge Elissalde via clamav-users wrote:
Thank you for your answer.
I'm using Windows clamd release 0.104.2
I have double checked with wireshark and the data sent is ok.
suppose I just send: char *eicarTest =
"X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*"
Result is ok:
Hi there,
On Wed, 2 Mar 2022, Jorge Elissalde via clamav-users wrote:
I'm using clamd to make a large data scanning using INSTREAM ...
If I send only one INSTREAM chunk with EICAR inside it is correctly
detected, but if I send several chunks plus EICAR string, it is not
...
char *eicarTest =
Hi,
I'm using clamd to make a large data scanning using INSTREAM (data it is
not available as files I could send to clamd). If I send only one INSTREAM
chunk with EICAR inside it is correctly detected, but if I send several
chunks plus EICAR string, it is not detected.
Example:
char *eicarTest