Re: [clamav-users] False Positive not being corrected

2013-12-11 Thread Joel Esler (jesler)
On Dec 11, 2013, at 6:12 AM, Al Varnell mailto:alvarn...@mac.com>> wrote: On Wed, Dec 11, 2013 at 02:19 AM, Andrew Carter wrote: I have submitted a file several times (email and Excel attachment) to be corrected at http://www.clamav.net/lang/en/sendvirus/submit-fp/ however this is still being m

Re: [clamav-users] lost

2013-12-17 Thread Joel Esler (jesler)
What is this “daily interruption of Console” that you are referring to? Can you give us a screenshot or something so we can reference? Also, ClamXav is probably one of the best GUI clients for ClamAV that I’ve seen so far. -- Joel Esler Intelligence Lead Open Source Manager Vulnerability Resea

Re: [clamav-users] some questions about malware statistics

2013-12-23 Thread Joel Esler (jesler)
> On Dec 23, 2013, at 10:58, "黄海涛" wrote: > > 1.http://www.clamav.net/rss/clamsigs-top10.rss, what's statistical duration? > one month? Not sure. This was left over from the old ClamAV team and we haven't redone it yet. Yes, we have plans to. > 2.can I get all rankings but not top 10. >

Re: [clamav-users] 0.98-exp / LibClamAV Warning

2013-12-23 Thread Joel Esler (jesler)
> On Dec 23, 2013, at 11:23, "gin(e)" wrote: > > But why "file" programm doesn't say that? I have pasted the output for > that reason. File only looks at certain parts of a file to determine the type of file. For flash it only has to look at the first three characters of the file. _

Re: [clamav-users] Debian packaging

2013-12-23 Thread Joel Esler (jesler)
> On Dec 17, 2013, at 5:28, "Simon Hobson" wrote: > > Well since no-one's come back with something like "the package maintainer's > gone AWOL" or similar, I'll keep bumping that bug ticket. Does seem strange, > I don't recall such a long delay in the past. > Updating from source isn't really a

Re: [clamav-users] ClamAV v0.98.1

2014-01-15 Thread Joel Esler (jesler)
Thanks Steve. I was having an email issue yesterday and my announcement email was stuck in the queue. -- Joel Esler Intelligence Lead Open Source Manager Vulnerability Research Team On Jan 15, 2014, at 8:07 AM, Steve Basford mailto:steveb_cla...@sanesecurity.com>> wrote: Looks like 0.98.1 is

Re: [clamav-users] Virus update notices from month's ago.

2014-01-15 Thread Joel Esler (jesler)
Rick, That was me. There were a bunch stuck in the queue, and I cleared it out. Sorry about that. On Jan 15, 2014, at 1:31 PM, Rick Macdougall wrote: > Hi, > > I'm getting all sorts of virus update notifications that are months old and > huge in size. > > Headers for one at http://pasteb

[clamav-users] Vote for ClamAV as the Sourceforge Project of the Month!

2014-01-21 Thread Joel Esler (jesler)
Sourceforge has fired up their monthly "Project of the Month" process again, and they were kind enough to choose ClamAV for this months vote! You can read more about the process on their blog post here: https://sourceforge.net/blog/revival-of-weekly-featured-projects-and-project-of-the-month-vot

Re: [clamav-users] request for feature

2014-02-02 Thread Joel Esler (jesler)
Because these are two separate systems. In two different parts of the network. We haven't consolidated everything that we took over when the original clam team left yet. -- Joel Esler Sent from my iPhone > On Jan 31, 2014, at 14:59, "Gene Heskett" wrote: > > On Friday 31 January 2014 14:5

Re: [clamav-users] request for feature

2014-02-02 Thread Joel Esler (jesler)
On Feb 2, 2014, at 9:39 AM, Gene Heskett mailto:ghesk...@wdtv.com>> wrote: On Sunday 02 February 2014 09:37:59 Joel Esler (jesler) did opine: Because these are two separate systems. In two different parts of the network. We haven't consolidated everything that we took over when t

[clamav-users] ClamAV®: ClamAV Mailing List Maintenance, Monday, February 10th, 2014

2014-02-06 Thread Joel Esler (jesler)
http://blog.clamav.net/2014/02/clamav-mailing-list-maintenance-monday.html ClamAV Mailing List Maintenance, Monday, February 10th, 2014 This notice is for the members of the ClamAV mailing lists found here: http://lists.clamav.net/mailman/listinfo/clamav-users On Monday, February 10th, 2014 s

Re: [clamav-users] [Clamav-announce] ClamAV®: ClamAV Mailing List Maintenance, Monday, February 10th, 2014

2014-02-07 Thread Joel Esler (jesler)
On Feb 6, 2014, at 8:19 PM, Dennis Peterson mailto:denni...@inetnw.com>> wrote: On 2/6/14, 3:12:09PM, Joel Esler (jesler) wrote: http://blog.clamav.net/2014/02/clamav-mailing-list-maintenance-monday.html ClamAV Mailing List Maintenance, Monday, February 10th, 2014 This notice is f

[clamav-users] Introducing OpenSSL as a dependency to ClamAV

2014-02-26 Thread Joel Esler (jesler)
On Friday last week I put a blog post up about introducing OpenSSL into the ClamAV ecosystem. I wanted to make sure everyone saw it, so please have a look at the blog post here: http://blog.clamav.net/2014/02/introducing-openssl-as-dependency-to.html -- Joel Esler | Threat Intelligence Team Le

Re: [clamav-users] Introducing OpenSSL as a dependency to ClamAV

2014-02-28 Thread Joel Esler (jesler)
On Feb 28, 2014, at 7:34 AM, Shawn Webb mailto:sw...@sourcefire.com>> wrote: On Fri, Feb 28, 2014 at 10:27 AM, Mark Allan mailto:markjal...@blueyonder.co.uk>>wrote: As this is first time ClamAV has had an external dependency, would it be worth making it an opt-out configure option for people wh

Re: [clamav-users] as unsubscribe from list ?

2014-03-03 Thread Joel Esler (jesler)
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Bottom of the page. -- Joel Esler | Threat Intelligence Team Lead | Open Source Manager | Vulnerability Research Team On Mar 3, 2014, at 9:06 AM, Erwin Castillo wrote: thanks ___ Help us

[clamav-users] Snort.org Blog: Open Source Community Webinar

2014-03-12 Thread Joel Esler (jesler)
http://blog.snort.org/2014/03/open-source-community-webinar.html Open Source Community Webinar Open Source community, First off, we’d like to thank everyone for their continued use of our projects and products here at Sourcefire, now a part of Cisco. We love making great software, and we lo

[clamav-users] ClamAV®: ClamAV 0.95 Engine End of Life Announcement

2014-03-28 Thread Joel Esler (jesler)
http://blog.clamav.net/2014/03/clamav-095-engine-end-of-life.html ClamAV 0.95 Engine End of Life Announcement ClamAV Community, This notice is to inform you that effective immediately ClamAV 0.95 (and all minor versions) is no longer supported in accordance with ClamAV's EOL policy which can b

Re: [clamav-users] Mass sample submission

2014-04-05 Thread Joel Esler (jesler)
Bohdan, I'd be glad to set you up with a submission method. I'll email you separately offlist. -- Joel Esler Sent from my iPhone > On Apr 5, 2014, at 5:53, "Bohdan Turkynewych" wrote: > > Hi everyone, > > I have up to several thousand already detected malware samples each day > that are not

Re: [clamav-users] git repository

2014-04-11 Thread Joel Esler (jesler)
On Apr 11, 2014, at 3:14 AM, Steve Basford mailto:steveb_cla...@sanesecurity.com>> wrote: Dear all, I the past - before the latest takeover - I used the git repository to keep track of updates and/or other changes. I notice that since the latest takeover the git repository only is used when a n

[clamav-users] ClamAV®: ClamXAv in the top ten free Apps in the Mac OSX App Store!

2014-04-23 Thread Joel Esler (jesler)
http://blog.clamav.net/2014/04/clamxav-in-top-ten-free-apps-in-mac-osx.html ClamXAv in the top ten free Apps in the Mac OSX App Store! Congratulations to Mark Allan, developer of the ClamXav project (the OSX GUI front-end to ClamAV) for making the top ten list in the fr

[clamav-users] ClamAV®: ClamAV 0.98.2 has been released!

2014-05-06 Thread Joel Esler (jesler)
http://blog.clamav.net/2014/05/clamav-0982-has-been-released.html ClamAV 0.98.2 has been released! ClamAV 0.98.2 has been released, and is available here: http://sourceforge.net/projects/clamav/files/clamav/0.98.2/, below are the highlighted changes and fixes from this release! 0.98.2 --

[clamav-users] ClamAV 0.98.2

2014-05-06 Thread Joel Esler (jesler)
ClamAV Community, As some of you may have noticed, ClamAV 0.98.2 has been pulled down from the site temporarily due to unforeseen issues. More news will be forthcoming and it should be fixed soon. Thanks for your patience in the meantime. -- Joel Esler Open Source Manager Threat Intelligence

[clamav-users] ClamAV®: ClamAV 0.98.3 has been released!

2014-05-07 Thread Joel Esler (jesler)
http://blog.clamav.net/2014/05/clamav-0983-has-been-released.html ClamAV 0.98.3 has been released, and is available here: http://sourceforge.net/projects/clamav/files/clamav/0.98.3/, below are the highlighted changes and fixes from this release! 0.98.3 -- Here are the new features and im

Re: [clamav-users] Clamav is not finding any viruses

2014-05-09 Thread Joel Esler (jesler)
We exchange samples with many groups, companies, and people. Bringing in over 650,000 unique samples a day. Which highlights the "understaffed" issue. -- Joel Esler Sent from my iPhone > On May 9, 2014, at 4:59, "Al Varnell" wrote: > > Thorvald, > > Just another user here, but I don’t und

Re: [clamav-users] Version 0.98.3 fails on Solaris

2014-05-09 Thread Joel Esler (jesler)
On May 8, 2014, at 12:00 PM, Dennis Peterson mailto:denni...@inetnw.com>> wrote: On 5/8/14, 8:23 AM, Shawn Webb wrote: Hey Martin, Is there a way you can get to me main.cvd.broken? I'm wondering if the change to OpenSSL for hashing has somehow changed parsing CVDs and CLDs on big-endian machines

Re: [clamav-users] Version 0.98.3 fails on Solaris

2014-05-09 Thread Joel Esler (jesler)
On May 8, 2014, at 12:50 PM, Dennis Peterson mailto:denni...@inetnw.com>> wrote: On 5/8/14, 9:00 AM, Dennis Peterson wrote: On 5/8/14, 8:23 AM, Shawn Webb wrote: Hey Martin, Is there a way you can get to me main.cvd.broken? I'm wondering if the change to OpenSSL for hashing has somehow changed p

Re: [clamav-users] Support question.

2014-05-12 Thread Joel Esler (jesler)
On May 12, 2014, at 2:57 PM, Al Varnell mailto:alvarn...@mac.com>> wrote: On Mon, May 12, 2014 at 11:41 AM, J MCN wrote: Hello, I am writing with a question about the EOL policy here: https://github.com/vrtadmin/clamav-faq/blob/master/faq/faq-eol.md I have a few 0.97.7 instances still out ther

Re: [clamav-users] clamav-0.98.3 make error Mac OSX 10.5.8

2014-05-12 Thread Joel Esler (jesler)
On May 12, 2014, at 3:08 PM, Gary mailto:o...@ibsltd.ca>> wrote: I have been using ClamAV for years and never had any issues!! Oh well... - a good run indeed. Mac OSX 10.5.8 You realize that Apple’s support for that OS ended, probably 4 years ago? -- Joel Esler Open Source Manager Threat Intel

[clamav-users] ClamAV®: ClamAV 0.98.4rc1 is now available!

2014-05-16 Thread Joel Esler (jesler)
http://blog.clamav.net/2014/05/clamav-0984rc1-is-now-available.html ClamAV 0.98.4rc1 is now available for download. Shown below are the notes concerning this release: 0.98.4rc1 -- ClamAV 0.98.4 is a bug fix release. The following issues are now resolved: - Various build problems on Solar

Re: [clamav-users] Version 0.98.3 fails on Solaris

2014-05-16 Thread Joel Esler (jesler)
On May 13, 2014, at 4:24 AM, Al Varnell mailto:alvarn...@mac.com>> wrote: On Tue, May 13, 2014 at 01:04 AM, James Lee wrote: (Please don't top post.) Please leave moderation functions to the moderators. There could possibly be a rule preventing it, but I’m unaware of any and there are example

Re: [clamav-users] ClamAv updates not being published properly?

2014-05-28 Thread Joel Esler (jesler)
Thanks all. We'll take a look! -- Joel Esler Sent from my iPhone > On May 28, 2014, at 6:34, "Jim Popovitch" wrote: > > On Wed, May 28, 2014 at 4:39 AM, Randal, Phil > wrote: >> Oops, left off the latest version of patterns - 19041, allegedly, yet we're >> stuck on 19037. > > Same here. DNS

Re: [clamav-users] Bitcoin : Chainstate : Virii

2014-06-10 Thread Joel Esler (jesler)
Thanks Ellan. What is your question here? -- Joel Esler Open Source Manager Threat Intelligence Team Lead Vulnerability Research Team On Jun 10, 2014, at 10:49 AM, ellanios82 mailto:ellanio...@gmail.com>> wrote: Hello List i notice link : https://bitcointalk.org/index.php?topic=574691.0 .

Re: [clamav-users] Bitcoin : Chainstate : Virii [SEC=UNOFFICIAL]

2014-06-10 Thread Joel Esler (jesler)
From: clamav-users-boun...@lists.clamav.net > [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Joel Esler > (jesler) > Sent: Wednesday, 11 June 2014 8:52 AM > To: ClamAV users ML > Subject: Re: [clamav-users] Bitcoin : Chainstate : Virii > > Thanks Ellan. &g

[clamav-users] ClamAV®: ClamAV 0.98.4 has been released!

2014-06-16 Thread Joel Esler (jesler)
http://blog.clamav.net/2014/06/clamav-0984-has-been-released.html ClamAV 0.98.4 has been released! The ClamAV team is pleased to announce the release of ClamAV 0.98.4! Below are the release notes for 0.98.4: 0.98.4 -- ClamAV 0.98.4 is a bug fix release. The following issues are now reso

Re: [clamav-users] FN with unknown virus attachment

2014-06-21 Thread Joel Esler (jesler)
Thanks Alex, We'll have a look. -- Joel Esler Sent from my iPhone > On Jun 21, 2014, at 9:00, "Alex" wrote: > > Hi, > I'm using clamav-0.98.4 on fedora20 with the sanesecurity and safebrowsing > sigs and still seeing an unknown virus pass through our systems. I've > submitted it to the clama

Re: [clamav-users] Bad detection rate

2014-06-23 Thread Joel Esler (jesler)
Always, as a reminder, we have the ClamAV Community sigs list, which anyone in the world can submit signatures to us, which we’ll put through the system and they’ll go out in the official list. http://blog.clamav.net/2014/02/introducing-clamav-community-signatures.html -- Joel Esler Open Source

Re: [clamav-users] Bad detection rate

2014-06-24 Thread Joel Esler (jesler)
On Jun 24, 2014, at 11:01 AM, Bowie Bailey mailto:bowie_bai...@buc.com>> wrote: On 6/24/2014 9:53 AM, Walter Bürger wrote: Hi dear ClamAV team, I submitted the same file as yesterday to virustotal.com: Rechnung_23_14_06_198630274520031_telekom_deutschland_GmbH.exe (MD5 a

Re: [clamav-users] Bad detection rate

2014-06-25 Thread Joel Esler (jesler)
> On Jun 25, 2014, at 1:40, "Dennis Peterson" wrote: > >> On 6/24/14, 9:16 PM, Al Varnell wrote: >> That’s certainly a valid question and deserves a ClamAV® answer, but I’ll >> throw this comment out. >> >> The signature team has always been overwhelmed by the number of new samples >> it rece

Re: [clamav-users] Bad detection rate

2014-06-25 Thread Joel Esler (jesler)
On Jun 25, 2014, at 2:34, "Al Varnell" wrote: >> Tue, Jun 24, 2014 at 10:40 PM, Dennis Peterson wrote: >> >> It wouldn't hurt to have a youtube video that shows admins how to generate >> simple day 0 check sum sigs that they can deploy locally while waiting for a >> Cisco/SourceFire signature

Re: [clamav-users] Bad detection rate

2014-06-25 Thread Joel Esler (jesler)
> On Jun 25, 2014, at 0:17, "Al Varnell" wrote: > > The signature team has always been overwhelmed by the number of new samples > it receives every day and even though the team is bigger today, so is the > input. Right. We have several people working on malware full time. But we receive well

Re: [clamav-users] Malformed database?

2014-06-25 Thread Joel Esler (jesler)
> On Jun 25, 2014, at 5:22, "Steve Basford" > wrote: > > >> On Wed, June 25, 2014 9:57 am, Paul Smith wrote: >> Using ClamAV 0.97.2, since yesterday's update Freshclam gives this when >> trying to download a fresh database: > > Hi Paul, > > Much newer binaries here (0.98.4), does it work ok

Re: [clamav-users] Malformed database?

2014-06-25 Thread Joel Esler (jesler)
On Jun 25, 2014, at 7:15 AM, Paul Smith mailto:p...@pscs.co.uk>> wrote: Oh? The FAQ says that the latest two major versions (0.97 and 0.98 ?) are tested against the DB, so it should work as far as I can see. You’re right. I’m sorry. My brain must have transposed “0.97.2” to “0.92.7” ___

Re: [clamav-users] Bad detection rate

2014-06-25 Thread Joel Esler (jesler)
On Jun 25, 2014, at 4:23 AM, Walter Bürger wrote: > bestellung_9AF6AAE4.exe > (MD5 186a1745b54467fa168309da93960df4) > 18 out of 54 scanners detected a trojan > (F-Secure named it Trojan.Injector.AWD) > but ClamAV did not detect it. > > I submitted both files to > http://www.clamav.net/lang/en/s

Re: [clamav-users] Reporting false positives fails

2014-07-01 Thread Joel Esler (jesler)
Thank you for brining it to our attention Michael, I’ll take a look. On Jun 27, 2014, at 1:49 PM, Michael Graham wrote: > I think google is linking to an old version of the page. > > I googled "clamav report" and clicked the top link: > http://cgi.clamav.net/sendvirus.cgi > > But if I got to t

Re: [clamav-users] Win.Trojan.Zwangi-432 / Osx.Exploit.CVE_2006_0848 / PHP.Shell-29

2014-07-08 Thread Joel Esler (jesler)
> On Jul 8, 2014, at 5:11, "DUCARROZ Birgit" wrote: > > Platform: You mean the platform where clamav is installed, not the platform > the virus is for, just? Yes. The platform where ClamAV is. > What do you mean I must attach with "raw message"? The output of the > virus-scan? Or the file

[clamav-users] ClamAV®: ClamAV 0.98.5 beta has been posted!

2014-07-08 Thread Joel Esler (jesler)
ClamAV 0.98.5 beta has been posted! The ClamAV team is proud to announce the availability of ClamAV 0.98.5 beta ready for testing! http://blog.clamav.net/2014/07/clamav-0985-beta-has-been-posted.html -- Joel Esler Open Source Manager Threat Intelligence Team Lead Vulnerability Research Team ___

[clamav-users] ClamAV®: Compiling OpenSSL For Windows

2014-07-09 Thread Joel Esler (jesler)
Compiling OpenSSL For Windows In order to support more advanced features planned in future releases, ClamAV has switched to using OpenSSL for hashing. The ClamAV Visual Studio project included with ClamAV's source code requires the OpenSSL distributables to be placed in a specific directory. T

[clamav-users] ClamAV®: ClamAV 0.96 Engine End of Life Announcement

2014-07-29 Thread Joel Esler (jesler)
> http://blog.clamav.net/2014/07/clamav-096-engine-end-of-life.html > > ClamAV 0.96 Engine End of Life Announcement > > ClamAV Community, > > This notice is to inform you that effective immediately ClamAV 0.96 (and all > minor versions) is no longer supported in accordance with ClamAV's EOL po

Re: [clamav-users] false positive sample

2014-08-25 Thread Joel Esler (jesler)
On Aug 22, 2014, at 8:24 PM, Dan McDaniel mailto:d...@dm3.us>> wrote: On Fri 22.Aug.14 15:36, Al Varnell wrote: On Aug 22, 2014, at 3:26 PM, Dan McDaniel mailto:d...@dm3.us>> wrote: I submitted a false positive awhile ago -- probably back in May. It hasn't been fixed yet. Should I submit it agai

Re: [clamav-users] false positive sample

2014-08-25 Thread Joel Esler (jesler)
On Aug 22, 2014, at 6:44 PM, Daniel Quintiliani mailto:d...@runbox.com>> wrote: On Fri, 22 Aug 2014 18:26:37 -0400, Dan McDaniel mailto:d...@dm3.us>> wrote: I submitted a false positive awhile ago -- probably back in May. It hasn't been fixed yet. Should I submit it again? Also, on the web for

Re: [clamav-users] false positive sample

2014-08-25 Thread Joel Esler (jesler)
On Aug 25, 2014, at 12:56 PM, G.W. Haywood mailto:cla...@jubileegroup.co.uk>> wrote: Hi there, On Mon, 25 Aug 2014, it was difficult to figure out who wrote: Good thing I only use Linux now, where the effectiveness of antivirus software isn't too important. I just wish ClamAV developers were mo

[clamav-users] ClamAV®: The new ClamAV.net is here!

2014-08-26 Thread Joel Esler (jesler)
http://blog.clamav.net/2014/08/the-new-clamavnet-is-here.html For the past several months we've been working diligently on a complete refresh of several Open Source websites, designs and logos. The first website we rolled out a refresh of was Snort.org back in June. At the s

Re: [clamav-users] False positive for sure

2014-09-03 Thread Joel Esler (jesler)
That's a PUA alert. That's not on by default. -- Joel Esler Sent from my iPhone > On Sep 3, 2014, at 6:40, "Gene Heskett" wrote: > > Greetings; > > This report from last nights clamscan is absolutely a false positive: > /home/gene/Downloads/Download/DriveWire4_linux_i386.tar.gz: > PUA.Mis

Re: [clamav-users] ClamAV®: The new ClamAV.net is here!

2014-09-03 Thread Joel Esler (jesler)
clamav-0.98.4-win32.msi which > isn't very useful for an of my unix flavors. > > On 8/31/2014 6:35 AM, Alessandro Vesely wrote: >> On Tue 26/Aug/2014 20:56:27 +0200 Joel Esler (jesler) wrote: >>> >>> http://blog.clamav.net/2014/08/the-new-clamavnet-is-here.

Re: [clamav-users] Where can I download the daily.cvd and main.cvd files

2014-09-09 Thread Joel Esler (jesler)
On Sep 9, 2014, at 1:44 PM, Leonardo Rodrigues mailto:leolis...@solutti.com.br>> wrote: On 09/09/14 14:28, McCarthy, John D. wrote: A million thanks. This is what I needed. Many of my systems do not connect to the internet. This should be noted in an obvious place on the webpage where users

Re: [clamav-users] Warning in ClamAV update process

2014-09-11 Thread Joel Esler (jesler)
On Sep 11, 2014, at 5:10 AM, Tommy Berglund mailto:to...@fam-berglund.eu>> wrote: Den 2014-09-11 09:59, Al Varnell skrev: On Thu, Sep 11, 2014 at 12:27 AM, Tommy Berglund wrote: I always get these warnings and it is always ip 192.121.13.5 Any way to avoid these warnings? That mirror appear to

Re: [clamav-users] Warning in ClamAV update process

2014-09-11 Thread Joel Esler (jesler)
On Sep 11, 2014, at 7:15 AM, Gene Heskett mailto:ghesk...@wdtv.com>> wrote: On Thursday 11 September 2014 05:10:52 Tommy Berglund did opine And Gene did reply: Den 2014-09-11 09:59, Al Varnell skrev: On Thu, Sep 11, 2014 at 12:27 AM, Tommy Berglund wrote: I always get these warnings and it is alw

Re: [clamav-users] Warning in ClamAV update process

2014-09-11 Thread Joel Esler (jesler)
> On Sep 11, 2014, at 4:36 PM, Bowie Bailey wrote: > > On 9/11/2014 4:25 PM, Joel Esler (jesler) wrote: >> On Sep 11, 2014, at 7:15 AM, Gene Heskett >> mailto:ghesk...@wdtv.com>> wrote: >> >> On Thursday 11 September 2014 05:10:52 Tommy Berglund did opin

Re: [clamav-users] Warning in ClamAV update process

2014-09-13 Thread Joel Esler (jesler)
; wrote: On Thursday 11 September 2014 16:25:27 Joel Esler (jesler) did opine And Gene did reply: On Sep 11, 2014, at 7:15 AM, Gene Heskett mailto:ghesk...@wdtv.com><mailto:ghesk...@wdtv.com>> wrote: On Thursday 11 September 2014 05:10:52 Tommy Berglund did opine And Gene did reply: Den 2014

Re: [clamav-users] daily.cvd file.

2014-09-15 Thread Joel Esler (jesler)
Georges, You should be using the freshclam tool provided with ClamAV to download updates from our mirror infrastructure. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos On Sep 15, 2014, at 2:03 PM, Volcy, Georges mailto:georges.vo...@pseg.com>> wrote: I've been unable to

Re: [clamav-users] daily.cvd file.

2014-09-15 Thread Joel Esler (jesler)
Correct. We plan on removing these after teaching people how to set up their own private mirror. > On Sep 15, 2014, at 2:07 PM, Ed Christiansen MS wrote: > > They hide them really really well - like they don't want you to know they are > there. > > http://www.clamav.net/index.html -> Downlo

Re: [clamav-users] daily.cvd file.

2014-09-17 Thread Joel Esler (jesler)
ddress is now georges.vo...@pseg.com<mailto:georges.vo...@pseg.com> -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Joel Esler (jesler) Sent: Monday, September 15, 2014 4:10 To: ClamAV users ML Subject: Re: [clamav-users] daily.cvd file.

Re: [clamav-users] Daily.cvd file

2014-09-18 Thread Joel Esler (jesler)
On Sep 18, 2014, at 1:39 AM, Al Varnell mailto:alvarn...@mac.com>> wrote: On Sep 17, 2014, at 9:59 PM, Paul Kosinski mailto:cla...@iment.com>> wrote: I'm running ClamAV 0.98.4, yet when I built it the main.cvd file was from 17 Sep 2013 (now a year old!), and the daily.cvd files have been about

Re: [clamav-users] daily.cvd vs main.cvd

2014-09-19 Thread Joel Esler (jesler)
We use rsync to move the cvd’s out to the mirrors. Using freshclam to get it from the mirrors is the preferred method. Unless you want to donate the time and resources (and bandwidth) to become a mirror. > On Sep 18, 2014, at 6:28 PM, Al Varnell wrote: > > OK, so I’m a bit confused by this.

Re: [clamav-users] Why are the ClamAV team so slow at creating signatures ?

2014-10-03 Thread Joel Esler (jesler)
> On Oct 3, 2014, at 7:19 AM, Tim Smith wrote: > > Hi, > > Over the last 24-48 hours, I submitted a number of email attachments. > RAR files that contained viruses. > > Running one or two of them through VirusTotal today, I see ClamAV have > *STILL* not managed to produce virus definitions for

Re: [clamav-users] Why are the ClamAV team so slow at creating signatures ?

2014-10-06 Thread Joel Esler (jesler)
> On Oct 3, 2014, at 5:12 PM, Dennis Peterson wrote: > > On 10/3/14 8:10:24AM, Mark Allan wrote: >> On 3 Oct 2014, at 03:39 pm, Gene Heskett wrote: >> >>> On Friday 03 October 2014 07:19:13 Tim Smith did opine Over the last 24-48 hours, I submitted a number of email attachments. RAR

Re: [clamav-users] Why are the ClamAV team so slow at creating signatures ?

2014-10-06 Thread Joel Esler (jesler)
> On Oct 3, 2014, at 5:16 PM, Dennis Peterson wrote: > > On 10/3/14 2:11:15PM, Charles Swiger wrote: >> On Oct 3, 2014, at 1:54 PM, Leonardo Rodrigues >> wrote: >>> On 03/10/14 08:19, Tim Smith wrote: All of the commercial vendors I submitted the samples to had analysed and created s

Re: [clamav-users] Why are the ClamAV team so slow at creating signatures ?

2014-10-06 Thread Joel Esler (jesler)
> On Oct 6, 2014, at 10:21 AM, Tim Smith wrote: > >> but call paid prebuildt software always better is not correct, but mostly >> just marketing > > What rubbish... ClamAV always lags behind the commercial vendors in > any comparative you wish to mention. > > The majority of well established

[clamav-users] ClamAV® blog: ClamAV 0.95.5rc1 is now available for download!

2014-10-14 Thread Joel Esler (jesler)
> http://blog.clamav.net/2014/10/clamav-0955rc1-is-now-available-for.html > > > ClamAV 0.95.5rc1 is now available for download! > > ClamAV 0.95.5rc1 is now available for download. Shown below are the notes > for this re

Re: [clamav-users] ClamAV® blog: ClamAV 0.98.5rc1 is now available for download!

2014-10-14 Thread Joel Esler (jesler)
An error on my part.. This should read 0.98.5-rc1, not 95.5-rc1. Corrected: > ClamAV 0.98.5-rc1 is now available for download! ClamAV 0.98.5-rc1 is now available for download. Shown below are the notes for this release: ClamAV 0.98.5 also includes these new features: - Support for the XD

[clamav-users] ClamAV® blog: ClamAV 0.98.5 has been released!

2014-11-18 Thread Joel Esler (jesler)
http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html ClamAV 0.98.5 has been released! Welcome to ClamAV 0.98.5! ClamAV 0.98.5 includes important new features for collecting and analyzing file properties. Software developers and analysts may collect file property meta data using the

Re: [clamav-users] How can I get commercial support of clamav for Windows Servers?

2014-11-18 Thread Joel Esler (jesler)
We do not provide commercial support for ClamAV. Our commercial product which incorporates ClamAV , produced by Cisco, is called fireAMP. Support is provided via our mailing list, and generally has an excellent response time. -- Joel Esler Sent from my iPhone On Nov 18, 2014, at 8:27 PM, Rithy

Re: [clamav-users] ClamAV® blog: ClamAV 0.98.5 has been released!

2014-11-19 Thread Joel Esler (jesler)
Dennis, Haha. Yes at some point. We have a roadmap for a 1.0 release. -- Joel Esler Sent from my iPhone On Nov 19, 2014, at 2:44 AM, Dennis Peterson mailto:denni...@inetnw.com>> wrote: On 11/18/14 2:11 PM, Joel Esler (jesler) wrote: http://blog.clamav.net/2014/11/clamav-0985-ha

[clamav-users] Bytecode Blog Posts

2014-11-19 Thread Joel Esler (jesler)
We have three blog posts concerning bytecode that will be posted to the ClamAV over the next week. Today was the first one: http://blog.clamav.net/2014/11/brief-re-introduction-to-clamav.html Please take a minute to read the blog posts if bytecode is something you are interested in or use. If

Re: [clamav-users] detection of really old viruses?

2014-11-22 Thread Joel Esler (jesler)
Al is correct here. -- Joel Esler Sent from my iPhone On Nov 22, 2014, at 9:54 PM, Al Varnell mailto:alvarn...@mac.com>> wrote: On Sat, Nov 22, 2014 at 06:42PM, Marcel Giannelia wrote: Most of the virus definitions in the cvd files don't seem to have dates associated with them (at least that

Re: [clamav-users] cannot find clamav-devel-latest.tar.gz anymore...

2014-11-26 Thread Joel Esler (jesler)
Well I imagine this probably happened when we switched from the old website to the new website. I wasn’t aware that we were producing daily builds. I’ll talk it over with the team and see if this is something we want to include on the new site. -- Joel Esler Open Source Manager Threat Intelli

Re: [clamav-users] cannot find clamav-devel-latest.tar.gz anymore...

2014-11-26 Thread Joel Esler (jesler)
berg Email: heino.backh...@fink-computer.de Web: www.fink-computer.de Fax: +49-641-98444638 Fon: +49-641-98444640 UST-ID: DE151040770 HRB: 2143 Gießen GF: Fredi Fink "I was gratified to be able to answer promptly, and I did. I said I didn't know." -Mark Twain Am 26.11.2014

Re: [clamav-users] I will be out of the office starting 12-19-2014 through 12-29-2014.

2014-12-22 Thread Joel Esler (jesler)
I’ve disabled your email to clamav-users until you get back form vacation to keep you from sending email to the list subscribers. Joel > On Dec 22, 2014, at 10:57 AM, Christopher Checca > wrote: > > I will be out of the office starting 12-19-2014 through 12-29-2014. > > I will respond to y

Re: [clamav-users] detection of really old viruses?

2014-12-31 Thread Joel Esler (jesler)
Naresh, Please do not reply to every thread on the ClamAV list asking for help. Have you looked at the documentation page on CLamAV.net ? -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos > On Dec 31, 2014, at 12:36 AM, naresh hcu wrote: > > Respected

Re: [clamav-users] Which anti-virus do you prefer on Linux desktop?

2015-01-01 Thread Joel Esler (jesler)
I think the answer you are going to get from the ClamAV list is ClamAV. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos > On Jan 1, 2015, at 2:22 AM, Franklin Wang wrote: > > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > I've tried nod32, Dr. Web, AVG, clamav

Re: [clamav-users] Which anti-virus do you prefer on Linux desktop?

2015-01-05 Thread Joel Esler (jesler)
> On Jan 1, 2015, at 4:16 PM, andreisa...@live.ie > wrote: > > >> Date: Thu, 1 Jan 2015 18:27:00 + >> From: cla...@jubileegroup.co.uk >> To: clamav-users@lists.clamav.net >> Subject: Re: [

Re: [clamav-users] Which anti-virus do you prefer on Linux desktop?

2015-01-05 Thread Joel Esler (jesler)
> On Jan 1, 2015, at 1:27 PM, G.W. Haywood > wrote: > >> I copied a result of 'Day0 Summary' from shadowserver.org >> ... > > and unqualified statistics are worthless. Another thing to remember is that shadowserver’s feed is not 100

Re: [clamav-users] Configure Options For Minimal Install

2015-01-21 Thread Joel Esler (jesler)
I’ll let someone from the team chime in here, but it’s always better to come to the mailing lists than to go to Github. We’ll see it either way, but more people are here. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos > On Jan 21, 2015, at 4:26 PM, E R wrote: > > Hi to

Re: [clamav-users] clamav-virusdb on lurker

2015-01-25 Thread Joel Esler (jesler)
Al, Not sure what the issue is here. The archives are all here though: http://lists.clamav.net/pipermail/clamav-virusdb/2015-January/thread.html There is nothing stuck in the queues, so all the emails have pushed. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos On Jan 22

Re: [clamav-users] clamav-virusdb on lurker

2015-01-26 Thread Joel Esler (jesler)
OH, I see what you are saying. Sorry about that. Let me look into this. > On Jan 26, 2015, at 6:41 AM, Walter Bürger wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Remarkable, > > I can see my last mail to the list on > https://www.mail-archive.com/clamav-users@lists.clamav.

Re: [clamav-users] clamav-virusdb on lurker

2015-01-26 Thread Joel Esler (jesler)
Intelligence Team Lead Talos > On Jan 26, 2015, at 9:19 AM, Joel Esler (jesler) wrote: > > OH, I see what you are saying. Sorry about that. Let me look into this. > > >> On Jan 26, 2015, at 6:41 AM, Walter Bürger wrote: >> >> -BEGIN PGP SIGNED MESSAGE

Re: [clamav-users] About new samples at clamav website.

2015-01-26 Thread Joel Esler (jesler)
Can you give me a 256 of a couple samples? > On Jan 26, 2015, at 1:08 PM, Wagner De Queiroz > wrote: > > Dear users. I receive new viruses (Brazilian malware trojans) all day, and > I submit to clamav, but my submissions never appear at virus list. I like > to suggest at clamav page to submit

[clamav-users] ClamAV® blog: ClamAV 0.98.6 has been released!

2015-01-27 Thread Joel Esler (jesler)
http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html ClamAV 0.98.6 is a bug fix release correcting the following: * library shared object revisions. * installation issues on some Mac OS X and FreeBSD platforms. * includes a patch from Sebastian Andrzej Siewior making Cl

Re: [clamav-users] I have some queries about ClamAV

2015-01-27 Thread Joel Esler (jesler)
It may not have seen my eyes only :) Could you explain my request? I will be looking forward to your reply. Thanks in advance for any help. ~Chang~ -Original Message- From: "Jihyun-Chang"mailto:jhyun_ch...@naver.com>> To: "Joel Esler (jesler)"mailto:

Re: [clamav-users] About new samples at clamav website.

2015-01-28 Thread Joel Esler (jesler)
Walter, Thanks. The issue is that we receive over a million new samples a day. We prioritize those samples for analysis and detection in a number of ways, one of the ways, of course, being "number of submitters". So, for example if we see 13 different places giving us the same sample, obviousl

Re: [clamav-users] Offline updates

2015-01-28 Thread Joel Esler (jesler)
The VirusDB files are listed on that page. However, it is highly recommended that you use freshclam to update. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos > On Dec 3, 2014, at 1:57 AM, Pascal wrote: > > Hi, > > I found this on http://www.clamav.net/doc/cvd.html : >

Re: [clamav-users] ExtraDatabase question

2015-01-29 Thread Joel Esler (jesler)
The feature still exists. However, I don’t believe we distribute any “ExtraDatabase”s on the mirrors. > On Jan 29, 2015, at 7:05 AM, Dennis Peterson wrote: > > Is this a deprecated feature we can/should ignore? > > dp > ___ > Help us build a comp

Re: [clamav-users] certificates

2015-02-09 Thread Joel Esler (jesler)
I'll get this fixed up. Thanks all. -- Joel Esler Sent from my iPhone On Feb 9, 2015, at 6:12 AM, Steve Basford mailto:steveb_cla...@sanesecurity.com>> wrote: On Mon, February 9, 2015 11:03 am, Al Varnell wrote: Yes, I'm seeing the same thing with Safari for OS X. I also get an expired 22 Oct

Re: [clamav-users] Mirrors 65.19.179.67

2015-02-12 Thread Joel Esler (jesler)
> On Feb 12, 2015, at 4:51 AM, Al Varnell wrote: > > I believe this has come up a few times before, but it has never been resolved. > > The mirror status page vanished when the new web site rolled out. It wasn’t > always accurate, but at least there were some clues there. Is there any > cha

Re: [clamav-users] Mirrors 65.19.179.67

2015-02-12 Thread Joel Esler (jesler)
This mirror has been removed. > On Feb 12, 2015, at 6:46 AM, Joel Esler (jesler) wrote: > > >> On Feb 12, 2015, at 4:51 AM, Al Varnell wrote: >> >> I believe this has come up a few times before, but it has never been >> resolved. >> >> The mirr

Re: [clamav-users] daily.cvd out of date?

2015-02-26 Thread Joel Esler (jesler)
I just did the same operation and pulled this mornings. Can you try again? > On Feb 26, 2015, at 10:50 AM, Smith, David wrote: > > Just did a wget http://database.clamav.net/daily.cvd and am getting a > daily.cvd dated Aug 28 is there something going on with the servers??? > > [root@SOMES

Re: [clamav-users] daily.cvd out of date?

2015-02-26 Thread Joel Esler (jesler)
.@fsu.edu (850)644-2591 > Information Technology Services Florida State University > > > -Original Message- > From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf > Of Joel Esler (jesler) > Sent: Thursday, February 2

Re: [clamav-users] daily.cvd out of date?

2015-02-26 Thread Joel Esler (jesler)
Who says we don’t? :) But you may be seeing different results than what we see. It’s the internet. > On Feb 26, 2015, at 12:41 PM, G.W. Haywood wrote: > > Hi there, > > On Thu, 26 Feb 2015, Joel Esler wrote: > >> Which mirror(s) do you suspect to be out of sync? > > I can't believe you hav

Re: [clamav-users] daily.cvd out of date?

2015-02-26 Thread Joel Esler (jesler)
24 Linux Administrators its-unixadm...@fsu.edu<mailto:its-unixadm...@fsu.edu> (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.c

Re: [clamav-users] Unsubscribing From Update List?

2015-03-08 Thread Joel Esler (jesler)
I assume by "update list" he means the virusdb list. Which Doug linked to. -- Joel Esler Sent from my iPhone On Mar 8, 2015, at 10:35 PM, Al Varnell mailto:alvarn...@mac.com>> wrote: That's the database list. The user list is: .

  1   2   3   4   5   6   7   8   9   10   >