Re: [clamav-users] Clamscan infection that is not infected

On Apr 15, 2015, at 9:50 AM, sanes z...@wrzanes.commailto:z...@wrzanes.com wrote: Why does clamscan show this file infection, but a scan with VirusTotal.comhttp://VirusTotal.com shows file is safe? Which source should I trust? c:\Windows\System32\mobsync.exe: Win.Trojan.Agent-863936 FOUND

Re: [clamav-users] ClamAV® blog: Lurker is going End of Life

, May 18, 2015 at 02:20 PM, Joel Esler (jesler) wrote: http://blog.clamav.net/2015/05/lurker-is-going-end-of-life.html Lurker is going End of Life For years, we've had a system named Lurker that displayed the archives for our mailing lists, well, we are actually keeping the archives for the mailing

[clamav-users] ClamAV® blog: ClamAV 0.99b Meets YARA!

ClamAV 0.99b Meets YARA! The first beta release of ClamAV 0.99 is now on SourceForge! ClamAV 0.99 has some important new features to improve malware detection. First, ClamAV 0.99 supports YARA rules. YARA is another popular open source project for malware detection, analysis, and

Re: [clamav-users] DAT File License

Gpl v2 -- Joel Esler Sent from my iPhone On Jun 13, 2015, at 6:54 PM, Trevor Vaughan tvaug...@onyxpoint.commailto:tvaug...@onyxpoint.com wrote: Hi All, I apologize if I missed this, but I've checked through various FAQs and have not been able to determine what license the DAT files fall

Re: [clamav-users] unsubscribe

Why don’t you have access to the manual on github? On May 27, 2015, at 1:21 PM, Cmos35 x.lep...@laposte.net wrote: Good evening, Excuse me to come to you through this mail but the question that I asked her begone find answers regarding freshclam.conf configuration and more because I do

Re: [clamav-users] PUA and file descriptions

We implemented a naming convention about 3 years ago that we’ve been using since, things named before that were named.. somewhat loosely. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos Group http://www.talosintel.com On May 28, 2015, at 2:50 PM, Al Varnell

Re: [clamav-users] Fwd: Unable to detect pdf virus

Can you provide us with the hash for the file? -- Joel Esler Manager, Threat Intelligence and Open Source Talos Group Sent from my iPhone On Jul 28, 2015, at 7:43 AM, P K pkopen...@gmail.commailto:pkopen...@gmail.com wrote: Sure. I uploaded same. I wanted someone else to try to make sure its

Re: [clamav-users] Unable to detect pdf virus

So you generated a brand new malicious pdf? (Trying to understand what the question is) Did you submit said malicious pdf to us? Perhaps you could write your own detection and submit it to us via the community signature program? -- Joel Esler Manager, Threat Intelligence and Open Source Talos

Re: [clamav-users] ftp.heanet.ie mirror problem

ACK on this guys. A lot of the guys are on the way to Vegas, or will be tomorrow. I’ve forwarded this email to the correct people in order to get things fixed. -- Joel Esler Manager, Threat Intelligence Team Open Source Talos Group http://www.talosintel.com On Aug 4, 2015, at 7:47 PM, Al

Re: [clamav-users] gpg key

On Jul 16, 2015, at 2:45 PM, Bowie Bailey bowie_bai...@buc.commailto:bowie_bai...@buc.com wrote: On 7/16/2015 1:30 PM, Al Varnell wrote: Start with the Documentation page for Upgrading ClamAV: http://www.clamav.net/doc/upgrade.html • How do I verify the integrity of ClamAV sources? Using

Re: [clamav-users] FP Detection / Reclassify Request

On Jul 16, 2015, at 6:30 PM, Daphne Galme (daphgalm) daphg...@cisco.commailto:daphg...@cisco.com wrote: Hi, I submitted these info several days ago (and someone also did, several weeks ago) for FP. File MD5: 574e52839d9453a0c0b9c32c11f6157e File SHA1: 8530c174909e06ebfde906b94a7c4777aa9dd4a6

Re: [clamav-users] old stuff from Windows95

Please submit false positive reports on the website. http://www.clamav.net -- Joel Esler Manager, Talos Group Sent from my iPad On Nov 16, 2015, at 1:55 PM, ellanios82 > wrote: Hello List , - on my Linux desktop PC , i have some old

[clamav-users] ClamAV® blog: ClamAV.org relaunch, now with on page downloads!

http://blog.clamav.net/2015/10/clamavorg-relaunch-now-with-on-page.html ClamAV.org relaunch, now with on page downloads! Those of you that have visited ClamAV.org recently may have noticed a slight change in our procedures for downloads. For years, we've

Re: [clamav-users] [Clamav-announce] ClamAV® blog: ClamAV.org relaunch, now with on page downloads!

On Oct 15, 2015, at 4:32 PM, Quanah Gibson-Mount <qua...@zimbra.com<mailto:qua...@zimbra.com>> wrote: --On Thursday, October 15, 2015 9:07 PM + "Joel Esler (jesler)" <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: http://blog.clamav.

[clamav-users] ClamAV® blog: ClamAV 0.99 Release Candidate has been posted!

http://blog.clamav.net/2015/10/clamav-099-release-candidate-has-been.html ClamAV 0.99 Release Candidate has been posted! ClamAV 0.99 Release Candidate has been posted for download! Please check out the below release notes: This the first release of ClamAV that is being done on both

Re: [clamav-users] DB update and clamav-milter delay

Al, Thanks for brining that up. Once a minute? That’s fairly excessive. Once an hour is appropriate… Overdoing it, but more appropriate. Keep in mind that the mirrors are donated to ClamAV and the bandwidth you are consuming is probably fairly heavy. If everyone did that…. -- Joel Esler

Re: [clamav-users] DB update and clamav-milter delay

On Sep 29, 2015, at 9:57 AM, Kris Deugau > wrote: Marco wrote: Hello, I installed clamd server (0.98.7) with clamav-milter using RPM of EPEL. With this installation, after every freshclam update session, clamd is forced to read the DB:

Re: [clamav-users] LibClamAV Warning in conjunction with SWF Files

On Dec 11, 2015, at 1:58 PM, Andreas van Ohlen > wrote: LibClamAV Warning: SWF: declared output length != inflated stream size, 486465 != 795244 I am guessing that the Flash file being analyzed declared the length to be 795244 for a

Re: [clamav-users] ClamAV not detecting viruses

We receive millions of samples a day. Bringing the shas or md5 of the file to the list helps us look at what you guys are seeing. -- Joel Esler Manager, Talos Group Sent from my iPhone On Jan 1, 2016, at 12:37 PM, Andrew Wood >

Re: [clamav-users] several malware samples, clamav doesn't detect

f5caedaae531f08bf SHA1(5.zip)= a5b5a277eddae25f8d947622d6ddec4b38c5f494 SHA1(6.zip)= 6e59c943545977f58f87b49724bbac2eb31afe02 SHA1(7.zip)= a8821aeae2ab15640a0647c5842162a2074ed7e3 SHA1(8.zip)= 7239a63577aabd46069636aacb85b1ca725a11d0 SHA1(9.zip)= 298aa02cf43c1fa961117b2f7c5838c04a28df9a On 24.12.

Re: [clamav-users] several malware samples, clamav doesn't detect

Well, from the look of the email below, it's probably Dridex. Which means it's probably a word based macro downloader. -- Joel Esler Manager, Talos Group Sent from my iPhone On Dec 25, 2015, at 3:24 AM, Al Varnell > wrote: I’m a novice at

Re: [clamav-users] several malware samples, clamav doesn't detect

Depends on a number of factors. It may help us if you are looking into a particular threat is to provide us the hash of the file so we can look at it specifically. That being said, we're out of the office until Jan 4. -- Joel Esler Manager, Talos Group Sent from my iPhone On Dec 24, 2015,

Re: [clamav-users] Remove clamav-unofficial-sigs

> On Apr 10, 2016, at 12:10 AM, Paul Wise wrote: > >> On Wed, Apr 6, 2016 at 3:47 PM, Mathieu Parent wrote: >> 2016-04-06 6:55 GMT+02:00 Paul Wise: >>> Personally I am still waiting for clamav freshclam to properly support >>> third-party signatures, so clamav-unofficial-sigs

Re: [clamav-users] ClamAV-users Digest

This should be fixed now. -- Joel Esler Manager, Talos Group > On Mar 3, 2016, at 6:17 PM, Paul Kosinski wrote: > > Hi, > > I haven't received any Digest email since Feb 3, is the list still in > operation? > > Paul Kosinski >

Re: [clamav-users] [Community-sigs] Remove clamav-unofficial-sigs

Sorry if everyone just got a bunch of old emails, they were stuck in the unsubscriber queue, and I just cleared it. Anyway. It’s funny that this topic came up. We are actually currently working on this program with several providers. We’ve reached out to several that we know of, but if

Re: [clamav-users] ClamAV+exim: scanner finds not a single malware

To be honest right now, I'm interested in threats coming out more recently. While yes, your concern is valid, I'd like to hear from someone with a more recent test set. -- Joel Esler iPhone On May 28, 2016, at 12:13 PM, Groach

Re: [clamav-users] ClamAV+exim: scanner finds not a single malware

So our recent improvements and detection have not produced any different result in the field? Sent from my Apple Watch On May 28, 2016, at 10:01 AM, G.W. Haywood wrote: > Hi there, > > On Mon, 23 May 2016, C.D. Cochrane wrote: > >> ... ClamAV is just ... > > and

Re: [clamav-users] ClamAV+exim: scanner finds not a single malware

ng to enjoys replying to this one... On 28/05/2016 23:42, Joel Esler (jesler) wrote: Groach, If you hate the project so much I dont hate he product. Only last week (if you care to read back) I declared how the product WITH THE AID OF 3RD PARTY SIGNATURES made it almost the best product out th

Re: [clamav-users] ClamAV+exim: scanner finds not a single malware

Haven't seen those in a couple years. They were big in the late 90's. -- Joel Esler iPhone On May 30, 2016, at 10:21 AM, Kris Deugau > wrote: Groach wrote: As a side note: is anyone surprised a virus hasnt been released, embedded in a 'password

Re: [clamav-users] ClamAV+exim: scanner finds not a single malware

ail-stopspammin...@yahoo.com<mailto:groachmail-stopspammin...@yahoo.com>> wrote: Im quite surprised really. It seems the logical thing to do to fool inbound mail AV scanners leaving onus on the naive/stupid (delete as applicable) end user. On 30/05/2016 16:48, Joel Esler (jesler) wrote:

Re: [clamav-users] Is it a real attack?

You didn't attach anything. -- Joel Esler Manager, Talos Group Sent from my iPhone On Jan 17, 2016, at 10:47 AM, Jota Pe > wrote: I performed a ClamAV scan of all my desktop PC and the result (it is attached) tells me about some possible

Re: [clamav-users] undefined signature ? Win.Trojan.Win64-166

Unfortunately, the system that presently publishes the ruleset (which we are building a replacement for (more details to come)), and sends the email, does not perform this function as a single step. Someone may have published without clicking the “send email” button. -- Joel Esler Manager,

Re: [clamav-users] Freshclam Non-repudiation

We are more than willing to work with any 3rd party signature house to incorporate the detection into the official DB. -- Joel Esler Manager, Talos Group On Jan 29, 2016, at 5:53 PM, Benny Pedersen > wrote: On 2016-01-29 23:28, Al Varnell wrote: Not sure

Re: [clamav-users] IPv6 servers having problems?

Jay, I’ve forwarded the email over to our Ops Team. -- Joel Esler Manager, Talos Group On Feb 22, 2016, at 4:06 PM, Jay Clubb > wrote: Starting to see more and more of this: ERROR: getpatch: Can't download daily-21400.cdiff from

Re: [clamav-users] email error submitting a virus sample

Kristen, We'll take a look. Please send us the hashes of the files. -- Joel Esler Manager, Talos Group Sent from my iPad On Feb 27, 2016, at 8:21 PM, Kristen > wrote: List, I just submitted to the virus submission webpage a new sample of a

Re: [clamav-users] Add virus databases and signatures from third-party vendors

-- Joel Esler Manager, Talos Group On Feb 28, 2016, at 8:26 AM, Theodore Alcapotaxis > wrote: --- alvarn...@mac.com wrote: From: Al Varnell > To: ClamAV users

Re: [clamav-users] Another submission of the JavaScript virus

Are you able to submit this file to us via ClamAV.net? -- Joel Esler Manager, Talos Group On Feb 19, 2016, at 8:39 PM, Gerald Venzl > wrote: Hi, I haven't heard anything back yet from my submission and as I'm new to

Re: [clamav-users] Virus-Datebase-Updates?

When you see “Added: No” in a virus report, 99x out of 100, that means its detected by something else. For example, the second one there, it has been submitted by 10 different entities, it must have been submitted (again) recently, and was detected by a signature that we’ve pulled. (it was a

Re: [clamav-users] Win.Adware.Softpulse-215 FP

I have been told that all of these have been corrected already. -- Joel Esler Manager, Threat Intelligence Team & Open Source Talos Group http://www.talosintel.com On Jan 18, 2016, at 1:51 AM, Al Varnell > wrote: I’m hearing from a couple of ClamXav

Re: [clamav-users] ClamAV DB support

You could just Use ClamAV. -- Joel Esler iPhone On Jan 27, 2016, at 4:50 AM, Matus UHLAR - fantomas > wrote: On 20.01.16 19:02, Julian DeMille wrote: Would it possible for me to use the ClamAV virus DB to supply my new program with virus

Re: [clamav-users] Successfully processed

We're double checking everything. Thanks for your patience. -- Joel Esler iPhone On Feb 15, 2016, at 4:53 AM, Mark Allan > wrote: Hi, I've been getting this for a few days. The first time I received it, the rogue sig was removed from the DB

Re: [clamav-users] Successfully processed

Gerald, We need to verify that we've received your file, and this is something we are working on. That being said, we receive millions of samples a day, so it helps, if you want to point out the hash of the file to us on the list, we can get to it. -- Joel Esler Manager, Talos Group Sent

Re: [clamav-users] Successfully processed

rse, I understand! What hash are you using? I couldn't see any on the website when submitting. Is it a regular SHA-256 hash? Also if it helps I can resubmit the file and send the hash and time of submission to this mailing list. Thx, Gerald On Feb 15, 2016, at 07:23, Joel Esler (jesler)

Re: [clamav-users] FP System

There actually is :). There are at least four parts to the FP reporting system, and I have my team on it. -- Joel Esler Manager, Talos Group On Feb 16, 2016, at 6:17 AM, Al Varnell > wrote: Agree. We’ve been saying this for a couple of days

[clamav-users] ClamAV FP/Malware Submissions

It appears that we have resolved the issue with FP/Malware submissions on ClamAV.net. We apologize for any error and inconvenience. Please let me know if you encounter any other errors. -- Joel Esler Manager, Talos Group ___

Re: [clamav-users] ClamAV FP/Malware Submissions

t the FPs we submitted over the last week-or-so, or did you actually receive them OK? Mark On 16 Feb 2016, at 11:48 pm, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: It appears that we have resolved the issue with FP/Malware submissions on ClamAV.net<http://cl

Re: [clamav-users] How can Clam/Cisco be so irresponsibly reckless and nonchalant to Windows users?

Okay, so this is a long email, let me respond inline: -- Joel Esler Manager, Talos Group On Feb 17, 2016, at 9:40 AM, Groach > wrote: Hello Ok, in short you know about the disaster last week where a single

Re: [clamav-users] How can Clam/Cisco be so irresponsibly reckless and nonchalant to Windows users?

Thank you for your input. We’ll take it under consideration for current efforts. On February 17, 2016 at 5:52:36 PM, Groach (groachmail-stopspammin...@yahoo.com) wrote: Hello Well I wasnt going to post any more but just to be sure I want to

Re: [clamav-users] How can Clam/Cisco be so irresponsibly reckless and nonchalant to Windows users?

On Wednesday 17 February 2016 12:01:11 Noel Jones wrote: On 2/17/2016 10:40 AM, Joel Esler (jesler) wrote: Okay, so this is a long email, let me respond inline: -- Joel Esler Manager, Talos Group Unfortunately, due to lack of quoting it's impossible to tell which parts are yours. -- Noel Jones

Re: [clamav-users] How can Clam/Cisco be so irresponsibly reckless and nonchalant to Windows users?

On Feb 18, 2016, at 4:01 AM, Mark Allan <markjal...@gmail.com<mailto:markjal...@gmail.com>> wrote: On 17 Feb 2016, at 11:21 pm, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: For my, I use Mail.app the majority of the time. Apparently if I

Re: [clamav-users] How can Clam/Cisco be so irresponsibly reckless and nonchalant to Windows users?

SEE. Didn’t do it right! Stupid mail.app. -- Joel Esler Manager, Talos Group On Feb 18, 2016, at 10:28 AM, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: On Feb 18, 2016, at 4:01 AM, Mark Allan <markjal...@gmail.com<mailto:markjal...@gmail.c

Re: [clamav-users] How can Clam/Cisco be so irresponsibly reckless and nonchalant to Windows users?

Allan <markjal...@gmail.com<mailto:markjal...@gmail.com>> wrote: On 18 Feb 2016, at 3:28 pm, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: Bottom posting with Mail.app now. Yeah, it’s how I did it that was the problem. I tried to make

Re: [clamav-users] ClamAV® blog: ClamAV will release a new main.cvd and daily.cvd this weekend.

t;> wrote: Will the update to main.cvd be distributed as .cdiff files or will every user have to download the main.cvd file in its entirety? Mark On 9 Mar 2016, at 10:45 pm, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: Correct. -- Joel Esler Manager, Talos Grou

Re: [clamav-users] Is ClamAV Community Threat Tracking System down?

Afaik, this hasn't been up in a long time. We took it down, I thought, when we redid the website. -- Joel Esler iPhone On Mar 18, 2016, at 6:30 PM, Dennis Peterson > wrote: Subject line was URL links on 3/17/2016. That was when Joel suggested

Re: [clamav-users] New ClamnAV database....test results for Clamwin

Thanks for the feedback! -- Joel Esler iPhone On Mar 17, 2016, at 4:55 AM, Groach > wrote: For your info: I run Clamwin, with the additional Clamd, and supplemented with Sane security definitions. I was VERY

Re: [clamav-users] clamav-virusdb mailing list - what is the use?

ahoo.com<mailto:groachmail-stopspammin...@yahoo.com>> wrote: On 11/03/2016 19:12, Joel Esler (jesler) wrote: If it is not useful to you, then unsubscribe from it, best advice. It is for notification of updates to the ClamAV signature database. Of course one can unsubscribe, and in fact *I*

Re: [clamav-users] Why did you block me clamAV page??

This was fixed yesterday. Apologize for the inconvenience. I appreciate you all being patient, lots of change going on here lately, for the better, but there is always some turmoil during change. Appreciate the patience and effort you’ve shown us! -- Joel Esler Manager, Talos Group On

Re: [clamav-users] [Clamav-mirrors] ClamAV Signature Interface has begun its migration!

as we’re ready to release the new database builds. We apologize for any inconvenience during this time. -- Joel Esler Manager, Talos Group On Mar 14, 2016, at 8:41 AM, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: On Mar 14, 2016, at 3:31 AM, And

Re: [clamav-users] ClamAV® blog: ClamAV will release a new main.cvd and daily.cvd this weekend.

ing it ~100M compressed. -Al- On Wed, Mar 09, 2016 at 01:36 PM, Benny Pedersen wrote: On 8. mar. 2016 04.00.59 "Joel Esler (jesler)" <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: http://blog.clamav.net/2016/03/clamav-will-release-new-maincvd-and.html The estimated size o

[clamav-users] ClamAV Signature Interface has begun its migration!

http://blog.clamav.net/2016/03/clamav-signature-interface-has-begun.html Beginning now, throughout much of the weekend, we've begun our ClamAV Signature Interface migration. This means we will not be publishing any ClamAV signatures until this process is complete. As I stated in my last blog

Re: [clamav-users] clamav-virusdb mailing list - what is the use?

If it is not useful to you, then unsubscribe from it, best advice. It is for notification of updates to the ClamAV signature database. As far as what those fields mean: Example: Submission-ID: 14926518 Sender: Virus Total Sender: VirScan.org Sender: Anonymous Sender:

Re: [clamav-users] Latest samba source contains Win.Trojan.Qhost-106?

The largest place where ClamAV is deployed is on mail gateways. However ClamAV is deployed everywhere. Desktops, servers, mail gateways, I’ve even heard of people compiling for their Android platform, and of course Windows. -- Joel Esler Manager, Talos Group On Mar 30, 2016, at 4:53 PM,

[clamav-users] ClamAV® blog: ClamAV Community Signature contest winner for March, 2016

http://blog.clamav.net/2016/04/clamav-community-signature-contest.html We'd like to congratulate our first winner of the monthly ClamAV Community Signature contest: Samuel Borell! Congratulations! Thank you for your contributions! For more information on how you can get involved in the

Re: [clamav-users] clamav on virus total

Those are unique. -- Joel Esler iPhone On Mar 17, 2016, at 4:41 PM, C.D. Cochrane > wrote: Thank you all for the replies. Just wanted to make sure my approach was logical, and VT is a reliable reference point for clamav comparison scanning. "millions of

Re: [clamav-users] clamav on virus total

Yes. They update constantly. We just aren't able to get to the millions of samples we receive a day. -- Joel Esler iPhone On Mar 17, 2016, at 4:04 PM, Helmut Hullen > wrote: Hallo, C.D., Du meintest am 17.03.16: My only question: Is clamav on

Re: [clamav-users] clamscan false positives

Best thing to do is submit them as false positives on ClamAV.net -- Joel Esler iPhone On Mar 17, 2016, at 6:54 AM, Thomas Stein > wrote: Hello Clamav users. Last week i started to check a gentoo distfiles directory with

Re: [clamav-users] [Community-sigs] ClamAV® blog: ClamAV Signature Interface maintenance is now complete! New Main.cvd!

der to avoid any surprises. Cheers, - Rafael Rafael Ferreira Uva Software, LLC | scanii.com<http://scanii.com> <http://scanii.com/> ? 623.252.0441 On Mar 16, 2016, at 8:24 PM, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: http://blog.clamav.ne

Re: [clamav-users] Locky Dridex plan

ecific about the manner in which this will take place? Does it just mean no support or do you plan to poison pill the database so the engine will no longer function, as has happened in the past. Sent from Janet's iPad -Al- On Mar 25, 2016, at 6:24 PM, "Joel Esler (jesler)" wrote: One step nee

Re: [clamav-users] Locky Dridex plan

We've completely rewritten the submission process as a result of feedback from the list. It should be functioning fine now. As far as a "plan" for addressing Dridex. We have a lot of things in the works now that we have a completely new signature system, giving us capabilities that we did

Re: [clamav-users] Locky Dridex plan

e: And I am guessing my Linux distro will not just seamlessly move on to 0.99 by itself with an "apt-get update". Sent: Friday, March 25, 2016 at 11:00 PM From: "Joel Esler (jesler)" <jes...@cisco.com<mailto:jes...@cisco.com>> To: "ClamAV users ML&quo

[clamav-users] ClamAV® blog: ClamAV Signature Interface maintenance is now complete! New Main.cvd!

http://blog.clamav.net/2016/03/clamav-signature-interface-maintenance.html ClamAV Signature Interface maintenance is now complete! New Main.cvd! Our ClamAV Signature Interface maintenance is now complete. While we

Re: [clamav-users] Is ClamAV Community Threat Tracking System down?

That's the way it used to be. Used to have openid as a log in option. -- Joel Esler iPhone On Mar 19, 2016, at 10:52 AM, Dennis Peterson > wrote: The DNS configuration for www.stats.clamav.net are suspect. I just

Re: [clamav-users] Signature updates?`

Paul, You are correct. We're going through testing right now, expect an announcement from me shortly. -- Joel Esler iPhone On Mar 16, 2016, at 11:04 AM, Paul Kosinski > wrote: Paul Kosinski

Re: [clamav-users] Problem with mirrors overnight?

It's possible they are overloaded. We released a new main.cvd and daily late last night. -- Joel Esler iPhone On Mar 17, 2016, at 8:41 AM, Alex > wrote: Hi, Is there currently an issue with the mirrors? I have at least two systems on two

Re: [clamav-users] Locky Dridex plan

We even have a list for package maintainers to sign up on, where I notify the maintainers of upcoming releases. Very little traffic. -- Joel Esler iPhone On Mar 26, 2016, at 9:31 PM, Benny Pedersen > wrote: one more reason to use gentoo where i created a

[clamav-users] ClamAV® blog: ClamAV will release a new main.cvd and daily.cvd this weekend.

http://blog.clamav.net/2016/03/clamav-will-release-new-maincvd-and.html ClamAV will release a new main.cvd and daily.cvd this weekend. As we periodically do, we will be releasing a new main.cvd and daily.cvd this coming weekend (March 12-13). We have completely re-written our signature

Re: [clamav-users] about countermeasure for false positive

I think your answer is pretty good. It’s clearly not every clean file in the world. But clean files are added to the FP test all the time. -- Joel Esler Manager, Talos Group On Mar 8, 2016, at 5:55 AM, Al Varnell > wrote: From previous

Re: [clamav-users] clamav email error after submission of a virus sample

ClamAV.net<http://clamav.net> is behind cloudflare. -- Joel Esler Manager, Talos Group On Mar 4, 2016, at 6:20 AM, Alessandro Vesely <ves...@tana.it<mailto:ves...@tana.it>> wrote: On Thu 03/Mar/2016 03:34:15 +0100 Joel Esler (jesler) wrote: We are working on the submis

[clamav-users] ClamAV® blog: ClamAV 0.99.1 has been released!

http://blog.clamav.net/2016/03/clamav-0991-has-been-released.html ClamAV 0.99.1 has been released! Join us in welcoming ClamAV 0.99.1 to the family! It is ready for immediate download at ClamAV.net's download site. As a reminder, this is the last release that

Re: [clamav-users] ClamAV® blog: ClamAV 0.99.1 has been released!

02:21 PM, Al Varnell wrote: Just curious to know what they finally got around to implementing. -Al- On Wed, Mar 02, 2016 at 01:09 PM, Joel Esler (jesler) wrote: http://blog.clamav.net/2016/03/clamav-0991-has-been-released.html ClamAV 0.99.1 has b

Re: [clamav-users] clamav email error after submission of a virus sample

knc, We are working on the submission process as we speak to make this simpler. I feel like a broken record saying this, but the submission process has changed a lot recently and we’re working on it -- Joel Esler Manager, Talos Group > On Mar 2, 2016, at 6:38 PM, knc wrote: >

Re: [clamav-users] clamav email error after submission of a virus sample

Vesely <ves...@tana.it<mailto:ves...@tana.it>> wrote: On Fri 04/Mar/2016 16:07:53 +0100 Joel Esler (jesler) wrote: ClamAV.net<http://clamav.net> is behind cloudflare. Right. Would those who made that decision blog a few lines telling something more than such statement, please

Re: [clamav-users] important message

May not have been. I just happened to see it, knew it was Crap and removed the user. Kinda standard procedure. If I had to guess, I'm betting pharma spam. I can sandbox it and see next time I'm at my desk. -- Joel Esler iPhone On Apr 3, 2016, at 7:29 PM, Gene Heskett

Re: [clamav-users] FP Win.Trojan.Agent-1395367

Yeah, sorry, I was swamped yesterday and didn’t get to follow up, we obviously dropped them both. -- Joel Esler Manager, Talos Group On Apr 21, 2016, at 4:08 AM, Al Varnell > wrote: Looks like the other was dropped, as well in Daily:21500

[clamav-users] ClamAV® blog: ClamAV 0.97 Engine End of Life Announcement

http://blog.clamav.net/2016/05/clamav-097-engine-end-of-life.html ClamAV 0.97 Engine End of Life Announcement ClamAV Community, This notice is to inform you that effective June 1, 2016, ClamAV 0.97 (and all minor versions) is no longer supported in accordance with ClamAV's EOL policy which

Re: [clamav-users] ClamAV+exim: scanner finds not a single malware

-- Joel Esler Manager, Talos Group On May 23, 2016, at 1:52 PM, C.D. Cochrane > wrote: My 2 cents would be that rapid traditional signature updates are not a viable solution to this long term problem. I'm pretty sure the current generation of Locky,

Re: [clamav-users] ClamAV+exim: scanner finds not a single malware

Every AV is losing. That’s why we’re working on alternative things at the same time. -- Joel Esler Manager, Talos Group On May 23, 2016, at 2:15 PM, C.D. Cochrane > wrote: Obviously going to disagree. We are pushing almost a thousand pieces of

Re: [clamav-users] Clam & safe browsing question/problem

This is something the team is actively working on. Please stay tuned. -- Joel Esler Manager, Talos Group On May 22, 2016, at 12:38 PM, TR Shaw > wrote: The following is safebrowsing’s test host name, malware.testing.google[.]test, and using google’s

Re: [clamav-users] Signature update schedule, and requirements for adding Signatures

Correct. Now that we are back to pushing updates every 4 hours, whereas most AV companies only push once or twice a day. -- Joel Esler Manager, Talos Group On May 17, 2016, at 10:20 AM, C.D. Cochrane > wrote: My 2 cents would be that rapid traditional

[clamav-users] ClamAV® blog: ClamAV 0.99.2 has been released!

http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html ClamAV 0.99.2 has been released! ClamAV 0.99.2 has been released, and is available for download at ClamAV.net's download site. Note: As previously discussed for the last three releases, we are

Re: [clamav-users] clamav malware reports Notify Me

No, I wouldn’t think so. But that’s that our bug is hoping to find out. -- Joel Esler Manager, Talos Group On May 5, 2016, at 2:15 PM, C.D. Cochrane > wrote: Ah, okay. A bug could explain a lack of notifications. Must one ALSO be subscribed to the

Re: [clamav-users] clamav malware reports Notify Me

Understood, hence the second part of my statement in my email: "We have a bug open with our team to check and see what the issue is with individual notification.” -- Joel Esler Manager, Talos Group On May 5, 2016, at 1:17 PM, C.D. Cochrane > wrote: I

Re: [clamav-users] ClamAV Digest weirdness

Interesting. I haven’t had any other reports of this.. I’ll keep an eye out -- Joel Esler Manager, Talos Group On May 6, 2016, at 12:17 PM, Paul Kosinski > wrote: Today (6 May), I received a single 1.22 MB Digest email with an

Re: [clamav-users] clamav malware reports Notify Me

After many complaints, we aren’t publishing the names in the virusdb email anymore. We have a bug open with our team to check and see what the issue is with individual notification. -- Joel Esler Manager, Talos Group On May 5, 2016, at 11:21 AM, Al Varnell

Re: [clamav-users] ClamAV - References

Do they also realize that (and I can guarantee it that) they are using “free open source initiatives” all over their bank? -- Joel Esler Manager, Talos Group On Apr 18, 2016, at 7:33 PM, Paul Kosinski > wrote: "However, as a bank, our

Re: [clamav-users] ClamAV - References

On Apr 19, 2016, at 8:15 AM, Leonardo Rodrigues > wrote: Em 18/04/16 12:13, Retailleau, Damien (GE Capital) escreveu: Hi ClamAV users, We are, at GEMB France, currently looking for a solution to scan files upload on our partner

Re: [clamav-users] CVE_2013_3860-1

aily Version:21971 Publisher: Alain Zidouemba New Sigs: 0 Dropped Sigs: 0 Ignored Sigs: 33 New Detection Signatures: Dropped Detection Signatures: But that question was asked in a different thread by a different user. -Al- On Tue, Jul 26, 2016 at 07:27 PM, Joel Esler (j

Re: [clamav-users] CVE_2013_3860-1

It may take more than one publish cycle to drop a sig. Publish cycles are at least every four hours. -- Joel Esler iPhone On Jul 26, 2016, at 10:16 PM, Al Varnell > wrote: Appears to be finally gone at this time.

Re: [clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

You're right. Nothing I said was negative. We know exactly what happens when our testing is done. We don't know in other cases. I didn't say anything about the quality of 3rd party signatures. In fact, the quality is so good, that's exactly why we are rolling out the program to protect

Re: [clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

Arnaud, Nothing I said was negative against 3rd party signature makers. I hope you are not upset by my comments. As I said, there is a ton of good content out there, and we want to get it out to more users. As far as feedback, I'll talk to our team. -- Joel Esler iPhone On Jul 14, 2016, at

<    1   2   3   4   5   6   7   8   9   10   >