Hi,
I just installed clamav-unofficial-sigs from [1] (master) and I'm
getting the following errors after a restart of Clamd:
=====================================================================================
=====================================================================================
Aug 15 13:42:42 mx0 clamd[11698]: Pid file removed.
Aug 15 13:42:42 mx0 clamd[11698]: --- Stopped at Mon Aug 15 13:42:42 2016
Aug 15 13:42:50 mx0 clamd[12509]: LibClamAV Error: yyerror():
/var/lib/clamav/antidebug_antivm.yar line 497 undefined identifier "pe"
Aug 15 13:42:50 mx0 clamd[12509]: LibClamAV Error: yyerror():
/var/lib/clamav/antidebug_antivm.yar line 512 undefined identifier "pe"
Aug 15 13:42:50 mx0 clamd[12509]: LibClamAV Error: yyerror():
/var/lib/clamav/antidebug_antivm.yar line 528 undefined identifier "pe"
Aug 15 13:42:50 mx0 clamd[12509]: LibClamAV Error: yyerror():
/var/lib/clamav/antidebug_antivm.yar line 544 undefined identifier "pe"
Aug 15 13:42:50 mx0 clamd[12509]: LibClamAV Error: yyerror():
/var/lib/clamav/antidebug_antivm.yar line 557 undefined identifier "pe"
Aug 15 13:42:50 mx0 clamd[12509]: LibClamAV Error: yyerror():
/var/lib/clamav/antidebug_antivm.yar line 603 undefined identifier "pe"
Aug 15 13:42:50 mx0 clamd[12509]: LibClamAV Error: yyerror():
/var/lib/clamav/antidebug_antivm.yar line 614 undefined identifier "pe"
Aug 15 13:42:50 mx0 clamd[12509]: LibClamAV Error: cli_loadyara:
failed to parse rules file /var/lib/clamav/antidebug_antivm.yar, error
count 7
Aug 15 13:42:54 mx0 clamd[12509]: LibClamAV Error: yyerror():
/var/lib/clamav/EMAIL_Cryptowall.yar line 34 duplicate identifier
"CryptoWall_Resume_phish"
Aug 15 13:42:54 mx0 clamd[12509]: LibClamAV Error: yyerror():
/var/lib/clamav/EMAIL_Cryptowall.yar line 52 duplicate identifier
"docx_macro"
Aug 15 13:42:54 mx0 clamd[12509]: LibClamAV Error: cli_loadyara:
failed to parse rules file /var/lib/clamav/EMAIL_Cryptowall.yar, error
count 2
Aug 15 13:42:56 mx0 clamd[12509]: Limits: Global size limit set to
104857600 bytes.
Aug 15 13:42:56 mx0 clamd[12509]: Limits: File size limit set to
26214400 bytes.
Aug 15 13:42:56 mx0 clamd[12509]: Limits: Recursion level limit set to 16.
Aug 15 13:42:56 mx0 clamd[12509]: Limits: Files limit set to 10000.
Aug 15 13:42:56 mx0 clamd[12509]: Limits: MaxEmbeddedPE limit set to
10485760 bytes.
Aug 15 13:42:56 mx0 clamd[12509]: Limits: MaxHTMLNormalize limit set
to 10485760 bytes.
Aug 15 13:42:56 mx0 clamd[12509]: Limits: MaxHTMLNoTags limit set to
2097152 bytes.
Aug 15 13:42:56 mx0 clamd[12509]: Limits: MaxScriptNormalize limit set
to 5242880 bytes.
Aug 15 13:42:56 mx0 clamd[12509]: Limits: MaxZipTypeRcg limit set to
1048576 bytes.
Aug 15 13:42:56 mx0 clamd[12509]: Limits: MaxPartitions limit set to 50.
Aug 15 13:42:56 mx0 clamd[12509]: Limits: MaxIconsPE limit set to 100.
Aug 15 13:42:56 mx0 clamd[12509]: Limits: PCREMatchLimit limit set to 10000.
Aug 15 13:42:56 mx0 clamd[12509]: Limits: PCRERecMatchLimit limit set to 5000.
Aug 15 13:42:56 mx0 clamd[12509]: Limits: PCREMaxFileSize limit set to
26214400.
Aug 15 13:42:56 mx0 clamd[12509]: Archive support enabled.
Aug 15 13:42:56 mx0 clamd[12509]: Algorithmic detection enabled.
Aug 15 13:42:56 mx0 clamd[12509]: Portable Executable support enabled.
Aug 15 13:42:56 mx0 clamd[12509]: ELF support enabled.
Aug 15 13:42:56 mx0 clamd[12509]: Mail files support enabled.
Aug 15 13:42:56 mx0 clamd[12509]: OLE2 support enabled.
Aug 15 13:42:56 mx0 clamd[12509]: PDF support enabled.
Aug 15 13:42:56 mx0 clamd[12509]: SWF support enabled.
Aug 15 13:42:56 mx0 clamd[12509]: HTML support enabled.
Aug 15 13:42:56 mx0 clamd[12509]: Self checking every 3600 seconds.
=====================================================================================
=====================================================================================
What library or module do I need to install in order to solve the problem?
My system:
Ubuntu 16.04 64-bit
ClamAV 0.99/22084/Mon Aug 15 09:52:50 2016
Thanks,
Michael
[1] https://github.com/extremeshok/clamav-unofficial-sigs
