[clamav-users] Mail contains virus ? MBL_162040584.UNOFFICIAL and some errors.
Thomas Barth
tbarth at txbweb.de
Fri Jul 22 12:01:59 UTC 2022
Hi!
Am 2022-07-22 13:31, schrieb G.W. Haywood via clamav-users:
> Having said that I don't see the problem that you've found. In case
> it helps you, here's the directory listing and md5sum of the file
> currently in use here. It's pretty old, and I can't say that I've
> noticed very many useful detections from it.
>
> 8<----------------------------------------------------------------------
> Downloaded from https://cdn.rfxn.com/downloads/maldet-sigpack.tgz:
>
> $ ls -l rfxn.yara ; md5sum rfxn.yara ; grep ^rule rfxn.yara | wc -l
> -rw-r--r-- 1 clamav clamav 410441 Aug 17 2020 rfxn.yara
> c8303441af0e8fac43cea4d8fb3dc5f7 rfxn.yara
> 783
> $
I already have the latest rfxn.yara version compared to your file. I get
the same output
ls -al /var/lib/clamav/rfxn.yara
-rw-r--r-- 1 clamav clamav 410441 Aug 17 2020 /var/lib/clamav/rfxn.yara
> Where did you get your copy from? Check that it isn't damaged, if it
> is I suggest that you move it out of your ClamAV signature directory
> and try another copy.
I use clamav-unofficial maintained by eXtremeSHOK
https://github.com/extremeshok/clamav-unofficial-sigs
>
> Are you sure you want to do all this with root permissions? :)
I will change the user next time, I promise! :)
Thomas B
More information about the clamav-users
mailing list